potential dangers Archives

Winsage

June 20, 2025

Windows 10 is dying as scams skyrocket. We asked a security expert for advice

In this week's episode of The Full Nerd, hosts Adam Patrick Murray, Alaina Yee, Will Smith, and guest Mike Danseglio discuss the end of Windows 10 and its security implications, the rise of scams, and various online security concerns. They explore user transitions to Windows 11, Linux, and vulnerabilities in communication methods. A recent vulnerability allows hackers to steal encryption keys from AMD Ryzen CPUs, prompting firmware updates for users of the Ryzen 3000 series or newer. Asus Armoury Crate users are advised to update due to a critical flaw that could grant hackers administrative rights. Cloud gaming is gaining traction among gamers under 40, provided latency issues are resolved. DDR4 memory prices are rising, indicating a decline of AMD’s AM4 platform. Anker has recalled older power banks due to fire hazards, and Framework has launched a new 2-in-1 DIY laptop. AMD has shared promising benchmarks for its upcoming Ryzen Threadripper 9000 series.

AppWizard

June 15, 2025

Experts urge caution over social media apps in connection to arrest of SC Rep. RJ May

Lexington County State House Representative RJ May has been indicted on multiple federal charges related to child sex abuse material. He faces nearly a dozen charges, and federal prosecutors are seeking his detention before trial. May allegedly used four applications—Kik, Telegram, Mega, and Loki Messenger—to distribute child sexual assault material (CSAM). Investigators noted that all four apps were deleted shortly before a search warrant was executed at his home. Kik allows communication without a registered phone number, while Telegram and Mega are favored for their encryption and foreign ownership. Loki Messenger also offers end-to-end encryption. Rebecca Lorik, executive director of Pathways to Healing, highlighted the dangers of social media platforms and urged parents to engage with their children's online activities, educate themselves about potential risks, and consult experts for guidance.

Tech Optimizer

May 29, 2025

How to turn off antivirus

Antivirus software is crucial for digital security, providing protection against malware threats. Users may need to disable antivirus temporarily for reasons such as system resource consumption, particularly during resource-intensive tasks like gaming, or to bypass false positives when installing applications. Disabling antivirus software poses risks, especially when browsing the internet, as even legitimate sites can be compromised. Precautions to take when disabling antivirus include disconnecting from the internet, avoiding USB drives, using trusted networks, closing non-essential applications, verifying the legitimacy of downloaded files, and limiting browsing to secure websites. Users should promptly re-enable their antivirus after completing necessary tasks.

Winsage

May 15, 2025

Windows Remote Desktop Vulnerability Let Attackers Execute Malicious Code Over Network

Microsoft's May 2025 Patch Tuesday addressed 72 vulnerabilities in Windows Remote Desktop services, including two critical vulnerabilities, CVE-2025-29966 and CVE-2025-29967, which are heap-based buffer overflow issues. These flaws allow unauthorized attackers to execute arbitrary code over a network, posing significant risks. The vulnerabilities have been rated as "Critical" and classified under CWE-122. They affect various versions of Windows operating systems utilizing Remote Desktop services. Although there have been no reported active exploitations, experts warn of the potential dangers, urging users to apply patches immediately. The update also addressed five actively exploited zero-day vulnerabilities in other Windows components. Patches are available through Windows Update, WSUS, and the Microsoft Update Catalog.

Winsage

May 1, 2025

Windows RDP has a major security problem, and Microsoft has refused to do anything about it

A security flaw in Windows RDP allows previously revoked credentials to remain functional after a password reset, enabling users to access their PCs with old passwords. Microsoft does not classify this issue as a bug, stating it is an intentional design to ensure at least one user account can always log in. This behavior is not flagged by Microsoft Defender, Azure, or Entra ID, and the company's documentation lacks clarity on the matter. Microsoft has been aware of this issue since at least August 2023 but has chosen not to modify the code, citing potential compatibility issues.

AppWizard

April 25, 2025

Minecraft Movie Draws Increased Police Presence

The release of the Minecraft Movie has led to chaotic scenes in theaters, with audiences throwing popcorn and drinks in excitement, particularly at the line “Chicken Jockey!” This disruptive behavior has prompted theaters to remind patrons that such actions can result in ejection and police involvement. Videos on social media show disorderly crowds, and theater employees have expressed frustration over the mess created. A serious incident occurred in Warwick, Rhode Island, where a group of teenage boys violently attacked two adults who asked them to quiet down, resulting in non-life-threatening injuries. The film's popularity has intensified warnings against disruptive behavior, leading theaters to enforce stricter consequences.

Tech Optimizer

April 1, 2025

There are over 1 billion malware programs

There are over 1 billion distinct malware threats in cyberspace. Antivirus software is essential for identifying and eliminating threats, acting as a frontline defense against various malicious entities, including ransomware. A security offer allows protection for up to five devices at an affordable price, enhancing security for households or small businesses.

AppWizard

April 1, 2025

Google’s Play Store Warning—Do Not Update This Setting

A sophisticated trojan named TsarBot is targeting over 750 legitimate banking and shopping applications on Android devices. It overlays a counterfeit login screen on real apps to capture user credentials. TsarBot is believed to have Russian origins and can remotely control the device's screen, simulating user interactions and capturing device lock credentials through a deceptive lock screen. The trojan is typically installed from phishing websites, where a dropper application delivers the TsarBot APK file. Once installed, it disguises itself as the Google Play Services app and urges users to enable Accessibility services. Users are advised to avoid installing apps from outside the Google Play Store, ensure Play Protect is enabled, and only enable Accessibility Services when necessary to mitigate risks.

AppWizard

March 25, 2025

Why does this administration use the Signal messaging app to discuss war plans?

Jeffrey Goldberg, editor-in-chief of The Atlantic, was inadvertently included in a Signal group chat involving senior U.S. government officials discussing military action against Houthi targets in Yemen. This incident raised questions about national security communication protocols, particularly regarding the use of the Signal app for sensitive discussions that should occur on secure government devices. A Pentagon advisory warned against using Signal due to vulnerabilities that could be exploited by foreign hacking groups. Concerns were voiced by figures like Senator Elizabeth Warren about the legality and safety of using such apps for national security matters.

Winsage

February 28, 2025

Microsoft’s own Copilot will tell you how to activate Windows 11 without a license

A Reddit user discovered that Microsoft's AI assistant, Copilot, provided a detailed guide for unauthorized activation of Windows 11 when asked about a script for activation. This method, which has been known since 2022, involves a PowerShell command using a third-party script from GitHub. Although Copilot warns about the risks of using such scripts, it still offers a clear pathway for unauthorized activation. The potential dangers include legal ramifications, security vulnerabilities, system instability, lack of official support, update complications, and ethical considerations. Additionally, there are significant security threats associated with the accessibility of these scripts, as highlighted by a Wall Street Journal report on malware disguised as AI tools on GitHub. Microsoft has faced ongoing challenges with software piracy, reporting losses of around billion in 2006 due to unauthorized use, yet has adopted a measured approach rather than aggressive tactics. Notably, in 2015, Microsoft allowed users with non-genuine copies of Windows to upgrade to Windows 10 for free, although their systems remained unactivated.