monitor Archives

AppWizard

March 3, 2026

Should Marathon change its divisively fast Server Slam time-to-kill?

Marathon's four-day Server Slam concluded, with Bungie analyzing player feedback and statistics. A notable metric was the number of bottles of alien milk stolen from Tau Ceti. Bungie is considering changes to the time-to-kill (TTK) mechanics and the introduction of a duo queue, amidst divided community opinions on gameplay pace. The current TTK is fast, leading to quick eliminations, while the game's revive system allows teammates to bring back fallen players, affecting combat dynamics. Players are encouraged to be cautious and strategic due to the rapid pace and limited resources available during the Server Slam. Adjustments to TTK could disrupt the game's balance, and Bungie is monitoring feedback closely before the official launch.

Winsage

March 3, 2026

New Defender deployment tool streamlines Windows device onboarding with single executable

Microsoft has enhanced its Defender deployment tool for Windows to streamline the onboarding process for device security management. The tool now features improved progress visibility and additional administrative controls, consolidating onboarding files into a single downloadable .exe file for both modern and legacy systems. It supports silent and non-interactive options for large-scale deployments, integrates with Group Policy or Configuration Manager, and allows for custom package identifiers. Administrators can monitor deployment events through the device timeline and advanced hunting tabs for real-time insights. The updated tool is accessible via Settings > Endpoints > Onboarding > Windows and extends support to Linux. Comprehensive onboarding and offboarding guides are available on the Defender portal.

AppWizard

March 3, 2026

Blender temporarily abandons Apple iPad app development in favor of Android

Blender has integrated with GitHub to enhance its collaborative capabilities, allowing users to share projects and collaborate in real-time. This integration enables users to track changes, merge different project branches, and engage with the community for feedback and suggestions.

Winsage

March 3, 2026

PoC Exploit Released for Windows Error Reporting ALPC Privilege Escalation

A critical local privilege escalation vulnerability, tracked as CVE-2026-20817, affects Microsoft Windows through the Windows Error Reporting (WER) service. This flaw allows authenticated users with low-level privileges to execute arbitrary code with full SYSTEM privileges. The vulnerability resides in the SvcElevatedLaunch method (0x0D) and fails to validate user permissions, enabling attackers to launch WerFault.exe with malicious command-line parameters from a shared memory block. The exploit affects all versions of Windows 10 and Windows 11 prior to January 2026, as well as Windows Server 2019 and 2022. Microsoft addressed this vulnerability in the January 2026 Security Update. Organizations are advised to apply security patches and monitor for unusual WerFault.exe processes.

AppWizard

March 2, 2026

Best Secure and Encrypted Messaging Apps in 2026

Your text messages and calls can be intercepted by hackers, corporations, and government entities, putting your private information at risk. Corporations may use your messages for targeted advertising or sell your data, while hackers may exploit it for identity theft or fraud. Governments may monitor communications under the guise of national security. Secure messaging apps are essential to protect your communications, as many default options expose sensitive information through metadata or lack proper security. Signal is recognized as the most secure messaging app, offering end-to-end encryption, being open-source, and free of charge, though it requires a phone number for registration. Threema allows complete anonymity without data collection but has no free version. Telegram, while popular, has security concerns as not all communications are end-to-end encrypted by default. WhatsApp and Keybase are discouraged due to ownership issues affecting privacy. Characteristics to look for in a secure messaging app include end-to-end encryption, third-party testing, open-source code, self-destructing messages, and minimal user data collection.

Winsage

March 2, 2026

RAT Malware Via Windows Explorer Puts Crypto at Risk

Cofense Intelligence reported that threat actors are exploiting Windows File Explorer and WebDAV servers to deliver Remote Access Trojans (RATs) to corporate systems, bypassing browser security measures. This method allows attackers to infiltrate machines without using web browsers, taking advantage of File Explorer's ability to connect to remote WebDAV servers. Despite WebDAV being deprecated by Microsoft in November 2023, it is still supported in Windows, creating a vulnerability. The campaigns began in February 2024, with a significant increase in September 2024, and 87% of these campaigns deliver multiple RATs, including XWorm, Async RAT, and DcRAT. Victims typically receive phishing emails disguised as invoices, containing URL or LNK shortcut files that initiate a WebDAV connection. The attacks often utilize Cloudflare Tunnel for hosting malicious WebDAV servers, making the traffic appear legitimate. Notably, 50% of affected campaigns are in German, while 30% are in English. The report emphasizes the risks posed to individuals holding digital assets, as RATs can access sensitive information, including crypto wallet files. Organizations are advised to monitor network traffic for Cloudflare Tunnel instances and educate users about the risks associated with File Explorer's capabilities.

