NewApp Digest
search bot

processes

MacBook Neo vs Windows Laptops for Cybersecurity Tasks
Winsage
June 19, 2026

MacBook Neo vs Windows Laptops for Cybersecurity Tasks

The laptop has evolved into a crucial tool for cybersecurity, serving as a workstation for malware analysis and daily operations. A debate exists between the merits of MacBook Neo and Windows-based models, with Windows offering flexibility and compatibility, while macOS is favored for stability and build quality. Popular penetration testing tools are available on both platforms, but Windows laptops have an advantage due to better integration with x86 environments and specialized drivers. Virtualization is essential in cybersecurity, and Windows laptops with higher RAM provide a better experience for running multiple virtual machines compared to the non-upgradable RAM of the MacBook Neo. Intensive tasks can strain systems, necessitating efficient resource management, especially on the MacBook Neo. Most malware is designed for Windows, making it crucial for analysts to be familiar with Windows-specific tools and features. The MacBook Neo is beneficial for tasks like working with event logs and writing automation scripts, while its battery life and mobility are advantageous for professionals on the go. Security considerations play a significant role in the choice of operating system, with Windows being a common target for attackers, whereas macOS has stricter access controls. Windows laptops offer more price flexibility and upgradeability, while the MacBook Neo focuses on simplicity and build quality but lacks upgrade options. Ultimately, Windows is optimal for tasks involving malware analysis and virtual labs, while the MacBook Neo suits those focused on development and network analysis.
Here’s What Actually Happens When Antivirus Software Scans Your PC
Tech Optimizer
June 18, 2026

Here’s What Actually Happens When Antivirus Software Scans Your PC

Interactions with antivirus software occur during installation and when issues arise, while the software operates quietly in the background. Modern antivirus solutions continuously monitor for threats using various detection methods, including real-time scanning, which actively scrutinizes files as they are downloaded or accessed. The signature database is essential for identifying malware by comparing files against known signatures, but it can only detect documented threats. Heuristic detection and behavioral analysis help catch unknown malware by evaluating suspicious characteristics and monitoring file actions during execution. Sandboxing allows suspicious files to run in a controlled environment, logging their behavior to determine if they are malicious. Quarantine neutralizes threats by locking files in a secure location, allowing users to review them before deletion. Full scans are resource-intensive and can slow down system performance, while real-time scanning is less demanding. Users can schedule scans during idle times, exclude trusted folders, or consider cloud-based solutions to mitigate performance impacts.
Windows SprySOCKS Malware: Advanced Kernel-Level Rootkit Targets Government Organizations via Supply Chain Vulnerabilities
Winsage
June 17, 2026

Windows SprySOCKS Malware: Advanced Kernel-Level Rootkit Targets Government Organizations via Supply Chain Vulnerabilities

The Windows variant of SprySOCKS malware, developed by the Chinese threat group Earth Lusca, targets government entities globally and features advanced capabilities such as rootkit-level stealth and extensive command-and-control (C2) functionalities. It operates on Windows systems, utilizing two main variants: WINDRV, which includes kernel drivers for stealth operations, and WINPLUS, a streamlined backdoor. The malware can communicate over TCP, UDP, and WebSocket, offering over 30 C2 commands for various operations, including system information gathering and keystroke logging. WINDRV loads a driver named ‘RawWNPF’ into memory using another signed kernel driver, allowing it to conceal processes and achieve persistence. The malware's design incorporates open-source elements and exploits vulnerabilities in the software supply chain, notably using a leaked certificate for driver signing. To combat SprySOCKS, organizations are advised to implement advanced endpoint detection and response (EDR) solutions, maintain regular patching, and manage supply chain risks vigilantly. The malware's adaptability and reliance on legitimate certificates complicate detection efforts, necessitating continuous refinement of security practices.
China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth
Winsage
June 16, 2026

