Poland Archives

AppWizard

May 23, 2025

The One UI 8 beta might just be around the corner for your Galaxy S25

Samsung's One UI 8 beta, based on Android 16, has debuted in the Samsung Members app, with a release expected this summer alongside new foldable smartphones. The beta banner has been spotted on Galaxy S25 devices in regions including the U.S., Germany, Poland, India, and Korea. An official notice in the Members app has outlined steps for testers to prepare for the beta installation. The beta program page is live for Germany and Korea, although registrations are not yet open. Users have begun exploring One UI 8 features, including an enhanced audio feature called Audio Brief and a redesigned weather app with interactive 3D avatars.

AppWizard

May 20, 2025

The 14 most underappreciated games of the last year that you shouldn’t have ignored

Skin Deep: Released on December 5th, 2024; Steam reviews: Very Positive (771); Peak player count: 953. Loco Motive: Released on November 21st, 2024; Steam reviews: Very Positive (659); Peak player count: 336. Straftat: Released on October 24th, 2024; Steam reviews: Overwhelmingly Positive (7523); Peak player count: 960; Price: Free on Steam. Penny’s Big Breakaway: Released on February 21st, 2024; Steam reviews: Very Positive (800); Peak player count: 228. Solium Infernum: Released on February 22, 2024; Steam reviews: Very Positive (1,362); Peak player count: 1,108. MechWarrior 5: Clans: Released on October 17th, 2024; Steam reviews: Mostly Positive (4303); Peak player count: 5,548. Xenotilt: Released on November 12th, 2024; Steam reviews: Overwhelmingly Positive (594); Peak player count: 81. Anton Blast: Released on December 3rd, 2024; Steam reviews: Overwhelmingly Positive (2919); Peak player count: 1,104. The Thaumaturge: Released on March 4th, 2024; Steam reviews: Very Positive (2866); Peak player count: 2,733. Still Wakes the Deep: Released on June 18th, 2024; Steam reviews: Very Positive (5639); Peak player count: 729. Dungeons of Hinterberg: Released on July 18th, 2024; Steam reviews: Very Positive (1597); Peak player count: 486. Drova: Forsaken Kin: Released on October 15th, 2024; Steam reviews: Overwhelmingly Positive (6618); Peak player count: 2,717. 1000xRESIST: Released on May 9th, 2024; Steam reviews: Overwhelmingly Positive (3471); Peak player count: 278.

AppWizard

May 18, 2025

Czech mayor gifts $200 Kingdom Come: Deliverance 2 collector’s edition to country’s Prime Minister, elevating the game alongside the Witcher 2 in the company of CRPG state gifts

Warhorse Studios, known for Kingdom Come: Deliverance 2, received recognition during a government visit in Kuttenberg, where Mayor Lukáš Seifert presented Czech Prime Minister Petr Fiala with a Collector’s Edition of the game. This edition includes a detailed cloth map, a letter opener, a statue of the protagonist Henry on horseback, enamel pins, a crafted letter, and illuminated manuscript collectible cards. The presentation drew comparisons to a similar gift of The Witcher 2 given to former President Barack Obama, which included a bust of Geralt, a dice poker set, and an art book, all signed by the development team at CD Projekt Red. Prime Minister Fiala received a PS5 version of Kingdom Come: Deliverance 2, while Obama received a PC version. The game has been well-received, earning a 90% rating from PCG, which described it as "a new RPG classic."

AppWizard

April 24, 2025

Trojanized Alpine Quest app geolocates Russian soldiers

Russian soldiers are facing a digital threat from a modified Android application, Alpine Quest, which has been tampered with to track their locations and extract sensitive information. The malware, known as Android.Spy.1292.origin, was embedded in an older version of the app and distributed as a free upgrade to Alpine Quest Pro via a fraudulent Telegram channel. Once installed, the trojan collects various types of information, including geolocation, downloaded files, phone numbers, and app versions, and can download additional modules to exfiltrate specific files. Additionally, researchers at Kaspersky discovered a backdoor hidden in counterfeit software updates for ViPNet, a secure networking suite. The malware, disguised as msinfo32.exe, connects to a command-and-control server to steal files and deploy more malicious components. On the Ukrainian side, Russian operatives are conducting a phishing campaign targeting Ukrainian officials and allies, using social engineering tactics to hijack Microsoft 365 accounts. Attackers contact victims via messaging apps, invite them to video calls, and trick them into providing OAuth codes, granting access to their accounts.

