persistence Archives

Tech Optimizer

April 23, 2026

Take Control: Customer-Managed Keys for Lakebase Postgres

Encryption at rest is essential for cloud environments, especially in regulated sectors. Lakebase offers Customer Managed Keys (CMK), allowing organizations to control their encryption keys from preferred Key Management Services (KMS) like AWS KMS, Azure Key Vault, or Google Cloud KMS. Lakebase CMK manages both persistent storage and ephemeral compute, ensuring data security. Lakebase's architecture separates storage and compute layers, enabling elastic scaling and serverless operations. The storage layer maintains persistent data, while the compute layer consists of dynamic Postgres instances. This separation poses encryption challenges, addressed by Lakebase CMK through a hierarchical Envelope Encryption model. The key hierarchy includes: 1. Customer Managed Key (CMK): The Root of Trust in the cloud KMS, never accessed in plaintext by Databricks. 2. Key Encryption Key (KEK): A transient key for wrapping data keys. 3. Data Encryption Keys (DEKs): Unique keys for each data segment, stored in an encrypted state. When data access is needed, Lakebase retrieves DEKs by unwrapping keys from the KMS. If a key is revoked, access to the data is denied, and ephemeral compute instances are terminated. In practice, CMK applies to: 1. Persistence Layer (Storage): All data segments are encrypted with keys controlled by the CMK. 2. Ephemeral Layer (Compute): Each compute instance generates a unique ephemeral key, and upon revocation, the instance is terminated, destroying in-memory keys. CMK implementation follows a delegation model, allowing Security Admins to manage keys without accessing data. The process includes key configuration, workspace binding, and lifecycle management. Key rotation is seamless, requiring no data re-encryption. All cryptographic operations involving the CMK are logged by the cloud provider's audit service. Lakebase CMK is available for Enterprise tier customers, allowing organizations to manage their encryption keys effectively.

Winsage

April 20, 2026

Microsoft is going after every part of Windows 11’s legacy UI in major design update

Microsoft plans to revamp various design elements of Windows 11, including the "Installing Windows 11" screen, which has been criticized for being functional but misaligned with the overall aesthetic. The design director indicated that while this screen is not a priority, it remains on their agenda. Windows 11 still contains legacy UI features, with some interfaces resembling Windows 8 and even Windows 3.1. Microsoft is migrating all Control Panel settings to the Windows 11 Settings app, but faces challenges due to the need to ensure compatibility with various network and printer devices and drivers. The company is taking a careful approach to this transition.

Winsage

April 20, 2026

Windows 11 to get a major reliability update in May with faster clipboard, stable taskbar, storage and more

Microsoft has released new Insider builds for Windows 11 across various channels, focusing on enhancing reliability and performance. Key components receiving updates include: 1. File Explorer: Improved speed and reliability, retaining customized folder views. 2. Settings App: Enhanced navigation and consistency, particularly in the Installed Apps page and Privacy & Security section. 3. Drop Tray: Optimized for better usability during multitasking. 4. Clipboard History: Performance enhancements to reduce access delays. 5. Storage Settings: Improved performance for large storage volumes, enabling instant loading of the Disks & Volumes page. 6. Windows Hello: Enhanced fingerprint and face recognition reliability, maintaining biometric data across upgrades. 7. Input and Voice Dictation: Improved keyboard navigation and persistent voice typing settings. 8. Startup Applications: Refined performance and memory management for faster boot times. 9. Display, Audio, and Font Rendering: Better stability and compatibility for color profiles, audio drivers, and font legibility. 10. Security Enhancements: Improved trust model for third-party drivers and command-line scripts. These updates are expected to be available to regular users in the upcoming April optional update and the mandatory May security update.

Tech Optimizer

April 18, 2026

Avast Antivirus: Free Protection Faces Premium Competition Pressure

Avast Antivirus offers a free version with features like real-time scanning, malware detection, a ransomware shield, and network security, appealing to budget-conscious users on multiple platforms. It has a lightweight design, regular updates, and community-driven threat intelligence. Gen Digital acquired Avast in 2022 and integrated it into its cybersecurity portfolio, focusing on transitioning users from free to premium services and emphasizing AI-driven threat detection. Avast faces competition from free alternatives like Windows Defender and premium solutions such as Bitdefender and Kaspersky, while regulatory scrutiny affects all providers. The demand for antivirus tools is driven by rising ransomware attacks and data breaches, with remote work increasing the need for endpoint protection. Risks for users include performance issues on older devices, false positives, data privacy concerns, and potential subscription traps. Future updates may incorporate more AI features, and partnerships with hardware manufacturers could expand Avast's market reach.

Winsage

April 16, 2026

Fake Proton VPN sites are pushing NWHStealer malware to Windows users

A malware campaign is utilizing counterfeit Proton VPN websites and other deceptive tactics to distribute a Windows infostealer known as NWHStealer. This malware extracts sensitive information, including browser credentials and cryptocurrency wallet details, and operates stealthily by injecting itself into legitimate processes. Two primary infection vectors have been identified: malicious ZIP archives on a free web hosting platform and trojanized installers from fake Proton VPN sites. The malware employs DLL hijacking and can exfiltrate data to a command-and-control server while ensuring persistence through scheduled tasks and disguising payloads as legitimate system processes. It also exploits the Windows cmstp.exe utility to bypass User Account Control. Users are advised to avoid downloading software from unofficial sources and to verify file signatures and publisher information.

