passwords Archives

Tech Optimizer

August 21, 2025

New Malvertising Attack Spreads Crypto Stealing PS1Bot Malware

Cisco Talos researchers have identified a new malware framework called PS1Bot, active since early 2025, which spreads primarily through malvertising. PS1Bot is crafted using PowerShell and can steal sensitive information, log keystrokes, take screenshots, and gain unauthorized control over systems. It is capable of extracting passwords, browser cookies, and cryptocurrency wallet seed phrases. The malware operates stealthily using in-memory execution to avoid detection by antivirus software and checks for antivirus presence before launching attacks. It spreads through malicious online advertising, where users may download a compressed file containing the malware. Cisco Talos has noted ongoing enhancements to PS1Bot, with similarities to other malware families suggesting a connection among cybercriminals.

Winsage

August 21, 2025

LibreOffice 25.8 Open-Source Office Suite Officially Released, This Is What’s New

LibreOffice 25.8 has been released by The Document Foundation, supporting GNU/Linux, Android, macOS, and Windows. Key enhancements include up to 30% faster file opening times in Writer and Calc, support for exporting to PDF 2.0, optimized memory management, and improved scrolling for large documents. New features include a Viewer mode for read-only access, background images as bitmap thumbnails, SHA384 with AES_192 encryption, streamlined PDF signature timestamping, enhanced import capabilities for encrypted PDFs, and support for Bitcoin currency. Writer introduces a new Move Line hyphenation rule, improved text selection control, and collaborative features like per-window track changes. Calc adds new functions and customizable conditional formatting, while Impress improves font management for PowerPoint compatibility. The user interface features various enhancements, including a diacritic matching option and hyperlink insertion via the context menu. LibreOffice 25.8 is available for download, with support through seven maintenance updates until June 12, 2026.

AppWizard

August 21, 2025

Google is expanding a key anti-theft feature to make your apps more secure

Android's Identity Check feature will be enhanced in the Android 16 QPR2 update, requiring biometric-only authentication for apps using the biometric prompt, eliminating screen lock credentials as a fallback. This aims to improve security for sensitive applications by preventing unauthorized access, particularly in untrusted environments. The update expands Identity Check to more applications, ensuring that access necessitates biometric verification. Users can activate this feature through Settings on their Pixel devices. Future updates may allow the use of a smartwatch as a trusted unlock mechanism, bypassing biometric authentication when connected.

Tech Optimizer

August 19, 2025

Everyting About Postgres Security

Securing a PostgreSQL database involves following the Center for Internet Security (CIS) benchmarks, which include: 1. Installation and Patches: - Ensure PostgreSQL packages are obtained from authorized repositories, specifically the PostgreSQL Global Development Group (PGDG). - Enable systemd service files for managing PostgreSQL services. - Confirm that the data directory (PGDATA) is initialized properly. 2. Directory and File Permissions: - Set the correct file permissions mask to prevent unauthorized access. 3. Logging and Auditing: - Implement logging for monitoring and auditing purposes. 4. User Access and Authorization: - Review and configure sudo permissions to limit administrative access. 5. Connection and Login: - Avoid specifying passwords in the command line to prevent exposure in shell history or process lists. 6. PostgreSQL Settings: - Understand potential attack vectors and configure runtime parameters accordingly. 7. Replication: - Create a dedicated replication user with limited permissions. 8. Special Configuration Considerations: - Place PostgreSQL subdirectory locations outside the main data directory for enhanced security and manageability.

AppWizard

August 19, 2025

Android VPN apps used by millions are covertly connected AND insecure

Recent research from Arizona State University and Citizen Lab has identified connections among three families of Android VPN applications with over 700 million downloads, raising concerns about user privacy and security. The analysis revealed three groups of VPN providers: 1. Group A: Eight apps from three providers sharing identical Java code and libraries, exhibiting vulnerabilities such as: - Collecting location data against privacy policies. - Using weak encryption methods. - Hard-coded Shadowsocks passwords that could allow traffic decryption. 2. Group B: Eight apps from five providers supporting only the Shadowsocks protocol, sharing libraries and hard-coded passwords, with all servers hosted by GlobalTeleHost Corp. 3. Group C: Two providers with one app each, using a custom tunneling protocol and sharing similar code, vulnerable to connection inference attacks. The research highlighted significant privacy breaches, including undisclosed location data collection and vulnerabilities that could allow eavesdroppers to decrypt communications. Alarmingly, these VPN providers are linked to Qihoo 360, a Chinese company that has concealed this connection, raising concerns about potential data sharing with the government due to China's strict laws. Additionally, the Tech Transparency Project found that many free VPN apps on the Apple App Store are also linked to companies in mainland China or Hong Kong without disclosing these ties.