Winsage

March 2, 2026

Fake Xeno and Roblox Utilities Used to Install Windows RAT, Microsoft Warns

Cybersecurity experts at Microsoft Threat Intelligence have identified a trend where attackers distribute counterfeit gaming tools that install a remote access trojan (RAT) on users' systems. These trojanized executables, such as Xeno.exe or RobloxPlayerBeta.exe, are shared through browsers and chat platforms. The initial executable acts as a downloader, installing a portable Java runtime environment and launching a harmful Java archive, jd-gui.jar. Attackers use built-in Windows tools to execute commands via PowerShell and exploit trusted system binaries, minimizing detection risk. The embedded PowerShell script connects to remote locations, downloads an executable as update.exe, and executes it. The malware erases evidence of the downloader and modifies Microsoft Defender settings to allow RAT components to function undetected. It establishes persistence through scheduled tasks and a startup script named world.vbs, enabling prolonged access to the compromised device. Microsoft Defender can detect the malware and its behaviors, and organizations are advised to monitor outbound traffic and block identified domains and IP addresses. Users are encouraged to scrutinize Microsoft Defender exclusions and scheduled tasks for irregularities and remain cautious about downloading tools from unofficial sources.

Winsage

March 1, 2026

Hackers Abuse Windows File Explorer and WebDAV for Stealthy Malware Delivery

Cybercriminals are exploiting a legacy feature in Windows File Explorer, specifically the WebDAV protocol, to distribute malware and bypass traditional security measures. Despite Microsoft deprecating native WebDAV support in November 2023, it remains active on many systems. Attackers use WebDAV to deceive victims into executing malicious payloads by sending links that connect File Explorer directly to remote servers, avoiding web browsers and their security warnings. They employ methods such as direct linking, URL shortcut files, and LNK shortcut files to deliver exploits. The primary objective of these campaigns, which surged in late 2024, is to deploy Remote Access Trojans (RATs), with 87% of Active Threat Reports involving multiple RATs like XWorm RAT, Async RAT, and DcRAT. These campaigns predominantly target corporate networks in Europe, with many phishing emails written in German and English. Attackers use short-lived WebDAV servers hosted on Cloudflare Tunnel demo accounts to obscure their infrastructure. Security analysts are advised to monitor unusual network activity from Windows Explorer and educate users to verify addresses in File Explorer.

AppWizard

February 28, 2026

Best Marathon settings for peak gaming PC performance

Bungie's multiplayer FPS, Marathon, is currently in an early Server Slam until March 2, with a full release on March 6. The game is designed to be accessible on mid-range PCs and does not require high-end GPU power. Initial settings for optimal performance include Vsync on, frame rate cap off, field of view at 90°, and high graphics quality. Players can expect an average frame rate of 84fps with 60fps for 1% lows. The game is not compatible with the Steam Deck due to BattleEye anti-cheat technology but runs smoothly on other Windows-based handheld devices. While an SSD is not required, it is recommended for better load times. Performance monitoring can be done via a built-in FPS counter or overlays from Nvidia and AMD.

Winsage

February 27, 2026

Announcing Windows 11 Insider Preview Build 26220.7934 (Beta Channel)

Windows 11 Insider Preview Build 26220.7934 (KB5077242) has been released to the Beta Channel. Key updates include: - Enhanced security and performance for batch files with a new secure mode that ensures batch files remain unchanged during execution, improving performance and security. - Shared audio feature now includes individual volume sliders for each listener and a taskbar indicator for ongoing audio sharing sessions. - A new command for Narrator users allows reading the status bar contents in applications like Word and Excel. - The rollout of improved taskbar animations has been temporarily paused. - Reliability improvements for removing Windows Update files and windows.old files. - Enhanced typing reliability with the ADLaM keyboard. - The Paint app has introduced a freeform rotate feature for shapes, text, and selections. Insiders can access these updates through Settings > Windows Update, and features may be gradually rolled out using Controlled Feature Rollout technology. A desktop watermark is displayed for Windows Insider pre-release builds.