Winsage

April 19, 2025

Windows vulnerability with NTLM hash abuse exploited for phishing

A vulnerability in Windows, identified as CVE-2025-24054, is being exploited in phishing campaigns targeting government and private organizations. Initially considered low-risk, it was addressed in Microsoft's March 2025 Patch Tuesday updates. Following the release of these patches, Check Point observed a rise in exploitation attempts, particularly linked to the Russian group APT28. Attackers sent phishing emails with Dropbox links containing .library-ms files, which, when accessed, connected to an external SMB server controlled by the attackers, allowing interception of NTLM hashes. A subsequent wave of attacks involved .library-ms files sent as direct attachments, requiring minimal user interaction to exploit the vulnerability. The malicious ZIP archive also contained files exploiting older NTLM vulnerabilities. Check Point identified the attackers' SMB servers with specific IP addresses. Despite being classified as medium-severity, the vulnerability's potential impact is significant, prompting organizations to apply the March 2025 updates and consider disabling NTLM authentication if not essential.

Winsage

April 17, 2025

Windows NTLM hash leak flaw exploited in phishing attacks on governments

A vulnerability in Windows, identified as CVE-2025-24054, is being actively exploited in phishing campaigns targeting government and private sectors. Initially addressed in Microsoft's March 2025 Patch Tuesday, it was not considered actively exploited at that time. Researchers from Check Point reported increased exploitation activities shortly after the patches were released, particularly between March 20 and 25, 2025. Some attacks were linked to the Russian state-sponsored group APT28, but definitive attribution is lacking. The vulnerability allows attackers to capture NTLM hashes through phishing emails containing manipulated .library-ms files that trigger the flaw when interacted with. Check Point noted that subsequent attacks involved .library-ms files sent directly, requiring minimal user interaction to exploit. The malicious files also included additional components that exploit older vulnerabilities related to NTLM hash leaks. The attacker-controlled SMB servers were traced to specific IP addresses. Although rated as medium severity, the potential for authentication bypass and privilege escalation makes it a significant concern, prompting recommendations for organizations to install updates and disable NTLM authentication if not necessary.

Winsage

April 17, 2025

Hackers Exploiting NTLM Spoofing Vulnerability in Wild to Compromise Systems

Cybercriminals are exploiting a vulnerability in Windows systems known as CVE-2025-24054, which involves NTLM hash disclosure through spoofing techniques. This flaw allows attackers to leak NTLM hashes, leading to privilege escalation and lateral movement within networks. It is triggered when a user extracts a ZIP archive containing a malicious .library-ms file, causing Windows Explorer to initiate SMB authentication requests that expose NTLMv2-SSP hashes. Exploitation of this vulnerability began shortly after a security patch was released on March 11, 2025, with campaigns targeting government and private institutions in Poland and Romania. These campaigns utilized spear-phishing emails containing malicious ZIP archives, which, when interacted with, leaked NTLM hashes. The malicious files included various types designed to initiate SMB connections to attacker-controlled servers, allowing for pass-the-hash attacks and privilege escalation. The stolen hashes were sent to servers in several countries, indicating potential links to state-sponsored groups. One campaign involved Dropbox links that exploited the vulnerability upon user interaction. Microsoft has recommended immediate patching, enhancing network defenses, user education, network segmentation, and regular security audits to mitigate risks associated with this vulnerability.

Winsage

April 17, 2025

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)

CVE-2025-24054 is a vulnerability that allows attackers to capture NTLMv2-SSP hashes from a victim's machine during authentication requests to an attacker-controlled SMB server. Active exploitation of this vulnerability has been observed since March 19, 2025, targeting government and private sectors in Poland and Romania. The attacks involve phishing emails that lead victims to download an archive file containing exploits designed to leak NTLMv2-SSP hashes. Microsoft has released patches for this vulnerability, but users on older, unsupported versions may need to consider micropatching.

AppWizard

April 16, 2025

Google Wallet brings real-time train status alerts to Android, and teases I/O 2025

Google Wallet has introduced real-time train status alerts for users in India and Canada, allowing them to receive notifications about their train's status, such as "On Time" or "Delayed." Additionally, parents and guardians in select countries can now permit their children to add event tickets and generic passes to their Wallet accounts, with the rollout starting in the U.S., U.K., Australia, Spain, and Poland. Google will host its I/O 2025 event on May 20 at 10 am PT, where updates for Wallet and Pay will be discussed, along with developments related to Android 16, Android XR, and Wear OS 6. Android 16 will feature Live Updates and has reached Platform Stability, allowing developers to refine applications. The Android 16 Beta includes Auracast support for hearing aids to enhance accessibility.

AppWizard

March 19, 2025

Kids with Android phones can now tap and pay with Google Wallet

Google Wallet is introducing tap-to-pay for children on Android, allowing them to make in-store purchases. This feature will be available in the U.S., U.K., Australia, Spain, and Poland in the coming weeks. Parental approval is required for kids to add a card, and parents can monitor spending or remove the card at any time. Children can unlock the app using a fingerprint, face scan, PIN, or passcode, and the app can also store gift cards and event tickets. The feature is limited to in-store transactions and does not allow online shopping.