proxy Archives

Tech Optimizer

March 24, 2026

Gold Lapel launches PostgreSQL proxy to tune queries

Gold Lapel has introduced a PostgreSQL proxy that enhances database query performance by acting as an intermediary between applications and PostgreSQL databases. The proxy monitors live queries, identifies issues, and implements optimizations such as creating materialised views, introducing various index types, and rewriting queries. It supports over ten optimization strategies, seven programming languages, four frameworks, and three ORMs, and is available for Linux, macOS, Windows, and Docker. The software includes features like prepared statement caching, in-memory result caching, connection pooling, automatic read replica routing, and security measures including TLS. An observability layer provides a live web dashboard and audit timeline. The pricing model is USD 9 per month per instance, with a site license available for unlimited instances. Gold Lapel has also released a 19-chapter technical book on PostgreSQL performance optimization. The company was founded by Stephen Gibson and is based in San Francisco.

Winsage

March 18, 2026

Microsoft appears to be dumping native Copilot for Windows 11 in favour of web wrapper yet again

The latest update for Copilot has transformed it into a WebView-based application, marking it as a hybrid app rather than fully native. The new Copilot (version 146.0.3856.63) operates as a web application, evidenced by multiple sub-processes in the Task Manager that are characteristic of Microsoft Edge. The version number of Copilot aligns closely with that of Microsoft Edge. The revamped Copilot functions as a web app within a desktop shell but loads content from copilot.microsoft.com. Despite its web-based nature, it performs comparably to its native predecessor and launches more quickly. Microsoft had previously announced a "native" version of Copilot, which was misleading as it still relied on web components. In 2025, Microsoft began distributing a truly native Copilot app, free of web components, which started in March 2025. However, the Copilot has now reverted to a web-based format for users in the Windows Insider Program, with plans to extend this change to non-Insiders soon.

AppWizard

March 11, 2026

New BeatBanker Android malware poses as Starlink app to hijack devices

A newly identified Android malware called BeatBanker disguises itself as a Starlink application on fake Google Play Store websites. It functions as a banking trojan and includes Monero mining capabilities, allowing it to steal credentials and manipulate cryptocurrency transactions. Researchers at Kaspersky traced BeatBanker to campaigns targeting users in Brazil. The latest version uses the BTMOB RAT for remote access, enabling keylogging, screen recording, camera access, GPS tracking, and credential capture. BeatBanker is distributed as an APK file that decrypts and loads hidden code into memory, conducting environment checks before activation. It presents a fake Play Store update screen to trick users into granting permissions for additional payloads. To avoid detection, it delays malicious operations and plays a nearly inaudible MP3 file to maintain persistent activity. The malware uses a modified version of the XMRig miner to mine Monero on Android devices, connecting to mining pools through encrypted TLS connections. It can start or stop mining based on device conditions and uses Firebase Cloud Messaging to relay device information to its command-and-control server. Currently, BeatBanker infections have only been observed in Brazil, but there are concerns about its potential spread. Users are advised to avoid side-loading APKs from untrusted sources and to review app permissions regularly.

AppWizard

March 11, 2026

How Advanced Browsing Protection Works in Messenger

Advanced Browsing Protection (ABP) in Messenger enhances user privacy by warning users about potentially harmful links shared in end-to-end encrypted communications. It analyzes links using on-device models and a dynamic watchlist of millions of potentially malicious sites, utilizing cryptographic techniques to maintain user privacy. ABP is based on a cryptographic primitive called private information retrieval (PIR), which minimizes the information a server learns from client queries. The system also employs oblivious pseudorandom functions (OPRFs) and manages URL queries through a privacy-preserving URL-matching scheme. The server groups links by domain, allowing clients to request a single bucket for domain-specific path components, and generates a ruleset to balance bucket sizes. To safeguard client queries, AMD's SEV-SNP technology creates a confidential virtual machine (CVM) that processes hash prefixes securely, generating attestation reports for integrity verification. The use of Oblivious RAM and Oblivious HTTP (OHTTP) enhances privacy by preventing exposure of memory access patterns and stripping identifying information from client requests. The lifecycle of an ABP request includes pre-processing phases where the server updates the URL database and computes rulesets, followed by client requests that involve calculating bucket identifiers, sending encrypted requests through a proxy, and checking for unsafe URLs based on server responses.

Tech Optimizer

March 1, 2026

Surfshark is one of the few VPNs to offer a real antivirus solution

Users are increasingly focused on the effectiveness of their security software alongside the number of streaming services they use. Leading VPN providers are responding by offering comprehensive packages that combine VPN capabilities with antivirus features. Surfshark has introduced Surfshark One, which integrates its VPN service with proprietary antivirus software. This solution is designed to provide a comprehensive cybersecurity experience within a single application. To access the antivirus feature, users must subscribe to the Surfshark One plan, which offers quick and full scans, customizable scanning options, and scheduled scans. Detected threats are quarantined and deleted after 60 days. The antivirus includes Cloud Protect for continuous defense against malware, updating its database every three hours, and provides 24/7 malware protection. Surfshark One also includes additional tools such as Alternative ID for safeguarding user information, Surfshark Alert for notifications about compromised sensitive information, and Surfshark Search for ad-free browsing. Surfshark's VPN offers access to over 4,500 servers and supports unlimited devices. Surfshark One differs from other VPN packages by providing essential tools for post-compromise care and customizable security settings. Competitors like ExpressVPN and NordVPN offer tiered pricing structures with advanced security features in higher-tier plans. To acquire Surfshark One, users can visit the Surfshark website and choose from various subscription plans. The cost difference between the Surfshark Starter plan and Surfshark One is minimal, with Surfshark One starting at .49 per month. Surfshark One+ includes additional features like personal data removal and identity theft coverage. Only a few providers currently offer both VPN and antivirus capabilities, including Surfshark, Private Internet Access, and CyberGhost.

