protections Archives

Winsage

May 23, 2026

CVE-2026-45585: YellowKey BitLocker Bypass

BitLocker, a security feature for data protection, has a vulnerability identified as CVE-2026-45585, also known as YellowKey, which allows unauthorized access to encrypted data on Windows 11 versions 24H2, 25H2, 26H1, and Windows Server 2025. This flaw does not compromise BitLocker’s encryption but affects the recovery environment supporting it. The vulnerability can be exploited locally through the Windows Recovery Environment (WinRE) by an attacker with physical access, who can trigger an unrestricted shell and access the BitLocker-protected volume. Microsoft has provided two mitigation strategies: modifying the WinRE image to remove the autofstx.exe entry and transitioning from TPM-only protection to a TPM+PIN requirement at startup. The exploit poses challenges for detection, as it occurs pre-boot and currently lacks vendor-published indicators of compromise. Organizations using BitLocker for unattended devices are particularly at risk, as the vulnerability can lead to loss of confidentiality if an attacker gains access before the legitimate user.

Tech Optimizer

May 23, 2026

CVE-2026-9082: Critical Drupal Core SQLi Flaw

Drupal has issued critical security updates for a vulnerability in Drupal Core, identified as CVE-2026-9082, which affects sites using PostgreSQL databases. This flaw allows anonymous attackers to exploit the system through arbitrary SQL injection, posing risks such as sensitive information disclosure, privilege escalation, and remote code execution. The vulnerability is rated 20 out of 25 by Drupal and 6.5 out of 10 by CVE.org. It specifically impacts the database abstraction API, which fails to properly sanitize queries. The fixed versions include 11.3.10, 11.2.12, 11.1.10, 10.6.9, 10.5.10, and 10.4.10, with best-effort patches available for unsupported versions 9.5 and 8.9. Organizations are advised to inventory their Drupal installations, verify PostgreSQL usage, and prioritize patching for public-facing sites.

Winsage

May 21, 2026

Microsoft Defender Zero-Day Vulnerabilities RedSun and UnDefend Actively Exploited on Windows 10, 11, and Server (April 2026 CVE Analysis)

In April 2026, two zero-day vulnerabilities, RedSun and UnDefend, were discovered in Microsoft Defender, affecting Windows 10, Windows 11, and Windows Server platforms. These vulnerabilities allow attackers to escalate privileges to SYSTEM and bypass Defender’s protections. RedSun exploits a flaw in Defender's remediation process, enabling low-privileged users to overwrite critical system files. UnDefend allows attackers to disrupt Defender’s updates, keeping it outdated and ineffective. Both vulnerabilities are actively being exploited, with attackers leveraging them to gain persistent access and deploy ransomware. The primary targets are organizations using Windows systems with Defender enabled, particularly in sectors like finance, healthcare, and government. Mitigation strategies include applying updates for related vulnerabilities, monitoring for suspicious activities, and implementing additional security measures.

Tech Optimizer

May 21, 2026

‘Only pay for what you truly need’: Avast unveils revolutionary new antivirus platform – industry leading device protection & scam detection, with optional no-log VPN, data breach monitoring, and device cleanup

Avast has launched a new free modular platform called Avast One, which offers free antivirus and scam protection, allowing users to pay only for the features they choose to use. The platform includes a free tier with antivirus protection, scam protection, and web security, and users can add optional modules such as AI agent protection, a no-log VPN, data breach monitoring, and device cleanup. Avast One features a unified dashboard for easy management of security options, and it includes free services like a cleanup tool and BreachGuard for personal information protection. Premium features can be added for enhanced security, including scanning for suspicious emails and banking protection, as well as a VPN with a 60-day free trial.

Tech Optimizer

May 21, 2026

What the Tech? Antivirus protection for your smartphone

Most users do not require an antivirus app on their smartphones, as the predominant threats are scams such as phishing texts and fraudulent websites rather than traditional viruses. iPhones operate on a design that isolates apps, limiting the effectiveness of antivirus software, while Android devices allow sideloading, which can increase the risk of malware. The real danger lies in deception tactics used by cybercriminals, making personal account security more important than antivirus software. To enhance security, users should keep their operating systems updated, use strong passwords, enable two-factor authentication, avoid suspicious links, and refrain from installing apps from unknown sources. Antivirus apps may be beneficial for users who frequently click on unverified links, download files from unfamiliar sites, or engage in Android sideloading. Reputable security apps focus on scam detection and web protection rather than traditional virus scanning.

