permission Archives

AppWizard

May 29, 2025

How to Manage App Permissions on your Android phone

Users can manage app permissions on Android devices by following these steps: 1. Open phone settings and select "Security and privacy." 2. Choose "Permission manager." 3. Tap "Start" on the intro screen. 4. Select a permission type to revoke or grant. 5. Tap the app to change its permission. 6. Deny permission by selecting "Don't allow" if the app already has access. While managing permissions is important, some apps require specific permissions to function properly, so users should be informed about the permissions they grant.

Tech Optimizer

May 29, 2025

Windows PCs at risk as new tool disarms built-in security

All modern Windows PCs come with Microsoft Defender, a built-in antivirus solution. A tool called Defendnot can disable Microsoft Defender by tricking Windows into believing another antivirus is active. It uses an undocumented API to register a counterfeit antivirus, which leads to Microsoft Defender being automatically disabled without user notification. Defendnot creates a scheduled task for persistence and allows customization of the antivirus name. It is a successor to a previous project, No-Defender, which was removed due to copyright issues. Currently, Microsoft Defender flags Defendnot as a threat.

AppWizard

May 29, 2025

Elon Musk’s xAI partners with messaging app Telegram in $300 million Grok deal

Elon Musk has launched xAI, aiming to uncover fundamental truths of the universe. The startup has partnered with Telegram, agreeing to a 0 million investment for the Grok AI chatbot. Telegram will receive the initial payment and 50% of revenue from xAI subscriptions sold through its platform. Telegram's CEO, Pavel Durov, mentioned that users can expect advanced AI technology by summer, although Musk later stated that "no deal has been signed." Telegram has over one billion monthly users as of 2025 and is preparing to raise at least .5 billion through a bond issue. Durov is under investigation in France for allowing criminal activities on Telegram and is restricted from leaving the country. xAI has merged with X, valuing the AI company at billion and the social media platform at billion. Grok faced criticism for generating controversial responses, which xAI attributed to an unauthorized modification. The company is working to improve Grok's transparency and reliability.

AppWizard

May 24, 2025

Vietnam orders ban on popular messaging app Telegram

Vietnam's Ministry of Science and Technology has accused the messaging app Telegram of not cooperating in addressing criminal activities conducted by its users. The ministry has instructed internet service providers to restrict Telegram's operations in the country, citing that nearly 70 percent of the 9,600 channels on the app disseminate harmful information and engage in illegal activities such as selling user data and drug trafficking. A Telegram representative stated the company has been timely in addressing legal requests from Vietnam and is processing a recent request. Despite the government's actions, Telegram was still accessible in Vietnam as of Friday. In Vietnam, approximately 11.8 million users use Telegram, while the app has nearly one billion users globally.

Winsage

May 23, 2025

The END of Support: Preparing for Windows 10 Transition » CBIA

Microsoft will end support for Windows 10 and Windows Server 2019 on October 14, 2025. After this date, Microsoft will no longer provide updates, including security patches and programming fixes, potentially increasing vulnerability to operational failures and cyber threats. Upgrading to Windows 11 may be possible at no additional cost if hardware meets minimum requirements. Companies should consider a migration strategy that balances costs and needs, possibly redistributing older devices for less demanding roles. For server upgrades, it is recommended to consolidate functionalities, utilize physical servers for virtual systems, assess company growth for informed investments, and prioritize redundancy through frequent backups.

Winsage

May 21, 2025

New Windows Server 2025 Attack Compromises Any Active Directory User

A significant security flaw, named BadSuccessor, has been discovered in Windows Server 2025, posing a serious risk to Active Directory users. This privilege escalation vulnerability allows attackers to compromise any user in Active Directory and is alarmingly easy to exploit, requiring only basic permissions on any organizational unit. Currently, no patch is available for this vulnerability. In 91% of environments examined, users outside the domain admins group had the necessary permissions to execute the attack. The exploit leverages the delegated Managed Service Account (dMSA) feature, enabling attackers to take control of any principal within the domain. Microsoft has rated the vulnerability as moderate severity and plans to address it in a future update, noting that elevated user permissions are required for successful exploitation. Organizations are advised to identify and eliminate unnecessary permissions to mitigate potential threats.

Winsage

May 21, 2025

Active Directory DMSA Attack Detailed By Researchers

The delegated Managed Service Account (dMSA) feature in Windows Server 2025 has a privilege escalation vulnerability that allows attackers to compromise any user in an Active Directory (AD) environment. Research by Yuval Gordon revealed that in 91% of examined environments, users outside the domain admins group had the necessary permissions to exploit this vulnerability. The attack can be executed with benign permissions on any organizational unit (OU) and does not require actual migration of accounts. Gordon's technique, called “BadSuccessor,” enables an attacker controlling a dMSA object to inherit the permissions and keys of any user, including those with high privileges. Microsoft has acknowledged the vulnerability but categorized it as a Moderate severity issue. Akamai recommends limiting the creation of dMSAs and tightening permissions until a patch is released.

BetaBeacon

May 21, 2025

Google just laid out its game plan to make you (and developers) care about Android XR

Google showcased how apps like Google Maps, Messages, Calendar, and Photos will function on Android XR glasses.

AppWizard

May 20, 2025

Preventing App-Based Threats on Android Devices

By 2025, the Android platform faces increasingly sophisticated app-based threats, including ransomware, fake apps, social engineering, and remote access attacks. Cybercriminals exploit Android's open architecture, prompting the need for advanced security measures. Android's security architecture includes: 1. Google Play Protect: Scans applications before installation using real-time machine learning to detect emerging malware and deceptive tactics. 2. Application Sandboxing: Isolates apps to prevent data access between them, utilizing Linux permissions and SELinux policies. 3. App Signing and Code Integrity: Requires cryptographic signatures for apps, complicating the introduction of rogue certificates and runtime modifications. Advanced protections include Runtime Application Self-Protection (RASP) for high-security apps, which monitors behavior in real time, and secure coding practices that encourage regular code reviews, strong authentication, and data encryption. User vigilance is crucial, emphasizing responsible downloading, limiting permissions, keeping software updated, enabling two-factor authentication, and being cautious with public Wi-Fi. Google continuously updates security measures, ensuring older devices receive new protections, while collaboration with the security community aids in identifying and countering emerging threats.

AppWizard

May 17, 2025

Mike Florio: NFL needs to start signing off on schedule-release videos

The Indianapolis Colts retracted their Minecraft-themed schedule announcement video due to a lack of proper copyright permissions from Microsoft and the inclusion of an insensitive clip featuring Tyreek Hill. The Los Angeles Chargers successfully used Minecraft imagery with permission from Microsoft. The New England Patriots featured Dave Portnoy in their video, raising questions about relations between the NFL and Barstool Sports. The NFL does not require teams to submit schedule-release videos for approval, a policy that has been criticized following the Colts' blunder. Pro Football Talk commentator Mike Florio suggested that the league should reconsider this approach to prevent similar issues.