methods Archives

AppWizard

June 3, 2025

Facebook, Yandex Apps Secretly Track Users Via Hidden Ports, Research Claims

Recent findings from IMDEA Networks Institute indicate that Facebook and Instagram apps have been tracking Android users' web browsing activities without consent, bypassing privacy controls and functioning even in incognito mode. This tracking affects millions of websites using Meta's tracking code. Yandex has employed similar tracking techniques since 2017, creating a cross-platform surveillance network. The tracking exploits Android’s permission system by establishing background services that listen on network ports, allowing the apps to capture browsing data and associate it with users' accounts. Meta's pixel is present on about 5.8 million websites, while Yandex Metrica is on around 3 million sites, potentially impacting billions of users. Approximately 78% of sites with Meta’s pixel and 84% of Yandex's sites attempted localhost communications without user consent. This tracking method operates at the operating system level, unaffected by cookie clearing, incognito modes, or privacy settings. Researchers have demonstrated that malicious apps could exploit this technique to gather users' browsing histories. Many website operators were unaware of these localhost communications, leading to confusion and complaints. In response, major browser vendors are implementing measures to block these tracking methods. Meta ceased this tracking on June 3rd, coinciding with the research's public release. The research highlights a significant security gap in mobile platforms regarding localhost communications, emphasizing the need for stricter policies and vetting processes.

Tech Optimizer

June 3, 2025

I learned these 6 antivirus myths for PCs are completely wrong

Antivirus software on Windows was once essential due to security vulnerabilities, but built-in protection in Windows 8 and later versions often suffices for everyday use. Modern third-party antivirus applications are designed to be efficient and have minimal impact on system performance. All operating systems, including macOS, Linux, iOS, and Android, are susceptible to malware, contrary to the belief that only Windows needs antivirus protection. Manual virus scans are no longer necessary as modern solutions provide real-time monitoring. Antivirus software should be part of a broader security strategy that includes regular updates and secure online practices. Relying solely on cautious behavior is insufficient, as threats can emerge from various sources. Using antivirus software is still recommended, and users can complement built-in security features with third-party solutions.

Tech Optimizer

June 3, 2025

How we test antivirus software

Robust antivirus software is essential for protecting sensitive data in personal and business contexts. Different antivirus solutions vary in malware detection and overall protection. The ideal antivirus balances comprehensive coverage with system performance. Resources like AV-Comparatives and AV-Test provide impartial testing of antivirus capabilities, including real-world protection tests and evaluations of false alarms. Performance and customer support are critical factors in antivirus software evaluation. The impact on device speed and resource consumption is important, as is the quality of customer support for troubleshooting. Reliable support options enhance user satisfaction. Thorough testing of antivirus software is crucial due to the evolving tactics of cybercriminals. Not all antivirus solutions are equally effective, and rigorous evaluation helps identify subpar options and false positives. Free antivirus options may suffice for casual users, but premium versions often offer better features and protections. Meticulous testing ensures that security software meets its promises and helps users make informed decisions.

AppWizard

June 3, 2025

This Android loophole could have let your apps spy on your web browsing

Meta and Yandex have exploited a loophole in the Android operating system, allowing them to link web browsing data with app identities, bypassing privacy measures like incognito mode. This was revealed by researchers from the Local Mess project, who found that tracking scripts (Meta Pixel and Yandex Metrica) embedded in millions of websites transmit data from web browsers to apps such as Facebook, Instagram, and Yandex Maps through local network connections. Meta began using this technique in late 2024, while Yandex has been doing so since 2017. The loophole allows browser data to be sent to localhost, enabling apps to access it without user notification. In response, Meta has paused the feature and is working with Google to address the issue, which Google acknowledges violates Play Store policies. Some browsers are blocking this tracking, but researchers warn that solutions may be temporary without stricter restrictions on app access to local ports. The study indicates that most sites using these trackers start data collection immediately upon visiting, often before consent is requested. To prevent this tracking, users are advised to uninstall the affected applications.

