phishing attacks Archives

Tech Optimizer

July 2, 2025

NordVPN blocks 90% of phishing sites and earns AV-Comparatives certification

NordVPN's Threat Protection Pro feature has successfully blocked 90% of phishing websites in independent testing by AV-Comparatives, making it the only VPN with certified phishing protection. This feature has been recognized for two consecutive years for its effectiveness in detecting phishing attempts, surpassing the 85% threshold required for certification. Threat Protection Pro is available to subscribers of NordVPN Plus, Complete, and Ultra plans, while Basic tier users only have access to a DNS filter. NordVPN has also ranked third among 35 competitors for avoiding online shopping scams in 2024 and achieved a 99.8% malware protection rate according to testing by West Coast Labs.

Tech Optimizer

July 1, 2025

Avast or Bitdefender? The Free Antivirus Battle You Need to Know About

Avast and Bitdefender are prominent cybersecurity firms known for their high-quality free antivirus solutions. Bitdefender: - Excellent protection in the free version. - Simple installation and use. - Lightweight and fast performance. - Provides both definition-based and behavioral protection. - Protects against viruses, spyware, ransomware, Trojans, and phishing. - Requires users to create a free account before installation. - Includes anti-phishing and anti-fraud features. - Offers yearly version releases and continual updates. Avast: - Excellent free protection. - High-quality protection against various threats. - Clean interface with smooth performance. - Provides definition-based and behavioral protection. - Protects against viruses, spyware, ransomware, Trojans, and phishing. - Installation is quick and unobtrusive. - Offers additional features like a password vault and Wi-Fi protection. - Provides yearly version releases and continual updates. Both antivirus solutions are compatible with Windows, Mac, iOS, and Android devices, and they do not rely on static versions, ensuring continuous enhancements and current virus definitions.

Tech Optimizer

June 28, 2025

Norton AntiVirus Plus for Mac

Windows is the primary target for malware attacks, leading to a focus on antivirus applications for the platform, while macOS users have fewer options. Norton AntiVirus Plus for Mac offers robust cross-platform protection and has received perfect scores from independent testing labs, excelling in phishing protection. It is priced at approximately .99 annually for a single license and .99 for a five-license subscription. Norton supports the latest three macOS versions: Sequoia (15), Sonoma (14), and Ventura (13). The Gen stack, a new antivirus engine, consolidates technology from Norton, Avast, and AVG, ensuring consistent performance. Norton achieved a perfect score of 18 points in independent testing, with a 100% detection rate for Mac malware and Windows-specific threats. It offers flexible scanning options, with quick scans completing in 30 seconds and full scans in 27 minutes. Norton has a 100% detection rate for phishing sites and includes a smart firewall and intrusion prevention system. Its password manager offers basic functions but lacks advanced features. Norton Genie is an AI-based scam detection tool integrated into the ecosystem. The software includes performance improvement tools like File Cleanup and Startup Manager, but privacy components require separate purchases.

Winsage

June 24, 2025

FileFix attack weaponizes Windows File Explorer for stealthy commands

A cybersecurity researcher named mr.d0x has introduced a new attack method called FileFix, which is a variant of the ClickFix social engineering attack. FileFix allows malicious actors to execute harmful commands on a victim's system through the Windows File Explorer address bar, rather than using the traditional method of pasting commands into PowerShell. The attack still relies on a phishing page, which masquerades as a notification about a shared file, prompting users to paste a path into File Explorer. Attackers can conceal the malicious PowerShell command by embedding it within a dummy file path in a comment, making it invisible in the address bar. Mr.d0x has also implemented measures in the proof-of-concept code to prevent users from selecting files during the attack. The ClickFix method has been effective in deploying malware, including ransomware and state-sponsored operations, with notable examples involving the North Korean hacker group Kimsuky and cybercriminals impersonating Booking.com. FileFix represents an evolution in phishing attacks by providing a more user-friendly interface for executing commands.

Winsage

June 20, 2025

Microsoft 365 brings the shutters down on legacy protocols

Microsoft will block legacy authentication methods by default in Microsoft 365 starting mid-July 2025 through August as part of its Secure Future Initiative. The notification, MC1097272, emphasizes the need for organizations to adapt their systems due to the vulnerabilities of legacy protocols, such as the Remote PowerShell (RPS) protocol for SharePoint and OneDrive, and the FrontPage Remote Procedure Call (RPC) protocol. Additionally, Microsoft will require administrator consent for third-party applications accessing organizational files and sites, shifting the responsibility from users to administrators to enhance security. These changes will apply universally across all Microsoft 365 tenants.

