organizations Archives

AppWizard

March 3, 2026

Five New Android Apps You Need To Try This March

Android has introduced several new applications and games this spring, enhancing user experience across devices. Notable releases include: 1. Now Playing: A standalone app from Google that identifies music in the environment using on-device recognition technology, maintaining a history of tracks and allowing easy playlist additions without relying on cloud queries. 2. Nova Drift: A space shooter game that combines classic arcade action with modern roguelite elements, featuring tight controls and a modular upgrade system, making it suitable for quick gameplay sessions on mobile. 3. Subnautica: Below Zero: A mobile adaptation of the survival game set in an alien ocean, focusing on crafting, resource management, and exploration, with user interface adjustments for mobile play. 4. The Commuter: An app that transforms news headlines into social-style posts with concise breakdowns, catering to users who find traditional news overwhelming and addressing news avoidance trends. 5. SnapSafe: A camera app that prioritizes security by encrypting photos at the moment of capture, featuring a PIN for access control and tools for obfuscating sensitive information. These applications reflect a trend towards smarter AI, engaging gameplay, and innovative solutions for news consumption and privacy.

Winsage

March 3, 2026

PoC Exploit Released for Windows Error Reporting ALPC Privilege Escalation

A critical local privilege escalation vulnerability, tracked as CVE-2026-20817, affects Microsoft Windows through the Windows Error Reporting (WER) service. This flaw allows authenticated users with low-level privileges to execute arbitrary code with full SYSTEM privileges. The vulnerability resides in the SvcElevatedLaunch method (0x0D) and fails to validate user permissions, enabling attackers to launch WerFault.exe with malicious command-line parameters from a shared memory block. The exploit affects all versions of Windows 10 and Windows 11 prior to January 2026, as well as Windows Server 2019 and 2022. Microsoft addressed this vulnerability in the January 2026 Security Update. Organizations are advised to apply security patches and monitor for unusual WerFault.exe processes.

Winsage

March 2, 2026

Windows 11 tops market share as 10 faces extended farewell

Recent data from Statcounter indicates that Windows 11 has a market share of 72.57 percent, while Windows 10 holds 26.45 percent. Microsoft claims that Windows 11 has surpassed one billion users. Statcounter's data is collected from over 1.5 million websites and may be subject to revision. Microsoft will discontinue support for many versions of Windows 10 in October 2025, leading some organizations to consider Extended Security Updates (ESU), which can incur additional costs. Windows Server 2016 has a 20.3 percent share among monitored servers, and Windows 10 2016 LTSB accounts for 0.5 percent of Windows devices, making up 19.8 percent within the LTSC/LTSB category. The higher usage of LTSC/LTSB is attributed to special-purpose devices in consumer and retail sectors, which face stricter upgrade protocols.

Winsage

March 2, 2026

RAT Malware Via Windows Explorer Puts Crypto at Risk

Cofense Intelligence reported that threat actors are exploiting Windows File Explorer and WebDAV servers to deliver Remote Access Trojans (RATs) to corporate systems, bypassing browser security measures. This method allows attackers to infiltrate machines without using web browsers, taking advantage of File Explorer's ability to connect to remote WebDAV servers. Despite WebDAV being deprecated by Microsoft in November 2023, it is still supported in Windows, creating a vulnerability. The campaigns began in February 2024, with a significant increase in September 2024, and 87% of these campaigns deliver multiple RATs, including XWorm, Async RAT, and DcRAT. Victims typically receive phishing emails disguised as invoices, containing URL or LNK shortcut files that initiate a WebDAV connection. The attacks often utilize Cloudflare Tunnel for hosting malicious WebDAV servers, making the traffic appear legitimate. Notably, 50% of affected campaigns are in German, while 30% are in English. The report emphasizes the risks posed to individuals holding digital assets, as RATs can access sensitive information, including crypto wallet files. Organizations are advised to monitor network traffic for Cloudflare Tunnel instances and educate users about the risks associated with File Explorer's capabilities.

