media files Archives

AppWizard

March 31, 2025

Android users ALERT! Google has an update but you need to stop installing THESE apps?

Google's AI-driven threat detection and security measures blocked approximately 2.36 million policy-violating applications from being released on the Play Store last year. In February, Google removed hundreds of malicious applications that were infecting devices with adware and malware. Over 50 times more Android malware originates from internet-sideloaded sources compared to those found on the Play Store. Google is expanding its Play Protect feature across all applications and the upcoming Android 15 will introduce live threat detection. Sophos warned about PJobRAT malware, which can steal SMS messages, contacts, and files from infected Android devices. Experts advise against sideloading apps unless their legitimacy and security are certain.

AppWizard

March 28, 2025

Hackers target Taiwan with malware delivered via fake messaging apps

Recent research from cybersecurity firm Sophos has identified the use of PJobRAT malware targeting users in Taiwan through instant messaging applications SangaalLite and CChat, which mimic legitimate platforms. These malicious apps were available for download on various WordPress sites, now taken offline. PJobRAT, an Android remote access trojan first identified in 2019, has been used to steal SMS messages, contacts, device information, documents, and media files. The recent cyber-espionage initiative lasted nearly two years, affecting a limited number of users, indicating a targeted approach by the attackers. The latest version of PJobRAT lacks the ability to steal WhatsApp messages but allows attackers greater control over infected devices. The distribution method for these apps remains unclear, but previous campaigns involved third-party app stores and phishing pages. Upon installation, the apps request extensive permissions and provide basic chat functionalities. Sophos researchers note that threat actors often refine their strategies after campaigns, suggesting ongoing risks.

AppWizard

March 28, 2025

PJobRAT Android RAT as Dating & Instant Messaging Apps Attacking Military Personnel

PJobRAT is an Android Remote Access Trojan (RAT) that re-emerged in 2023 with improved capabilities and a refined targeting strategy, previously known for attacking Indian military personnel in 2021. It is now targeting users in Taiwan through social engineering tactics, disguising itself as legitimate dating and messaging apps. The malware is distributed via compromised WordPress sites hosting fake applications like “SaangalLite” and “CChat.” The infection footprint is small, indicating highly targeted attacks rather than widespread campaigns. PJobRAT retains its core functionality of exfiltrating sensitive information, including SMS messages, contacts, and media files, while enhancing command execution capabilities. Upon installation, the malicious apps request extensive permissions to operate continuously in the background. The malware uses a dual-channel communication infrastructure, with Firebase Cloud Messaging (FCM) as the primary command channel and a secondary HTTP-based channel for data exfiltration to a command-and-control server. The campaign appears to have concluded, but the evolution of PJobRAT highlights the ongoing threat of sophisticated mobile malware targeting high-value individuals.

AppWizard

March 28, 2025

PJobRAT makes a comeback, takes another crack at chat apps

In 2021, PJobRAT, an Android Remote Access Trojan (RAT), targeted Indian military personnel through deceptive apps. A new campaign was discovered in 2023, focusing on users in Taiwan, with malicious apps like ‘SangaalLite’ and CChat disguised as instant messaging applications. These apps were available for download from WordPress sites, which have since been taken down. The campaign began in January 2023, with domains registered as early as April 2022, and the latest sample detected in October 2024. The number of infections was low, indicating a targeted approach rather than a broad attack. The distribution methods remain unclear, but may involve SEO poisoning, malvertising, or phishing. Once installed, the apps request extensive permissions and feature basic chat functionality. Recent versions of PJobRAT have shifted from stealing WhatsApp messages to executing shell commands, allowing greater control over compromised devices. PJobRAT communicates with its command-and-control (C2) servers using Firebase Cloud Messaging (FCM) and HTTP, enabling the upload of various data types, including SMS, contacts, and files. The now inactive C2 server was located in Germany.

Winsage

March 11, 2025

Windows 11 KB5053598 & KB5053602 cumulative updates released

Microsoft has released two cumulative updates for Windows 11: KB5053598 for version 24H2 and KB5053602 for version 23H2, which include essential security patches from the March 2025 Patch Tuesday. Users can install these updates via Start > Settings > Windows Update or manually from the Microsoft Update Catalog. After installation, the build number for Windows 11 24H2 will be 26100.3476 and for 23H2 it will be 22631.5039. The updates introduce new features such as an Xbox advertisement in the Settings menu, the ability to share files from a jump list, enhancements to Windows Spotlight, a new “Like” button for lock screen images, improved Narrator functions, and a referral card for PC Game Pass subscriptions. File Explorer now allows users to snooze backup reminders and fixes have been made for performance issues and audio problems. A known issue for version 24H2 is that users cannot download and play Roblox on Arm devices, and both versions may show an incorrect Event 7023 error in EventViewer related to SgrmBroker.exe, which Microsoft plans to address in a future update.