TrendTechie

May 21, 2026

007 First Light рискует оказаться на торрентах до официального релиза

The game 007 First Light is set to launch on May 27, but there are concerns about it being leaked onto torrent sites before its release. Players who pre-order the game can start playing 24 hours earlier than the general public, increasing the risk of piracy. Recent trends show an increase in fully functional pirated versions of major games appearing before their official launches, including titles like Pragmata and Death Stranding 2. There is no confirmed information about the use of the anti-piracy system Denuvo on Steam, and even with such protections, hackers have been able to bypass them. Factors contributing to early availability of game builds to hackers include failures in pre-loading systems and actions by reviewers. Even if a game avoids leaks initially, it is likely to be pirated eventually.

Tech Optimizer

May 20, 2026

PoC Exploit Released for 20-Year Old PostgreSQL RCE Vulnerability

A proof-of-concept exploit has been developed for CVE-2026-2005, a remote code execution vulnerability in the pgcrypto extension of PostgreSQL. This vulnerability, stemming from legacy code, allows attackers to trigger a heap-based buffer overflow through specially crafted PGP messages, enabling arbitrary memory read and write operations. Successful exploitation can escalate privileges to PostgreSQL superuser status and execute commands on the operating system. The exploit targets PostgreSQL instances compiled from a specific vulnerable commit and circumvents protections like Address Space Layout Randomization (ASLR). It involves corrupting heap memory structures, leading to a controlled pointer leak that reveals the heap layout. Security researcher Varik Matevosyan has published the PoC on GitHub, demonstrating the exploitation process. The exploit requires a compatible PostgreSQL binary and utilizes Python-based tools for interaction. Organizations are advised to review their PostgreSQL deployments, disable unnecessary extensions, and apply security updates to mitigate risks.

AppWizard

May 20, 2026

Google thinks Gemini 3.5 Flash can finally make AI agents more useful

Google has rolled out its AI model, Gemini 3.5 Flash, across various platforms, claiming it outperforms its predecessor, Gemini 3.1 Pro, in key benchmarks. Gemini 3.5 Flash generates responses four times faster than competing AI systems and is designed for complex workflows and coding tasks. Google plans to introduce Gemini 3.1 Pro next month, which excels in decision-making and coding tests. The model is particularly effective for "long-horizon" tasks, aiding app development and document preparation. Google Antigravity, an agentic development platform, integrates with Gemini 3.5 Flash to manage large workloads. The company also introduced Gemini Spark, a personal AI agent for managing digital tasks, with a beta rollout for select testers. Gemini 3.5 was developed under the Frontier Safety Framework, incorporating enhanced safety measures and interpretability tools.

Tech Optimizer

May 19, 2026

Avast Free Antivirus for US users: core features explained

Avast Free Antivirus is a free security application that provides essential malware protection and additional tools for Windows, macOS, Android, and iOS. It blocks malware and suspicious websites using real-time scanning and integrates with the operating system's security center on Windows. Key features include file shield scanning, web and mail shields, and ransomware-related shields on select platforms. It is available for free download in the US and is popular among home users, families, students, and individual professionals. Avast competes with other antivirus vendors like McAfee and Bitdefender and is often reviewed positively by tech outlets. While it offers core protections, advanced features require paid subscriptions. Users can conduct various types of scans and utilize browser extensions to assess site safety. The software is designed to coexist with Windows built-in security features, but experts advise using additional security measures for online banking and shopping.

Tech Optimizer

May 19, 2026

Norton 360 review: what the security suite adds for US users

Norton 360 is a subscription-based consumer security software suite developed by Norton, a division of Gen Digital, designed for everyday home devices. It includes antivirus protection, VPN capabilities, and privacy tools, catering primarily to the US consumer market. The suite offers features such as malware scanning, spyware detection, and Card Shield for managing payment data. It provides cloud storage and multi-device coverage, making it suitable for personal devices like phones, tablets, and computers. Norton 360 aims to meet the evolving cybersecurity needs of consumers by integrating various protective measures into one cohesive package. It is available through Norton channels and app stores, appealing to a broad global consumer base.