malware attacks Archives

Winsage

June 10, 2026

Windows 11 Settings You Should Change in 2026：A 9-Point Speed, Privacy, and Security Checklist

On June 9, 2026, Microsoft released a major security update addressing around 200 vulnerabilities, including three critical zero-day exploits. This update coincides with the expiration of Secure Boot certificates that have been in place since 2011. Users are advised to review their Windows 11 settings to ensure security and optimization during this transition. Key actions include installing the June update, enabling faster delivery of updates, turning on Core Isolation memory integrity, activating Controlled folder access against ransomware, confirming drive encryption, disabling the advertising ID, minimizing diagnostic data, auditing camera and microphone permissions, disabling unnecessary startup applications, enabling Storage Sense, adjusting power mode settings, and tuning visual effects for better performance.

AppWizard

June 8, 2026

NFCShare Android malware spreads via fake banking app updates on GitHub

New variants of the NFCShare Android malware are disguised as fake updates for legitimate banking applications and are targeting customers of various banks in Europe through a phishing campaign to steal sensitive payment card data. The malware prompts victims to place their cards near the NFC chip of their mobile devices, using Android’s IsoDep interface to read card information, including card number, type, expiry date, and a 4-digit PIN. The stolen data is exfiltrated to the attacker’s command-and-control host via a WebSocket channel. Recent attacks began on May 14, with victims directed to a phishing site that impersonates a legitimate bank and then to a GitHub repository hosting a malicious APK file. The repository has hosted 56 unique APKs impersonating banking applications primarily from Italy and Spain. The malware has evolved from initially targeting Deutsche Bank in Germany to a broader range of banks. The latest version features malformed APK packaging to complicate automated analysis. Users are advised to download banking applications only from Google Play and to be cautious of verification requests that ask for NFC card scans.

Tech Optimizer

June 4, 2026

How We Test Antivirus and Security Software

Most software applications clearly indicate their functionality, but the effectiveness of antivirus utilities is often less tangible. PCMag rigorously evaluates antivirus products through comprehensive tests that validate their claims, including real-world malware samples and various protective measures. Each antivirus tool is assessed based on its on-demand scanner and real-time monitor capabilities. PCMag compiles fresh malware samples annually, analyzing them to ensure they are suitable for testing. The testing process includes evaluating malware-blocking capabilities and web-level protection against known malware-hosting sites. Phishing site detection is also tested using recent URLs, and antispam testing has been simplified due to the effectiveness of email providers. Performance impact tests have been discontinued as modern security suites show improved efficiency. Firewall protection is evaluated through program control, exploit defenses, and overall resilience against malware. Parental control features are tested for effectiveness in content filtering and monitoring. Ransomware protection is assessed by releasing real-world samples in a controlled environment. PCMag monitors independent antivirus lab tests from various organizations, including AV-Test, AV-Comparatives, SE Labs, MRG-Effitas, and AVLab, to inform their reviews. An aggregate testing score is calculated to summarize lab results. Testing methodologies do not include VPN evaluations, which are covered separately.

Tech Optimizer

June 3, 2026

Endpoint Security Statistics By Market Share And Insights (2026)