Winsage

April 15, 2026

Windows Update Warning: Fake Windows 11 24H2 Site Pushes Password-Stealing Malware

A sophisticated fake Windows update site has emerged, designed to mimic Microsoft’s branding to distribute malware, specifically targeting individuals seeking early access to Windows 11 version 24H2. The fraudulent site resembles a legitimate cumulative update download page, using familiar design elements to evade detection. The malware operates as an information-stealing entity, targeting saved passwords and browser sessions, potentially bypassing two-factor authentication. It transmits stolen credentials through encrypted channels to external servers. The installer uses legitimate packaging tools to minimize detection and employs obfuscated scripts within legitimate software components. The campaign modifies system startup entries and creates disguised shortcuts to maintain persistence. Researchers noted the use of a typosquatted domain and meticulously spoofed file properties. As of April 2026, Microsoft has not released Windows 11 version 24H2 to the public, and legitimate updates are only available through Windows Update. Users are advised to obtain updates exclusively through official channels and keep security features updated.

Tech Optimizer

April 14, 2026

Fake Windows 11 24H2 Update Site Distributes Password-Stealing Malware

A recent discovery by Malwarebytes has identified a cyber threat involving a typosquatted domain that mimics official Microsoft support pages. This site uses authentic branding and KB-style reference numbers to deceive users into downloading what appears to be a legitimate cumulative update. The malware, once installed, operates stealthily, stealing passwords from browsers and active sessions, which allows attackers to bypass two-factor authentication. The stolen data is sent to external servers through encrypted channels. Initial scans showed zero detections by multiple antivirus engines due to the malware's obfuscated scripts. It also modifies system startup entries and creates disguised shortcuts for persistence. Microsoft has not yet released Windows 11 version 24H2 to general users, and updates should only be obtained through official channels to avoid potential threats.

Winsage

April 13, 2026

Stealthy Malware Campaign Uses Fake Windows Update Site To Infect PCs

A new malware campaign targets Windows users by using a fraudulent clone of a Microsoft website to steal sensitive information. Victims are directed to a typo-squatted web address that resembles an official site, where they are prompted to download a file named WindowsUpdate 1.0.0.msi. This file uses a legitimate open-source installer framework and incorporates Electron, JavaScript, and Python, making it difficult to detect; VirusTotal showed zero detections across 69 engines. The malware maintains persistence by modifying the Windows registry and placing a shortcut named Spotify.lnk in the startup folder. Currently, the campaign primarily targets French-speaking users, but similar tactics may spread to other regions. Users are advised to apply updates only through the Windows Update feature in the Settings menu.

Tech Optimizer

April 13, 2026

Fake Claude site installs malware that gives attackers access to your computer

Claude, an AI tool developed by Anthropic, receives nearly 290 million web visits monthly and has become a target for cybercriminals. A fake website has been found that impersonates Claude, distributing a trojanized installer named Claude-Pro-windows-x64.zip. This installer, while appearing legitimate, deploys PlugX malware, granting attackers remote access to users' systems. The fraudulent site mimics the official download page and uses passive DNS records linked to commercial bulk-email platforms, indicating active maintenance by the operators. The ZIP file contains an MSI installer that incorrectly spells "Claude" as "Cluade" and creates a desktop shortcut that launches a VBScript dropper. This script runs the legitimate claude.exe while executing malicious activities in the background, including copying files to the Windows Startup folder to ensure persistence after reboot. The attack utilizes a DLL sideloading technique recognized by MITRE as T1574.002, where a legitimate G DATA antivirus updater is exploited with a malicious DLL. Within 22 seconds of execution, the malware establishes a connection to an IP address associated with Alibaba Cloud, indicating control over the compromised system. The dropper script also employs anti-forensic measures to delete itself and the VBScript after deployment. Indicators of compromise include the filenames Claude-Pro-windows-x64.zip, NOVUpdate.exe, avk.dll, and NOVUpdate.exe.dat, along with the network indicator 8.217.190.58:443 (TCP) as the command and control destination. Users are advised to download Claude only from the official site and to remain vigilant against potential compromises.

AppWizard

April 12, 2026

This developer squeezed a full Minecraft server onto an ESP32, and it actually works

A developer named angelthebox has created a Minecraft server called Macerun that runs on the ESP32-S3 microcontroller, using Minecraft version 1.16.5 rewritten in C. Key features include the ability for players to join the server, explore the world, place and break blocks, procedural world chunk generation, basic crafting mechanics with 2x2 recipes, in-game chat, and tracking of basic physics, health, and hunger. Changes to blocks are saved to the chip's flash memory. However, the server lacks mobs, 3x3 crafting recipes, and the ability to retain player inventories and positions after exiting. The source code is available on the Macerun GitHub page.