TrendTechie

August 18, 2025

Медиа-сервер на основе Telegram-бота / Питонист пробует Go

The project involved creating a Telegram bot to streamline the process of downloading and viewing movies in a home theater setup. The bot integrates with DLNA technology, allowing films to be played on various devices within a home network. Key functionalities include downloading films from torrents and streaming sites, automatic re-encoding for compatibility with older televisions, download monitoring, file management, and a role-based access system. The bot supports multiple languages and can issue temporary access for guests. Initially developed in Python, the bot was later rewritten in Go for better performance and compatibility across hardware platforms. It requires at least 1 GB of RAM and a Linux operating system to function effectively. The source code is available on GitHub.

AppWizard

August 15, 2025

Facebook Messenger Hacked? Here’s How to Secure Your Account

Facebook Messenger has raised concerns about unauthorized access to user chats. Signs of unauthorized access include: receiving messages from unknown contacts, login times when the user was not online, changes to account settings such as password changes or alterations to privacy settings, chats marked as read without the user opening them, and warnings from Facebook about suspicious activities. Users are advised to regularly check their account for unfamiliar devices, monitor connected applications for unusual activity, and take proactive security measures like installing security software, logging out of all devices, changing passwords, and enabling two-factor authentication.

Tech Optimizer

August 15, 2025

The best antivirus software 2025

Antivirus software enhances security for desktop PCs, laptops, and mobile devices, protecting against threats like phishing, ransomware, and malware. Modern solutions provide alerts for untrusted websites and conduct regular scans. Bitdefender Total Security is recommended as the top antivirus, compatible with multiple platforms and offering features like anti-phishing protection and a built-in VPN. Norton Antivirus Plus provides real-time protection for one device and includes a firewall and cloud backup. McAfee offers antivirus protection across various platforms with additional features like a VPN and password manager. Surfshark provides basic antivirus functionality within its VPN packages. ESET Protect is tailored for small to medium-sized businesses, offering customizable security solutions. AVG offers a robust free antivirus option with thorough scanning capabilities. Prices for these antivirus solutions vary, with some offering free plans and others requiring annual subscriptions.

AppWizard

August 14, 2025

This Spyware Campaign Is Targeting Android Users Via Messaging Apps

A new spyware campaign targeting Android users, identified as LunaSpy, has been reported by cybersecurity firm Kaspersky and is believed to have been operational since at least February 2025. This malware disguises itself as antivirus software delivered through messenger applications. It can record audio and video, access texts, call logs, and contacts, execute shell commands, steal passwords, track locations, and record the device screen. LunaSpy spreads primarily through messenger platforms like Telegram, where users receive messages urging them to install the app. Users are advised to download applications only from official sources like the Google Play Store and to be cautious with third-party sources. They should also block installations from unknown sources, review app permissions, and uninstall any suspicious applications immediately. A factory reset can remove malware if necessary, provided important data is backed up.

Tech Optimizer

August 14, 2025

Beware of this Android antivirus. It actually steals data, records audio, and tracks you

LunaSpy is a deceptive antivirus application that spreads primarily through Telegram and is not available on the official Google Play Store. It masquerades as a legitimate antivirus program, claiming to protect online banking activities. Upon installation, it conducts a superficial scan and displays false warnings to instill fear, prompting users to grant extensive permissions. Once installed, it can invade personal data, access banking information, record audio and video, steal passwords, read SMS messages, track locations, and has been found to include a command for photo theft. Users are advised to avoid downloading LunaSpy and to exercise caution with applications from social networks or unofficial sources, relying instead on verified antivirus solutions from official app stores.