practices Archives

BetaBeacon

December 28, 2024

Top 5 mobile games of 2024: Stephen’s picks of the year

- In 2024, the author's favorite games included Pocket Necromancer, Yolk Heroes: A Long Tamago, Bella Wants Blood, Guncho, A Little to the Left, Pokemon Go, and Vampire Survivors. - The author enjoys opening packs in Pokemon TCG Pocket and playing games that evoke nostalgia. - The author dislikes clutter and enjoys playing games that are perfect for short bursts of play. - The author is looking forward to adding Dredge and Last Spartan: Glory of Madness to their collection in 2025.

Winsage

December 26, 2024

New Sophisticated Attack Weaponizes Windows Defender to Bypass EDR

A new attack technique exploits Windows Defender Application Control (WDAC) to disable Endpoint Detection and Response (EDR) sensors on Windows systems. Attackers with administrative privileges can create and deploy custom WDAC policies that prevent EDR sensors from loading during system boot, leaving networks vulnerable. The attack involves three phases: crafting a malicious WDAC policy, rebooting the machine to enforce the policy, and disabling the EDR upon reboot. A proof-of-concept tool called "Krueger" has been developed for this purpose. Mitigation strategies include enforcing WDAC policies via Group Policy Objects (GPOs), applying the principle of least privilege, and implementing secure administrative practices.

Winsage

December 25, 2024

3 reasons you get more viruses on Windows than on Mac or Linux

The majority of malware is spread through social engineering, targeting users with limited computer security knowledge, particularly among Windows users. Windows has a larger user base, with approximately 1.6 billion devices and over 70% market share, making it a prime target for malware. In contrast, Macs account for about 15% of the market and benefit from robust security protocols, while Linux holds around 5% and its users generally possess higher technical expertise. Windows allows many applications to run with administrator access by default, which can create vulnerabilities, whereas Mac and Linux require explicit permissions for actions, enhancing security. Apple uses digital signatures and sandboxing to protect against malicious software, while Windows' security features are often limited to Pro and Enterprise editions. User behavior and knowledge significantly influence the likelihood of encountering malware, regardless of the operating system used.

Winsage

December 24, 2024

Why I no longer recommend this Windows-like Linux distro

The evaluation of the Wubuntu operating system revealed a positive initial experience, but after a week, a pop-up requesting a product key for PowerTools made the desktop inaccessible without purchase. The developer claimed the user was on the Pro version and provided a license key to resolve the issue, leading to further investigation into Wubuntu's origins. It was discovered that Wubuntu is rumored to be a rebranding of LinuxFX, which has a questionable reputation. Discussions on Reddit highlighted vulnerabilities in Wubuntu's licensing system and potential data breaches. The developer clarified that Wubuntu is an Ubuntu variant with Windows themes, differing from LinuxFX's unique theme and applications. However, links between Wubuntu and the LinuxFX Redsand Theme on Sourceforge raised concerns about its reliability. The situation calls for skepticism due to persistent licensing issues and unclear associations with LinuxFX. Mainstream distributions like Ubuntu, Fedora, and Linux Mint are recommended as trustworthy options, while Zorin OS is suggested for users seeking a Windows-like experience without compromising trustworthiness.

AppWizard

December 24, 2024

Controversial messaging app Telegram is profitable, says its founder. Here’s how it makes money.

Encrypted messaging service Telegram has achieved profitability after 11 years of operation, with revenue surpassing billion in 2024 and cash reserves of 0 million. CEO Pavel Durov attributed this success to advertising and premium subscriptions. The company introduced initiatives like a revenue-sharing model for content creators and a premium subscription tier priced at .99 per month. Telegram has reduced its billion debt and noted a significant turnaround from the previous year, when it reported a loss of million on revenues of million. Despite its financial success, the platform faces global scrutiny over misinformation and limited content moderation, with bans in several countries and a history of being prohibited in Russia from 2018 to 2020.