Endpoints are critical computing devices connected to networks, including personal computers, tablets, smartphones, and smart appliances, and are often targeted in cyberattacks. Robust endpoint security is essential, especially in business environments with sensitive data. Endpoint protection solutions include antivirus software, endpoint detection and response (EDR) systems, and multi-factor authentication. - 81% of businesses have faced malware-related attacks. - 59% of ransomware incidents compromise data stored in public cloud environments. - In 2023, the average cost associated with breach detection and escalation reached USD 1.58 million. - 97% of executives access work accounts via personal devices. - During Q3 2024, malware detections at endpoints surged by 300%. - 13% of employees reported being victims of phishing attacks while working remotely. - 70% of employees using ChatGPT in the workplace do so without informing their employers. - 68% of companies have reported at least one successful endpoint attack that compromised their data or IT infrastructure. - 55% of professionals consider smartphones among the most vulnerable endpoints. - 47% of organizations monitor their networks around the clock. - The global financial impact of cybercrime is projected to exceed .5 trillion annually by 2025. - In 2021, 53% of organizations experienced successful ransomware attacks, marking a 148% increase from 2020. - Paying a ransom can double the total cost of a ransomware incident. - 40% of organizations delay patch rollouts to avoid potential conflicts. - 67% of IT professionals believe that Bring Your Own Device (BYOD) policies have weakened their organization's security posture. - 69% of Chief Information Security Officers (CISOs) expected at least one ransomware attack in 2022. - Only 50% of organizations encrypt sensitive data on their devices. - Organizations with a high number of remote workers face the greatest risks regarding endpoint security threats. - The endpoint security market is anticipated to grow from USD 13.37 billion in 2023 to USD 31.2 billion by 2032, with a compound annual growth rate (CAGR) of 12.1%. - Approximately 70% of companies plan to increase their investment in endpoint security solutions over the next two years. - The average financial impact of a data breach is estimated at around USD 4.88 million. - In 2023, the highest costs related to breaches were linked to detection and escalation, averaging USD 1.58 million. - As of 2024, the United States has the highest average cost of data breaches globally at USD 9.36 million. - A significant breach affecting 50 to 60 million records in 2024 is expected to cost USD 375 million. - Organizations facing compliance challenges typically incur an average breach cost of USD 5.05 million. - 40% of organizations admit to postponing patch implementations to avoid potential conflicts. - 92% of remote employees report using personal smartphones or tablets for work tasks. - 80% of executives are inclined to send work-related messages from personal devices. - 80-90% of successful ransomware attacks originate from unmanaged devices. - 62% of cybersecurity experts cite data loss and leaks as their primary concerns regarding BYOD policies. - 36% of employees using personal devices for work admit to delaying security updates. - 71% of employees store sensitive work passwords on personal phones. - 67% of organizations work with multiple vendors for management and security across various device types. - Only 42% of surveyed companies have a solution to proactively identify sensitive data on employee devices. - 38% of employees state that their employer lacks BYOD policies, or that existing policies are often disregarded. - There was a 300% increase in malware detections at endpoints during Q3 2024. - In 2024, a data breach involving Twilio compromised 33 million phone numbers linked to Authy accounts. - 90% of successful cyberattacks and up to 70% of data breaches originate from endpoint devices. - 54% of security experts reported that over 20% of their total endpoints were unmanaged. - 67% of Managed Service Providers (MSPs) faced AI-driven threats in the past year. - Among HR professionals who offboarded employees in the last year, 71% reported that at least one employee failed to return company-owned devices. - 65% of employees indicated they often bypass organizational security protocols to enhance productivity. - Over 90% of security incidents related to lost or stolen devices lead to unauthorized data breaches. - 13% of employees admit to being victims of phishing attacks while working remotely. - 63% of companies may have former employees retaining access to organizational data. - 62% of employees acknowledged transferring company intellectual property to personal devices. - 59% of stolen company-owned devices contained sensitive information. - Gartner estimates that shadow IT accounts for 30-40% of IT expenditures in large organizations. - 80% of employees engage in shadow IT activities. - 76% of small and medium-sized businesses (SMBs) believe shadow IT poses a security risk. - 58% of SMBs have encountered significant shadow IT initiatives without the knowledge of their official IT departments. - 30% of IT leaders cite information security as the primary challenge to adopting BYOD policies. - The prevalence of shadow IT has surged by 59% due to remote work. - 70% of employees using ChatGPT in the workplace do so without employer knowledge. - 32% of remote and hybrid employees use applications or software not sanctioned by IT. - 59% of organizations have experienced data loss due to cloud-based shadow IT. - ChatGPT is the most frequently used unauthorized application among employees. - By 2027, it is projected that 75% of employees will acquire, modify, or create technology beyond IT's visibility. - The trend of paying ransoms has increased; over 47.8% of companies chose to pay in Q3, rising to 59.6% in Q4. - Tanium raised USD 300 million in Series G funding, resulting in a valuation of USD 9 billion. - Cybereason secured USD 275 million in Series F funding. - SentinelOne acquired Attivo Networks in a transaction valued at USD 616 million.

AppWizard

May 29, 2026

Android App Security Essentials: How to Build Secure Mobile Applications

Mobile applications have transformed business operations and communication, becoming essential in various industries. As reliance on mobile technology increases, organizations face cybersecurity challenges such as malware, unauthorized access, data leaks, and phishing. This has led to a focus on Android app security, with businesses implementing advanced protection strategies. To address cybersecurity threats, modern Android applications require multiple security layers. Secure coding practices minimize vulnerabilities through structured frameworks, automated testing, and regular code reviews. Strong user authentication systems, including multi-factor authentication and biometric verification, protect against unauthorized access. Data encryption secures sensitive information during transmission and storage, helping organizations comply with data protection regulations. Malware attacks are a significant concern, prompting developers to implement anti-malware frameworks and application shielding technologies. To prevent reverse engineering, developers use code obfuscation and tamper detection systems. Managing mobile device permissions securely is crucial to protect sensitive user information. Emerging technologies, such as artificial intelligence, enhance mobile security by improving threat detection and response. DevSecOps integrates security practices into the development lifecycle, allowing for continuous vulnerability identification. Robust endpoint protection solutions monitor devices for malware and unauthorized access, supporting stronger cybersecurity governance across mobile ecosystems.