Winsage

June 20, 2025

Microsoft 365 brings the shutters down on legacy protocols

Microsoft will implement default settings in Microsoft 365 starting mid-July 2025 that block legacy authentication protocols as part of its Secure Future Initiative. Legacy authentication methods, including the Remote PowerShell (RPS) protocol for SharePoint and OneDrive, and the FrontPage Remote Procedure Call (RPC) protocol, will be phased out due to their vulnerability to attacks. Additionally, administrator consent will be required for third-party applications seeking access to organizational files and sites, which may disrupt existing workflows. All changes will be applied by default across all Microsoft 365 tenants.

Winsage

June 20, 2025

Old tech is getting the boot inside Windows and Microsoft 365

Microsoft is removing obsolete drivers from Windows Update, starting with those that have modern replacements. Older drivers will be allowed to expire, and partners can republish them only with justification. After a six-month grace period for feedback, outdated drivers will be permanently removed if no issues are raised. This cleanup is part of a recurring process to enhance security and streamline drivers for users. In Microsoft 365, outdated authentication protocols will be blocked by default starting in July 2025, requiring administrator approval for third-party app access. The first protocols to be discontinued include outdated browser authentication methods for SharePoint and OneDrive accessed via Remote PowerShell, as well as the FrontPage Remote Procedure Call protocol. Third-party applications will need explicit administrator permission to access files and sites, which may disrupt existing workflows.

Tech Optimizer

June 13, 2025

It’s time to stop believing these lies about antivirus software

The proliferation of social media misinformation, deep fakes, and sophisticated phishing attacks has made online safety challenging. Many individuals hold outdated beliefs about cybersecurity, such as the myth that Macs are immune to viruses and that caution alone can replace antivirus software. Regardless of the operating system, using a robust antivirus program is recommended, as built-in security features are not foolproof. Third-party antivirus software can provide additional functionalities like parental controls and VPN services, but they are not a complete safety net. Users must remain vigilant and practice good cybersecurity hygiene, including regular scans, strong passwords, and recognizing phishing attempts. Modern antivirus programs have become more user-friendly and less resource-intensive. Some malware can operate stealthily, making detection difficult, which emphasizes the need for regular scans and monitoring personal accounts for unusual activity. Antivirus protection should extend to mobile devices as well, as they are also vulnerable to cyber threats. Users should check if their antivirus program covers mobile devices and familiarize themselves with security settings on their smartphones.

Tech Optimizer

June 4, 2025

I put McAfee and Norton head-to-head in an antivirus showdown, and the results were quite surprising

McAfee and Norton are two leading antivirus providers known for their robust online safety solutions. Both offer essential security features such as real-time threat detection, firewall protection, identity theft protection, VPN services, password management, and parental controls, but they differ in implementation. McAfee uses advanced machine learning for real-time threat detection but has a higher rate of false positives and shows room for improvement against ransomware and phishing. Norton excels in malware detection and has a strong performance against ransomware, blocking 95% of phishing links in tests. McAfee's firewall monitors incoming threats and protects connected devices, while Norton’s firewall prevents untrusted applications from accessing the internet with extensive configuration options. In identity theft protection, McAfee offers comprehensive features with live agent support, whereas Norton partners with LifeLock for enhanced services, including credit monitoring and up to one million dollars in compensation for identity theft losses. McAfee provides unlimited VPN access with basic functionality, while Norton’s VPN includes advanced features like split tunneling and a kill switch. Both include password managers, but McAfee's lacks some functionalities, whereas Norton’s is user-friendly and supports data import from other managers. For parental controls, McAfee allows website blocking and app restrictions, while Norton offers detailed content filtering and monitoring of online activities. In system performance, both have received high marks, with McAfee showing a superior impact score in tests. User experience varies, with McAfee being more accessible for non-technical users and Norton catering to more experienced individuals. Recent testing indicates both effectively blocked nearly all threats, but McAfee had more false positives. Both brands received high ratings from SE Labs for protection and accuracy. The choice between them depends on individual needs, with McAfee being user-friendly and Norton offering advanced features and enhanced identity protection.

Tech Optimizer

June 3, 2025

How we test antivirus software

Robust antivirus software is essential for protecting sensitive data in personal and business contexts. Different antivirus solutions vary in malware detection and overall protection. The ideal antivirus balances comprehensive coverage with system performance. Resources like AV-Comparatives and AV-Test provide impartial testing of antivirus capabilities, including real-world protection tests and evaluations of false alarms. Performance and customer support are critical factors in antivirus software evaluation. The impact on device speed and resource consumption is important, as is the quality of customer support for troubleshooting. Reliable support options enhance user satisfaction. Thorough testing of antivirus software is crucial due to the evolving tactics of cybercriminals. Not all antivirus solutions are equally effective, and rigorous evaluation helps identify subpar options and false positives. Free antivirus options may suffice for casual users, but premium versions often offer better features and protections. Meticulous testing ensures that security software meets its promises and helps users make informed decisions.