TrendTechie

December 23, 2024

Дмитрий Стешин: Дополню уважаемого слесаря – именно Крым, должен был стать оплотом компьютерного пиратства, базой для всех торрент-трекеров

Crimea has been discussed as a potential hub for computer piracy, particularly after the imposition of sanctions in 2022, which created opportunities for a resurgence in digital piracy. Experts suggest that lifting sanctions might lead to a decline in piracy as the region could shift towards legitimate digital content distribution. In 2018, Yatsenko, the Minister of Information for the Donetsk People's Republic, proposed creating a digital ecosystem to rival Western offerings, though implementation faced challenges. The ongoing conflict and prioritization of traditional industries over the tech sector may hinder progress in fostering a digital piracy landscape. Historical examples, such as lobbying by Latvian fishing interests in Moscow, raise questions about the potential for IT sector lobbying in Crimea. There is speculation about the possibility of a virtual pirate republic or a unique Russian iteration reflecting local culture and identity.

AppWizard

December 23, 2024

Urgent Android warning for anyone who uses Amazon – delete dangerous app now

McAfee's security team discovered a malicious app named "BMI CalculationVsn" in Amazon's Android Appstore, which pretended to be a health tracker but was capable of screen recording, password theft, and accessing private SMS messages. Following the report, Amazon removed the app from its platform, and users who downloaded it are advised to uninstall it immediately. McAfee recommends that Android users install reliable antivirus software, scrutinize permission requests before downloading apps, and monitor app behavior for unusual activity to enhance their security.

AppWizard

December 23, 2024

Japan to order Google to make these changes on its search app on Android smartphones

Japan's Fair Trade Commission (JFTC) is set to find Google in violation of the nation's competition laws, marking its first order against a major US technology firm. The JFTC plans to issue a cease-and-desist order requiring Google to stop monopolistic practices in the internet search sector, specifically related to agreements with Android smartphone manufacturers that mandate the installation of its search and Chrome browser applications to access app stores. This ruling is part of a broader trend, as Google is also facing scrutiny in other markets, including a recent argument from the US Department of Justice for drastic measures against the company. The JFTC has informed Google of its intended actions and will finalize its decision after considering the company's response. Google has not publicly commented on the situation.

AppWizard

December 23, 2024

2024 was the year gamers really started pushing back on the erosion of game ownership

The landscape of digital game ownership has come under scrutiny as digital distribution increases, leading gamers to question their true ownership of purchased titles. Many high-profile games have disappeared from digital platforms, including Sony's Concord, which was discontinued just 11 days after launch. The Stop Killing Games campaign, initiated by YouTuber Ross Scott, gained traction after Ubisoft shut down The Crew, a decade-old racing game, making it unplayable due to server and licensing issues. The campaign advocates for classifying video games as "goods" rather than "services," arguing that purchased games should not be rendered inoperable. The petition has over 400,000 signatures, aiming for a million by July 2025 to prompt the EU to consider a ban on making multiplayer games unplayable. Steam has updated its disclaimers regarding ownership in response to these issues, influenced by a new Californian law requiring retailers to inform consumers about the revocability of digital games. GOG has positioned itself as a champion of consumer rights, ensuring that purchased games remain with the buyer indefinitely and allowing users to bequeath their game libraries. Industry leaders, including Michael Douse from Larian Studios, have expressed concerns about the implications of losing ownership for developers. While some publishers recognize the value of preserving older titles, others remain less attuned to this importance. The conversation around ownership and preservation is intensifying, highlighting that players do not truly own their games on platforms like Steam, where access can be revoked at any time.

Winsage

December 21, 2024

Windows 11 Vulnerability Lets Attackers Execute Code to Gain Access

Microsoft has addressed a significant security vulnerability in Windows 11 (version 23H2), identified as CVE-2024-30085, which allowed local attackers to gain SYSTEM-level privileges. The flaw was discovered by security researcher Alex Birnberg during the TyphoonPWN 2024 competition, where he demonstrated the vulnerability, earning third place. The issue lies in the Cloud Files Mini Filter Driver (cldflt.sys), which fails to properly validate user-supplied data during the parsing of reparse points, allowing attackers to overwrite memory and execute code with elevated privileges. To exploit this vulnerability, an attacker must first run low-privileged code on the system. Microsoft has released a patch for this vulnerability, and users are advised to update their systems to ensure security.