China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

Cybersecurity researchers have identified two new Windows variants of the SprySOCKS backdoor, named WINDRV and WINPLUS, which were previously thought to be exclusive to Linux systems. Both variants feature hard-coded command-and-control configurations and can communicate via TCP, UDP, and WebSocket protocols. They support over 30 commands for operations such as system information collection and file management. WINDRV employs kernel drivers for stealth, obscuring network connections and allowing TCP traffic diversion. SprySOCKS was first documented by Trend Micro in September 2023, linked to the Chinese state-sponsored threat actor Earth Lusca, also known as FishMonger. The Windows variants belong to version 1.8 of SprySOCKS and utilize a kernel driver named RawWNPF for enhanced stealth. The attack chain begins with an initial access method that drops a batch script, leading to the installation of the backdoor. Evidence suggests these variants may have been used in attacks against government organizations in Honduras, Taiwan, Thailand, and Pakistan between 2023 and 2024. The WINPLUS variant was first detected in July 2024 in Pakistan. There are indications of a potential UEFI bootkit involvement exploiting CVE-2023-24932, a vulnerability in the Windows Boot Manager.
Malaysia's AI agent-powered messaging app Respond.io raises $62.5M, eyes acquisitions
AppWizard
June 16, 2026

Malaysia’s AI agent-powered messaging app Respond.io raises $62.5M, eyes acquisitions

In 2017, Respond.io was founded to help businesses adapt to customer shifts towards messaging applications. It is headquartered in Kuala Lumpur and recently raised million in a Series B funding round, following a million Series A round in 2022. The company reported an annual recurring revenue (ARR) of million, a 169% year-over-year increase, with a 30% profit margin. Co-founders include Gerardo Salandra (CEO), Hassan Ahmed (CTO), and Yaroslav Kudritskiy (COO), who initially started the company in Hong Kong before relocating to Malaysia. Respond.io's platform caters to mid- to large-sized B2C enterprises, facilitating customer interactions across various messaging channels and utilizing AI for efficiency. The target market consists of "high-consideration" businesses, with an ideal customer profile of companies having 200 to 10,000 employees. Respond processes 2 billion messages quarterly and has a unique pricing model based on conversation volume rather than per user. The company emphasizes a data flywheel effect that enhances AI capabilities through increased message volume. Plans for growth include hiring, organic expansion, and strategic acquisitions, particularly in Europe and North America, which are projected to become larger revenue segments. Currently, revenue is distributed with 30% from APAC, 30% from Latin America, and 20% from the Middle East and Africa, with the remaining 20% from North America and Western Europe. Salandra expressed a cautious approach to growth and aspirations for a future public offering on Nasdaq.
Microsoft's new Outlook takes 10 seconds to do what Outlook Classic does instantly on Windows
Winsage
June 16, 2026

Microsoft’s new Outlook takes 10 seconds to do what Outlook Classic does instantly on Windows

Microsoft's Outlook for Windows is facing criticism for its notification handling, particularly in the new Outlook version built on the WebView2 framework. Users experience a delay of approximately 10 seconds when clicking on email notifications, compared to the near-instantaneous access provided by Outlook Classic, which allows users to open new emails in about five seconds. The new Outlook consumes significantly more memory and CPU resources, using between 490 MB and 636 MB of RAM, while Outlook Classic operates within 117 MB to 148 MB. Despite updates aimed at improving the new Outlook, the core issue of notification handling remains unresolved. Microsoft is working on enhancements, but the performance limitations of the WebView2 architecture continue to affect user experience. Outlook Classic will continue to be supported until April 2029.
Windows 11’s June update makes PCs feel faster. Here's what's new
Winsage
June 15, 2026

Windows 11’s June update makes PCs feel faster. Here’s what’s new

On Patch Tuesday in June 2026, Microsoft released a significant update for Windows 11, designated as KB5094126. Key enhancements include: - Low Latency Profile: Boosts CPU clock speeds temporarily for specific tasks, reducing lag during operations. - Simultaneous Webcam Access: Allows multiple applications to use the webcam simultaneously. - Shared Audio: Enables two users to connect headphones to one PC for shared audio enjoyment. - NPU Usage Monitoring: Task Manager displays Neural Processing Unit usage for individual processes, with new columns for NPU and NPU Engine. - Enhanced Windows Search: Users can locate files with just two characters instead of three. The update also introduces new Secure Boot certificates for improved security. After installation, Windows 11 build numbers will show either 26200.8655 (25H2) or 26100.8655 (24H2). Updates are rolled out gradually, so some users may experience delays in accessing features.
Search