AppWizard

June 2, 2025

Explore New Worlds and Sounds: How to Safely Download Minecraft APK and Spotify Premium APK

Smartphones are essential for accessing creative and entertainment applications like Minecraft and Spotify. The Minecraft APK allows users to play the game on unsupported devices, access updates without delays, and experiment with mods. The Spotify Premium APK enables ad-free streaming, offline downloads, and superior sound quality. Safe downloading involves choosing trusted sources, enabling "Unknown Sources" in device settings, installing cautiously while monitoring permissions, and keeping the device updated to prevent vulnerabilities.

AppWizard

June 2, 2025

Minebrowse Propels Minecraft Servers to New Heights with Marketing and Advertising Services

Minebrowse is a platform designed to help Minecraft server owners effectively market their servers and connect with players. It offers tools for creating detailed server listings, including descriptions, banners, IP addresses, and player counts. The platform benefits from strong Search Engine Optimization (SEO), enhancing the visibility of listed servers in search results. Minebrowse provides both basic and premium listing options, allowing server owners to choose features that suit their needs and budgets. The user experience is optimized for both server owners and players, with a searchable interface that allows players to filter servers by various criteria. Additionally, Minebrowse encourages community engagement through server voting, which boosts server rankings and fosters player loyalty.

Tech Optimizer

June 2, 2025

Key service for malware developers taken offline

The takedown of AVCheck, a major Counter Antivirus (CAV) service used by cybercriminals, disrupts their ability to test malware against antivirus detection, thereby hindering successful attacks. Matthijs Jaspers from the High Tech Crime Team highlighted that this operation is crucial in combating organized cybercrime, as it prevents early-stage criminal activities. The investigation revealed connections between AVCheck and other services like Cryptor.biz and Crypt.guru. Additionally, law enforcement has taken proactive measures, including deploying a fake login page to deter AVCheck users and collaborating with Project Melissa to target malware services. The need for coordinated efforts among various sectors is emphasized to effectively combat cybercrime.

Tech Optimizer

June 2, 2025

Hackers Allegedly Selling Windows Crypter Claims Bypass of All Antiviruses

Underground cybercriminal forums are seeing an increase in advanced malware tools, including a Windows crypter that claims to bypass major antivirus solutions. This crypter is marketed as fully activated and capable of achieving Full Undetectable (FUD) status against contemporary antivirus engines. It employs advanced obfuscation techniques to evade detection, including code injection methods, entropy manipulation, and anti-debugging features. The tool allows for granular control over obfuscation parameters, enabling customization for specific target environments. The rise of such sophisticated evasion tools poses challenges for traditional endpoint security, making organizations vulnerable if they rely solely on signature-based antivirus solutions. To defend against these threats, organizations should adopt multi-layered security architectures, including behavioral analysis and endpoint detection and response (EDR) solutions.

Winsage

May 31, 2025

New Malware Compromise Microsoft Windows Without PE Header

A new strain of malware has been operating undetected on Windows systems for several weeks, utilizing advanced evasion techniques that corrupt its Portable Executable (PE) headers to avoid detection. Security researchers discovered this malware embedded in the memory of a compromised system during an investigation, using a 33GB memory dump that revealed its presence in a dllhost.exe process with process ID 8200. The malware, classified as a Remote Access Trojan (RAT) by Fortinet, employs batch scripts and PowerShell commands for its attack and has capabilities for screenshot capture, remote server functionality, and system service manipulation. Its command and control infrastructure uses encrypted communications, complicating detection efforts. The malware's distinctive feature is the deliberate corruption of DOS and PE headers, which hinders reverse engineering and complicates the reconstruction of the executable from memory dumps. Researchers had to manually locate the malware’s entry point and resolve complex import tables for it to function in a controlled environment.

Winsage

May 30, 2025

WordPad is dead in Windows 11, but Notepad is absorbing its skills

Microsoft has announced updates to Notepad, integrating "lightweight formatting" capabilities that include support for markdown input and file formats, bold and italic fonts, and hyperlinks, accessible via a new toolbar. These features are not in testing and will be available on Windows PCs soon. This shift follows the retirement of WordPad in late 2023, leaving a gap for basic text editing. The enhancements position Notepad as a viable replacement for WordPad. Additionally, Microsoft is introducing the Edit app, an open-source command-line interface, to complement Notepad's new features and improve user experience.