Winsage

February 20, 2026

Facebook ads spread fake Windows 11 downloads that steal passwords and crypto wallets

Attackers are using social media advertising, specifically paid Facebook ads, to promote a malware campaign disguised as legitimate Microsoft promotions. They create near-exact replicas of the official Windows 11 download page to lure users into downloading malicious software. The deceptive domains used include ms-25h2-download[.]pro and ms-25h2-update[.]pro. The malware campaign employs geofencing to selectively target victims, redirecting security researchers to benign sites while delivering malware to unsuspecting users. The malicious file, named ms-update32.exe, is hosted on GitHub and mimics the size of a legitimate Windows installer. Once executed, it checks for monitoring tools and, if none are detected, installs an application named "Lunar" that collects sensitive data, including cryptocurrency wallet information. The malware maintains persistence by writing data to the Windows registry and employs various obfuscation techniques to evade detection. The attackers run parallel ad campaigns with different Facebook Pixel IDs to ensure continued operation even if one is suspended. Indicators of compromise include specific file hashes, domains, file system artifacts, and registry keys associated with the malware.

Tech Optimizer

February 19, 2026

How to Install McAfee Antivirus on Windows 11 or 10

Installing third-party antivirus software like McAfee on Windows 11 can be challenging due to the built-in Windows Security, which can complicate the installation process. Users may face issues such as silent failures from conflicting software, permission problems on restricted machines, or restrictions due to S Mode on new laptops. Windows 11 includes Windows Security, which is effective for malware protection, but McAfee may be necessary for compliance, additional features, or centralized protection for multiple devices. McAfee supports Windows 11 Home, Pro, and Education editions but not Enterprise. The minimum hardware requirements include a processor of 1 GHz or faster, at least 2 GB of RAM (4 GB recommended), 1.3 GB of free disk space, an internet connection for download and updates, and a display resolution of at least 1024×768. McAfee requires a persistent internet connection for activation and updates. Before installing McAfee, users should check if their device is in S Mode, as McAfee cannot be installed in this mode. They must remove any existing antivirus software completely, as leftover files can interfere with the installation. Users should also ensure that Windows 11 is up to date and verify that there is enough disk space available. To download McAfee, users should go directly to the McAfee trial page to avoid scams. After downloading, they need to run the installer and restart their computer after installation. Users should then activate McAfee, run a manual update, and conduct a full system scan. Common installation problems include freezes during download, errors due to S Mode, and issues with Windows Security not recognizing McAfee as the active antivirus. Users can verify that McAfee is functioning correctly by checking the system tray icon, Windows Security settings, and the McAfee dashboard. To uninstall McAfee, users should go to Settings > Apps > Installed Apps, select McAfee, and follow the prompts to remove it. After uninstallation, Windows Security will reactivate automatically. McAfee offers several plans for Windows users, including Basic, Essential, Premium, and Advanced, each with different features and device limits. The Basic plan is suitable for single-device users without additional needs, while families may benefit from the Essential or Premium plans.

AppWizard

January 31, 2026

Google takes down an invisible network that was secretly using your phone’s internet

Google has dismantled the IPIDEA residential proxy network, which had exploited millions of devices for cybercrime. This operation resulted in the liberation of approximately nine million Android devices and the removal of hundreds of compromised applications. IPIDEA's infrastructure was integrated into various software development kits (SDKs), allowing it to covertly enlist devices into its proxy pool. Google updated its Play Protect system to identify and eliminate affected applications and collaborated with partners to disrupt the network's underlying systems. The efforts led to a significant decrease in hijacked devices available for exploitation.

Tech Optimizer

January 26, 2026

AlloyDB managed connection pooling

AlloyDB for PostgreSQL is a fully managed database service designed for enterprise workloads, combining PostgreSQL's strengths with Google Cloud technology for enhanced performance, scalability, and availability. A new feature, managed connection pooling, addresses the challenges of inefficient database connection management, which can lead to performance degradation, resource exhaustion, and reliability issues. Managed connection pooling maintains a cache of active database connections, allowing applications to reuse connections instead of creating new ones for each request, thus reducing latency and resource consumption. This feature is tightly integrated into AlloyDB, simplifying operations and optimizing performance and security. It offers two configurable pooling modes: transaction mode, which maximizes reuse for short transactions, and session mode, which maintains a connection for the entire session. Enabling managed connection pooling can increase transactions per minute by up to five times, support over three times more concurrent connections, decrease connection latency, and improve reliability during traffic spikes. UKG, a provider of HR solutions, has adopted this feature to enhance the performance and scalability of their applications. To enable managed connection pooling, users can activate it in the Google Cloud console and connect applications using standard PostgreSQL drivers to the designated port.

Winsage

December 18, 2025

China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware

A newly identified cyber threat cluster called LongNosedGoblin has been linked to cyber espionage attacks targeting governmental entities in Southeast Asia and Japan, with activities traced back to at least September 2023. The group uses Group Policy to spread malware and employs cloud services like Microsoft OneDrive and Google Drive for command and control. Key tools include NosyHistorian, NosyDoor, NosyStealer, NosyDownloader, and NosyLogger, which perform functions such as collecting browser history, executing commands, and logging keystrokes. ESET first detected LongNosedGoblin's activities in February 2024, identifying malware on a governmental system. The attacks showed a targeted approach, with specific tools affecting select victims. Additionally, a variant of NosyDoor was found targeting an organization in an EU country, indicating a possible connection to other China-aligned threat groups.