PDF Archives

Winsage

March 29, 2025

Announcing Windows 11 Insider Preview Build 26200.5516 (Dev Channel)

Windows 11 Insider Preview Build 26200.5516 (KB5054687) has been released to the Dev Channel. The Dev Channel has transitioned to the 26200 series builds, closing the opportunity to switch to the Beta Channel. The 26200 series is based on Windows 11, version 24H2. Enhancements to Windows Search for AMD and Intel®-powered Copilot+ PCs include semantic indexing for more intuitive searches, allowing users to find documents, photos, and settings using natural language. Users can manage indexed locations in Settings and the feature supports multiple languages and document formats. The improved Windows Search can also locate cloud-stored photos, with users needing to sign into OneDrive for access. A new feature called speech recap has been introduced in Narrator, allowing users to track what has been spoken and providing quick access to the last 500 strings spoken. A streamlined UI for unexpected restarts is being previewed. The Copilot can now be launched with Win + C, and users can personalize their experience through Settings. Click to Do is available from the Start menu and supports intelligent text actions in multiple languages. The Windows share window now includes a visual preview for shared links and image editing capabilities. Several fixes have been made to improve performance and address issues in Taskbar, File Explorer, Login and Lock, Windowing, and Settings. Known issues include problems with Recall and File Explorer crashes for some users. Windows Insiders in the Dev Channel receive updates based on Windows 11, version 24H2, and feature rollouts are monitored for feedback.

AppWizard

March 28, 2025

PJobRAT makes a comeback, takes another crack at chat apps

In 2021, PJobRAT, an Android Remote Access Trojan (RAT), targeted Indian military personnel through deceptive apps. A new campaign was discovered in 2023, focusing on users in Taiwan, with malicious apps like ‘SangaalLite’ and CChat disguised as instant messaging applications. These apps were available for download from WordPress sites, which have since been taken down. The campaign began in January 2023, with domains registered as early as April 2022, and the latest sample detected in October 2024. The number of infections was low, indicating a targeted approach rather than a broad attack. The distribution methods remain unclear, but may involve SEO poisoning, malvertising, or phishing. Once installed, the apps request extensive permissions and feature basic chat functionality. Recent versions of PJobRAT have shifted from stealing WhatsApp messages to executing shell commands, allowing greater control over compromised devices. PJobRAT communicates with its command-and-control (C2) servers using Firebase Cloud Messaging (FCM) and HTTP, enabling the upload of various data types, including SMS, contacts, and files. The now inactive C2 server was located in Germany.

Winsage

March 25, 2025

Semantic Search Rolls Out to Windows 11, But You Probably Can’t Use It

Microsoft is rolling out its Semantic Search feature to Windows Insiders Beta in Preview Build 26120.3585 (KB5053644). This feature enhances user experience by enabling intuitive searches across files, settings, and applications, integrated into the Start menu and Settings. Users can conduct contextual searches by typing related keywords, retrieving relevant documents and images easily. Semantic Search also extends to the cloud, allowing searches for matching files in OneDrive. It is exclusive to Copilot+ PCs, utilizing advanced Neural Processing Units (NPUs), and supports multiple languages and various file formats.

Winsage

March 25, 2025

Announcing Windows 11 Insider Preview Build 26120.3585 (Beta Channel)

Windows 11 Insider Preview Build 26120.3585 (KB5053644) has been released to the Beta Channel for Windows Insiders on Windows 11, version 24H2. The build introduces improved Windows Search for AMD and Intel®-powered Copilot+ PCs, featuring local semantic search that allows users to find documents, photos, and settings using natural language. Users can search for local files and cloud-stored photos by describing their content. This feature is available for personal OneDrive accounts and will support third-party cloud services in the future. Fixes include enhanced performance for extracting zipped files in File Explorer, adjustments to the web sign-in icon, and resolution of issues causing slow closure of File Explorer. Known issues include difficulties with Recall and crashes in Settings and File Explorer for some users. A reboot may be necessary to activate the improved Windows Search features.

Tech Optimizer

March 25, 2025

What the Tech? Avoiding malware threats

The ABC 6 News Team reports on the Infostealer malware, which has compromised over 2 billion credentials by using fake websites to trick users into providing sensitive information. Infostealer targets searches for free software, cracked software, game cheats, and activation tools, employing tactics such as search engine ads, SEO manipulation, social media promotions, and typosquatting to lure victims. Once installed, Infostealer can steal passwords, credit card information, cryptocurrency wallet data, and personal information. To mitigate risks, users are advised to download software from reputable sources, be cautious of offers that seem too good to be true, install robust antivirus software, enable ad blockers, verify URLs, use multi-factor authentication, keep software updated, and stay informed about cybersecurity threats. Additionally, users can check if their email addresses or passwords have been involved in data breaches at www.haveibeenpwned.com.

