monitor Archives

AppWizard

August 26, 2025

77 Malicious Android Apps With 19M Installs Targeted 831 Banks Worldwide

Zscaler’s ThreatLabz team identified 77 malicious applications on the Google Play Store with over 19 million installations, which target financial institutions and compromise user data. A new variant of the Anatsa banking trojan, also known as TeaBot, now targets over 831 banks globally, up from 650, and has expanded its reach to countries like Germany and South Korea. Many of these apps disguise themselves as document readers, with some exceeding 50,000 downloads. The malware downloads the Anatsa payload after installation and uses Android’s Accessibility Services to automate malicious activities, including stealing financial information and facilitating fraudulent transactions. The malware employs techniques to evade detection, such as obfuscating its code and using corrupted ZIP archives. The most prevalent Android malware identified was Joker, found in nearly 25% of the analyzed applications, known for stealing contacts and device data. A smaller subset of apps contained “maskware,” which engages in credential theft and personal data collection.

AppWizard

August 26, 2025

Spotify Launches In-App Messaging, Hoping New DM Feature Will Boost Listening and ‘Drive Hype’

Spotify is introducing a new feature called Messages that allows users aged 16 and older to engage in direct messaging within the app. This feature will launch this week in select markets on mobile devices. Users can share songs, podcasts, and audiobooks directly within Spotify, rather than relying on external messaging apps. The addition of Messages is based on user feedback indicating a desire for a dedicated space for sharing content. Users can message individuals they have previously interacted with, receive suggestions based on shared activities, and manage message requests. The feature includes options to block accounts and report inappropriate content, with industry-standard encryption for user data protection. To use Messages, users tap the share icon while listening to content, choose a friend, and send the message.

Tech Optimizer

August 25, 2025

Norton VPN features explained: AI-powered protection, Dark web monitoring, IP Rotation and more

Norton VPN offers a variety of features including: - Integration of artificial intelligence for real-time detection of scams and threats such as phishing, malware, and ransomware. - Cloud storage options ranging from 10GB with the Plus plan to 50GB with the Ultimate plan, providing secure online storage for sensitive data. - Dark web monitoring that scans for users' personal information and alerts them if it surfaces. - A Kill Switch feature that halts internet traffic if the VPN connection drops, protecting users' real IP addresses and unencrypted data. - IP masking that conceals users' real IP addresses and encrypts data before it reaches its destination. - IP rotation that changes the assigned IP address every 30 seconds to complicate tracking attempts. - A Double VPN option that routes data through two servers for enhanced privacy. - A no-log policy ensuring that users' IP addresses, browsing histories, and DNS queries are not logged, with independent audits for validation. - A Norton Password Manager included in select plans for creating and storing complex passwords and securely managing online transactions. - Parental controls and location supervision available with the Ultimate plan, allowing parents to monitor web access and track children's locations.

Tech Optimizer

August 25, 2025

New Android Spyware Masquerading as Antivirus Targets Business Executives

Doctor Web’s antivirus laboratory has identified a sophisticated Android backdoor malware named Android.Backdoor.916.origin, which has been evolving since January 2025. This spyware primarily targets Russian businesses through focused attacks, disseminated via private messages as a fake antivirus application called “GuardCB.” The app's icon resembles the Central Bank of the Russian Federation's emblem and is presented in Russian. Variants of the malware include names like “SECURITY_FSB” and “FSB,” falsely claiming to be security tools linked to Russian law enforcement. Upon execution, the malware simulates an antivirus scan, requesting extensive system permissions for surveillance and data exfiltration, including access to geolocation, audio recording, SMS, contacts, call logs, media files, and camera functions. It establishes connections to command-and-control servers, allowing attackers to send and receive sensitive data, initiate audio and video feeds, and execute commands. The malware employs keylogger functionality to intercept keystrokes and monitor specific applications for content theft. Doctor Web has notified domain registrars to disrupt the malware's infrastructure and confirms that all known variants are detected and neutralized by their antivirus solutions. Organizations are advised to enforce strict APK sideloading policies and verify app authenticity to counter such threats.

Tech Optimizer

August 25, 2025

Save A$60 On Your First Year of Norton 360 Deluxe

Norton 360 Deluxe is currently available for A.99, reduced from A9.99, offering a 40% discount for a year's subscription. It includes antivirus protection for up to three devices and features such as Norton Secure VPN, SafeCam for PC, Password Manager, Parental Controls, Dark Web Monitoring, 50GB of Cloud Storage, and Genie Scam Protection. Norton 360 Deluxe has been recognized as an Editors’ Choice winner by PCMag.