Winsage

March 11, 2025

: Microsoft fixes Windows 11 File Explorer’s more annoying issues for Patch Tuesday

Windows 11 users can find relief from bugs in File Explorer with the KB5053598 update, released as part of Microsoft's Patch Tuesday. This update addresses issues such as mislabeling of hard drives as solid-state drives, color mismatches in the Start menu, improved loading times for folders with many media files, a non-responsive address bar, and enhanced context menu support for cloud files. The update also introduces new features like the ability to share files from the taskbar jump list, hover information for Windows Spotlight background images, and improved navigation functions for the Narrator. Additionally, it includes fixes for Hyper-V, Daylight Saving Time updates for Paraguay, and Remote Desktop display issues. Older versions of Windows receive standard security fixes without significant changes.

AppWizard

March 9, 2025

New Android Spyware Warning—Do Not Play This Video

A new malware targeting Android users on Telegram has been discovered, involving videos that conceal malicious code activated upon download. The malware, named EvilLoader, exploits how Telegram processes media files, misclassifying '.htm' files as videos, which allows HTML code to execute in a browser. This malware can lead to credential theft, private data loss, and the installation of banking trojans. It can bypass security measures by redirecting users to their browsers or prompting them to open files as HTML documents, executing malicious JavaScript that sends IP information to attackers. EvilLoader has evolved to check for sandbox environments and generate fake security warnings. Users are advised to update their Telegram app and be cautious with unfamiliar video files. Telegram has stated that the exploit does not indicate a flaw in their platform and has implemented a server-side fix for enhanced protection.

Winsage

February 27, 2025

Microsoft battles more bugs in Windows 11 24H2 with new round of patches

Microsoft released an optional update, KB5052093, for Windows 11 24H2 to address persistent bugs. Users may need to manually download and install this update as it is being rolled out gradually. The update includes fixes for File Explorer, improving performance with media files, context menu response for cloud files, and the reliability of the address bar. It resolves issues with color displays in the Start menu, hard drive misidentification in Task Manager, Guest account sign-ins, custom mouse pointer colors after UAC prompts, and audio bugs related to volume spikes and USB devices. Connectivity issues with Remote Desktop and display rendering problems have been fixed, along with improvements to drag-and-drop functionality and an error message in the Settings screen. New features include file sharing from the Taskbar jump list, simultaneous camera access for multiple applications, enhancements to Windows Narrator for easier navigation, and a more user-friendly Windows Spotlight. A referral card for PC Game Pass may also appear for eligible users. The update can be checked via Settings under Windows Update, and the official version will be released on March 11.

Winsage

February 26, 2025

I have good news and bad news about Windows 11 24H2’s new update: it introduces nifty features and fixes… but also includes another ad

Microsoft has released an optional patch for Windows 11 24H2, identified as KB5052093, which includes enhancements and fixes. Notably, the update introduces a referral card for a PC Game Pass subscription within the Settings app for users signed in with a Microsoft account. This advertisement allows users to invite friends and family to try the service for free if they qualify. The update also features the ability to share files directly from a jump list on the taskbar, new functionalities in the Narrator tool for accessibility, simultaneous webcam access for multiple applications, and various bug fixes in File Explorer. The advertisement will become mandatory with the March patch, and will only be visible to Microsoft account users who are PC Game Pass subscribers.

Winsage

February 26, 2025

Optional Windows 11 24H2 update brings fixes and more advertising

The optional KB5052093 update for Windows 11 24H2 introduces new camera options that allow users to use their cameras across multiple applications simultaneously, accessible through Settings > Bluetooth & devices > Cameras. A new "basic camera" mode has also been added for troubleshooting. Enhancements to the taskbar enable file sharing from a drop-down menu when right-clicking on an app, and File Explorer improvements include the ability to snooze or disable "Start backup" reminders, better performance with media files, consistent thumbnails for cloud files, and a fix for misdirected URLs. Microsoft has begun integrating advertisements for Game Pass Ultimate and PC Game Pass into the Windows 11 interface, appearing for users logged in with a Microsoft account linked to Game Pass. Additionally, the update resolves issues such as volume maxing out from standby mode and misidentification of HDDs as SSDs in Task Manager. The update is optional and must be manually installed.