Winsage

May 20, 2026

MSHTA abuse helps malware hide in Windows processes

Bitdefender's research highlights the use of Microsoft's MSHTA utility in malware attacks, noting its default activation in Windows systems. Cybercriminals exploit MSHTA to execute malicious scripts under the guise of legitimate processes, linking it to various malware families like LummaStealer and PurpleFox. The study reports a rise in MSHTA-related detections, indicating a shift towards "living-off-the-land" tactics that utilize legitimate tools to evade security alerts. Social engineering is identified as a common entry point for attacks, employing deceptive methods such as fake software downloads and phishing links. MSHTA can retrieve and execute additional payloads through multi-stage chains, complicating detection efforts. The attacks target sensitive information, including credentials and financial data, and the continued presence of MSHTA poses risks as it allows threat actors to conceal malicious actions. To mitigate these threats, organizations are advised to restrict or disable legacy scripting tools and exercise caution with untrusted downloads. The report emphasizes the challenge of detecting unusual behaviors associated with legitimate utilities in the context of cyber threats.

Tech Optimizer

May 5, 2026

The best mobile antivirus software of 2026: Expert tested and reviewed

Bitdefender Mobile Security is currently regarded as the best mobile antivirus software, achieving a 100% detection rate for malware on Android devices according to AV-TEST's August 2025 report. The 2026 version introduces App Anomaly Detection and includes features like Scam Alert and anti-theft tools. Sophos Intercept X for Mobile offers a free version with a perfect score in AV-TEST's comparisons and features such as multi-factor authentication and a Privacy Advisor. Surfshark Antivirus, part of the Surfshark One package, scored six out of six in AV-TEST's evaluations and includes various security tools, but is only available for Android, macOS, and Windows. Avast Mobile Security is a popular free option with robust features and achieved perfect scores in protection and usability in AV-TEST's September-October 2025 report. AVG Antivirus, operating on the same engine as Avast, also detected 100% of malware in AV-TEST's March-April 2025 evaluations and includes anti-theft tools.

Winsage

April 24, 2026

Microsoft to roll out Entra passkeys on Windows in late April

Microsoft will introduce passkey support for phishing-resistant passwordless authentication on Microsoft Entra-protected resources starting in late April, with broader availability expected by mid-June 2026. This feature will allow passwordless sign-in on unmanaged Windows devices and will support various device types, including corporate, personal, and shared options. Administrators can manage passkeys through Conditional Access and Authentication Methods policies. Users can create device-bound passkeys stored securely within the Windows Hello container, using methods like facial recognition, fingerprint scanning, or a PIN. The passkeys will adhere to FIDO2 standards and will be securely bound to individual devices, preventing transmission over the network to enhance security against phishing and malware attacks. Microsoft has also announced plans for mandatory multifactor authentication registration for Entra tenants by October 2024 and that all new accounts will be passwordless by default starting in May 2025.

Tech Optimizer

April 10, 2026

Popular Monitor Utilities, CPU-Z And HWMonitor, Have Been Infected With Malware

Recent reports indicate that the hardware monitoring tools HWMonitor and CPU-Z have been compromised, leading to users downloading malware instead of the legitimate software. Users reported receiving suspicious executable files and antivirus alerts when attempting to download the latest versions. A specific incident involved a user who downloaded HWMonitor from the official CPUID website, only to find the file was labeled incorrectly and flagged as a virus by Windows Defender. Cybersecurity experts confirmed that this is a serious issue involving a multi-stage trojanized attack from a compromised domain. The developer of CPU-Z and HWMonitor acknowledged that a secondary feature linked to the website was compromised for about six hours, causing the main website to display incorrect files. Users are advised to refrain from downloading or updating these utilities until the issue is resolved.

Tech Optimizer

March 24, 2026

This tax-themed malvertising attack can blind security software before it arrives — and then unleashes ransomware

Cybercriminals are targeting taxpayers with phishing schemes and malware attacks as the April 15 tax deadline approaches. They create fake tax form websites that appear in Google Ads, leading users to download malicious software like ScreenConnect, which can disable device security. These tactics aim to steal sensitive information and potentially facilitate ransomware attacks. Counterfeit Chrome updates are also being used in similar schemes. Taxpayers are advised to verify the authenticity of websites and rely on trusted sources to protect their personal information.