Winsage

March 2, 2026

Fake Xeno and Roblox Utilities Used to Install Windows RAT, Microsoft Warns

Cybersecurity experts at Microsoft Threat Intelligence have identified a trend where attackers distribute counterfeit gaming tools that install a remote access trojan (RAT) on users' systems. These trojanized executables, such as Xeno.exe or RobloxPlayerBeta.exe, are shared through browsers and chat platforms. The initial executable acts as a downloader, installing a portable Java runtime environment and launching a harmful Java archive, jd-gui.jar. Attackers use built-in Windows tools to execute commands via PowerShell and exploit trusted system binaries, minimizing detection risk. The embedded PowerShell script connects to remote locations, downloads an executable as update.exe, and executes it. The malware erases evidence of the downloader and modifies Microsoft Defender settings to allow RAT components to function undetected. It establishes persistence through scheduled tasks and a startup script named world.vbs, enabling prolonged access to the compromised device. Microsoft Defender can detect the malware and its behaviors, and organizations are advised to monitor outbound traffic and block identified domains and IP addresses. Users are encouraged to scrutinize Microsoft Defender exclusions and scheduled tasks for irregularities and remain cautious about downloading tools from unofficial sources.

Winsage

March 2, 2026

NTLM is going away: what Microsoft’s phaseout means for MSPs and IT teams

The migration from NTLM to Kerberos authentication is essential for improving security in Windows systems, but it faces challenges such as legacy systems and hardcoded authentication. Organizations must identify NTLM usage, conduct testing with NTLM disabled, and make necessary adjustments or upgrades to migrate successfully. Ongoing monitoring is crucial post-migration to prevent NTLM from re-entering the network. NTLM is associated with significant security vulnerabilities and has been exploited by various threat groups, making its elimination a priority for organizations despite potential hesitations to invest in the migration process. Transitioning to Kerberos is seen as a strategic security investment.

Winsage

March 1, 2026

Hackers Abuse Windows File Explorer and WebDAV for Stealthy Malware Delivery

Cybercriminals are exploiting a legacy feature in Windows File Explorer, specifically the WebDAV protocol, to distribute malware and bypass traditional security measures. Despite Microsoft deprecating native WebDAV support in November 2023, it remains active on many systems. Attackers use WebDAV to deceive victims into executing malicious payloads by sending links that connect File Explorer directly to remote servers, avoiding web browsers and their security warnings. They employ methods such as direct linking, URL shortcut files, and LNK shortcut files to deliver exploits. The primary objective of these campaigns, which surged in late 2024, is to deploy Remote Access Trojans (RATs), with 87% of Active Threat Reports involving multiple RATs like XWorm RAT, Async RAT, and DcRAT. These campaigns predominantly target corporate networks in Europe, with many phishing emails written in German and English. Attackers use short-lived WebDAV servers hosted on Cloudflare Tunnel demo accounts to obscure their infrastructure. Security analysts are advised to monitor unusual network activity from Windows Explorer and educate users to verify addresses in File Explorer.

Winsage

March 1, 2026

Windows Package Manager 1.28.190 is final

Microsoft has launched WinGet 1.28.190, aligning its version number with App Installer to resolve discrepancies. The previous version 1.12.470 has been replaced by this update. Key changes include consistent directory separators for portable packages, compatibility of the –suppress-initial-details option with winget configure test, corrections to the experimental “font” property, and the introduction of the experimental sourceEdit feature, which allows users to set a source for package management. The update signifies a consolidation of versioning and enhances clarity for users and administrators.

Tech Optimizer

February 28, 2026

Migrate PostgreSQL from DigitalOcean to AWS

The video tutorial explores two methods for migrating PostgreSQL databases from DigitalOcean to AWS. The first method uses native PostgreSQL CLI tools (pg_dump and pg_restore) for smaller databases. The second method employs AWS Database Migration Service (DMS) for larger databases, allowing for a seamless transition with minimal downtime. Key steps in the DMS process include creating replication instances, setting up endpoints, and configuring migration tasks. The video is divided into chapters covering both migration methods.

AppWizard

February 28, 2026

Six Google Apps Emerge As Irreplaceable On Android

Many Android users seek alternatives to default applications, but six Google apps are deemed indispensable due to their speed, reliability, and integration. Google Keep allows for quick note-taking with features like labels, checklists, and real-time syncing across devices, boasting over 1 billion installs. The Google app serves as a central hub for various functions, providing seamless integration that enhances the Android experience. Google Maps excels as a navigation and discovery tool, with over 10 billion installs and features like offline maps and user-generated content. Android Auto offers a user-friendly interface for driving, becoming a standard feature in new vehicles. Google Photos backs up images effortlessly, with over 5 billion installs, and provides powerful search capabilities. NotebookLM allows users to input documents and web clippings for research, functioning as a research assistant. These six apps stand out for their unique combination of speed, scale, and integration, making them essential for Android users.