Winsage

August 24, 2025

30 years since the launch of Windows 95, the 90s still has some of the best sonic branding

Microsoft's Windows 95 startup sound was created by Brian Eno and became a significant part of the National Recording Registry. Other notable sounds include Apple's serene Mac startup sound, PlayStation's auditory experience, Sega's 'SEGA' chant, Nokia's ringtone derived from Francisco Tárrega’s Gran Vals, and AOL's "You've got mail" voice notification by Elwood Edwards. Today's sound landscape is cluttered, leading to alert fatigue, and modern designers face the challenge of creating distinct sounds adaptable to various environments. Effective sound design involves establishing a cohesive sonic language that resonates across contexts, prioritizing emotional connections, and recognizing the importance of silence. Brands like Mastercard and Netflix exemplify this approach by adapting core melodies for different markets while maintaining their identity. Sound should be treated as essential infrastructure, and brands need to monitor and refine their sonic strategies for effectiveness.

Winsage

August 24, 2025

Who should consider Windows PowerToys?

Windows PowerToys is a collection of utilities for the Windows operating system, originally created for power users in the Windows 95 era and revived as an open-source project in 2019 for Windows 10 and 11. It is actively maintained by Microsoft engineers and volunteers. Key features include: - FancyZones: A window manager for creating custom snap layouts. - PowerToys Run: A launcher for quickly opening applications and files. - Keyboard Manager: Allows remapping of keys and creation of new shortcuts. - Text Extractor: Enables copying text from images or on-screen elements. - Mouse Utilities: Includes cursor highlighting and keyboard control of the mouse. PowerToys also offers File Explorer add-ons, a Color Picker, and utilities for batch renaming or resizing files. It is beneficial for users looking to streamline tasks and customize their systems, but may not be necessary for those engaged in basic computer activities. There may be a learning curve and occasional bugs due to its open-source nature.

Winsage

August 23, 2025

Hackers Can Exfiltrate Windows Secrets and Credentials Silently by Evading EDR Detection

A new method allows attackers to extract Windows secrets and credentials without being detected by most Endpoint Detection and Response (EDR) solutions. This technique enables individuals with access to a Windows machine to gather credentials for lateral movement within a network. The Local Security Authority (LSA) manages sensitive information through two in-memory databases: the SAM database, which stores user credentials, and the Security database, which holds LSA secrets. Access to these databases requires interaction with the SAM and SECURITY registry hives, protected by Discretionary Access Control Lists (DACLs) that limit access to SYSTEM privileges. Attackers typically face detection when accessing the lsass.exe process memory, as EDR solutions monitor high-risk activities. Researcher Sud0Ru has introduced a method that bypasses these defenses by using the undocumented API NtOpenKeyEx with the REGOPTIONBACKUPRESTORE flag, allowing attackers to read the SAM and SECURITY hives without SYSTEM-level privileges. To avoid detection, attackers use the RegQueryMultipleValuesW API, which is less monitored by EDRs, to extract encrypted secrets from the hives. This approach allows the operation to occur entirely in memory, leaving no on-disk artifacts and evading typical security alerts.

AppWizard

August 23, 2025

Fitbit finally listened! Dark Mode arrives on Android after years of user demands

Fitbit has rolled out the dark mode feature in its Android app with version 4.50, allowing users to manually activate the "Dark Theme" or have it automatically adjust based on system settings. This update aims to reduce glare in low-light environments and may extend battery life on OLED devices. However, not all app elements are fully optimized for dark mode at launch, with some inconsistencies expected to be addressed in future updates. The rollout began on August 21. Additionally, Fitbit is exploring AI tools to enhance health tracking, including an AI-driven lab report summary tool and a Symptom Checker that provides personalized health suggestions.

AppWizard

August 23, 2025

Russia mandates spy messenger app in occupied Ukraine

Yevhenia Virlych, editor-in-chief of Kavun.City, discussed the challenges faced by residents in temporarily occupied territories, highlighting communication restrictions imposed by Russian authorities. She noted that messaging applications are disrupted and that a Russian-promoted messaging app may activate users' cameras without consent, raising privacy concerns. Virlych reported a critical shortage of medical services and medicines in these regions and mentioned that many communities are experiencing severe water shortages due to the destruction of the Kakhovka Hydroelectric Power Plant. Additionally, on August 8, the National Resistance Center stated that residents are being forced to install spyware for data collection by Russian intelligence. A complete blackout occurred on August 19 in the occupied regions of Zaporizhzhia and Kherson.