AppWizard

March 22, 2025

Nasty Android apps that steal credit cards and passwords downloaded 60 million times

Over 331 applications on the Google Play Store have been identified as potentially compromised by a widespread malware campaign, which has affected millions of Android devices. These malicious apps can steal sensitive information, including passwords and credit card details, and have accumulated over 60 million downloads globally. They often disguise themselves as benign utility applications, such as QR code scanners and fitness tools, and generate revenue through intrusive advertisements. The malware campaign began in April 2024, with many apps initially appearing benign before being updated with malicious components. Some apps can hide their icons and bypass Android security measures, making detection difficult. Victims are primarily located in Brazil, the United States, Mexico, Turkey, and South Korea. Despite Google's efforts to remove many of these apps, some remain active, and users must take proactive measures to protect their devices.

AppWizard

March 20, 2025

Signal Messenger Exploited in Targeted Attacks on Defense Industry Employees

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned about targeted cyberattacks against employees in the defense-industrial complex and members of the Defense Forces of Ukraine, which have been ongoing since at least summer 2024 and have intensified recently. Attackers are using the Signal messenger app to distribute malicious files by compromising trusted contacts' accounts. In March 2025, CERT-UA observed that attackers were sending archived messages through Signal, which included a PDF and an executable file called DarkTortilla, designed to activate the DarkCrystal RAT (DCRAT) software. The focus of these deceptive messages has shifted to critical topics like unmanned aerial vehicles (UAVs) and electronic warfare equipment. CERT-UA has labeled this activity UAC-0200 and advises reporting any suspicious messages immediately. They have also compiled indicators related to the attacks, including specific file hashes, IP addresses, and URLs linked to the attackers' infrastructure.

Tech Optimizer

March 20, 2025

What the Tech: Stolen passwords

Infostealer is a type of malware that has stolen over a billion credentials, posing significant risks such as identity theft and financial fraud. It targets users through specific search terms related to free software, cracked software, game cheats, and activation tools. Cybercriminals use tactics like search engine ads, SEO manipulation, social media promotions, and typosquatting to direct users to malicious sites. Once infected, Infostealer can steal saved passwords, credit card information, cryptocurrency wallet data, and personal information. To mitigate risks, individuals should download software from reputable sources, be cautious of too-good-to-be-true offers, install robust antivirus software, enable ad blockers, verify URLs, use multi-factor authentication, keep software updated, and educate themselves about cybersecurity threats. Additionally, checking for compromised email addresses or passwords at www.haveibeenpwned.com is recommended.

AppWizard

March 19, 2025

Google’s Gemini Gets Two of Its Coolest New Features: Canvas and…

Gemini has introduced new features called Canvas and Audio Overviews to enhance user experience and collaboration. Canvas allows users to create and edit documents collaboratively, enabling tasks like drafting speeches from notes and generating coding projects with explanations. Users can access Canvas through the "Canvas" button in the "Ask Gemini" box on the web. Audio Overviews enable users to upload documents and convert them into audio clips, making information accessible in a podcast-like format. Both features are available globally for Gemini and Gemini Advanced subscribers.

Tech Optimizer

March 18, 2025

FBI: Free file converter sites and tools deliver malware

Malware peddlers are targeting users searching for free file converter services, as reported by the FBI’s Denver Field Office. Cyber criminals use deceptive websites that promise file conversion but may deliver malware, allowing unauthorized access to victims' computers and extracting personal identifying information (PII), banking details, and passwords. Users are advised to keep antivirus software updated and scan downloaded files. A list of flagged domains includes: - Imageconvertors[.]com (Phishing) - Convertitoremp3[.]it (Riskware) - Convertisseurs-pdf[.]com (Riskware) - Convertscloud[.]com (Phishing) - Convertix-api[.]xyz (Trojan) - Convertallfiles[.]com (Adware) - Freejpgtopdfconverter[.]com (Riskware) - Primeconvertapp[.]com (Riskware) - 9convert[.]com (Riskware) - Convertpro[.]org (Riskware) Users affected by malware are encouraged to contact their financial institutions and change passwords.