NewApp Digest
search bot

robust security

Over 1,500 PostgreSQL Servers Hit by Fileless Malware Attack
Tech Optimizer
April 2, 2025

Over 1,500 PostgreSQL Servers Hit by Fileless Malware Attack

A malware campaign has compromised over 1,500 PostgreSQL servers using fileless techniques to deploy cryptomining payloads. The attack, linked to the threat actor group JINX-0126, exploits publicly exposed PostgreSQL instances with weak or default credentials. The attackers utilize advanced evasion tactics, including unique hashes for binaries and fileless execution of the miner payload, making detection difficult. They exploit PostgreSQL’s COPY ... FROM PROGRAM function to execute malicious payloads and perform system discovery commands. The malware includes a binary named “postmaster,” which mimics legitimate processes, and a secondary binary named “cpu_hu” for cryptomining operations. Nearly 90% of cloud environments host PostgreSQL databases, with about one-third being publicly exposed, providing easy entry points for attackers. Each wallet associated with the campaign had around 550 active mining workers, indicating the extensive scale of the attack. Organizations are advised to implement strong security configurations to protect their PostgreSQL instances.
This Antivirus Software Is So Strong That It Will Humiliate The Bad Guys Of The Cyber World (50% Off)
Tech Optimizer
April 1, 2025

This Antivirus Software Is So Strong That It Will Humiliate The Bad Guys Of The Cyber World (50% Off)

Bitdefender offers comprehensive protection against current and emerging online threats with a lightweight design that maintains device performance. It is currently providing a 50% discount on its multi-device bundles, including the Total Security bundle, which covers up to five devices across various platforms for an introductory price. The Internet Security and Antivirus Plus bundles are also available at discounted rates for Windows PCs. All bundles include features like File Shredder, Social Network Protection, and safe online banking through Safepay. Bitdefender utilizes advanced AI technology to predict and neutralize threats while optimizing device performance.
Avoid Downloading Apps From Untrusted Sources, Google Warns Android Users
AppWizard
March 31, 2025

Avoid Downloading Apps From Untrusted Sources, Google Warns Android Users

Google warns Android users about the risks of downloading apps from sources outside the Google Play Store, noting that such apps are 50 times more likely to contain malware. In 2023, Google removed around 2.3 million suspicious apps from the Play Store and banned over 300 apps that circumvented Android's security measures, which had over 60 million downloads and were involved in deceptive advertising and phishing schemes. Google is enhancing its Play Protect Live Threat Detection system to combat fake and dangerous apps. Recommendations for protecting phones include downloading apps only from the Google Play Store, checking reviews and ratings, installing security updates, and avoiding unknown links.
10 Facts you probably didn't know about Windows as Microsoft turns 50
Winsage
March 31, 2025

10 Facts you probably didn’t know about Windows as Microsoft turns 50

- Windows was originally named "Interface Manager" before being changed to "Windows" prior to its launch in 1985. - Early versions of Windows (1.0, 2.0, and 3.x) operated on top of MS-DOS and required users to boot into MS-DOS before launching the graphical interface. - The Briefcase folder was an early tool for synchronizing files between computers, which became obsolete with the rise of cloud storage solutions. - Prior to Windows XP, user profiles were basic and lacked robust security; full user accounts were implemented with Windows NT. - Several applications from Windows 1.0, including Calculator, Paint, Notepad, Clock, and Control Panel, are still present in Windows 11 in modernized forms. - The "Format" dialog in File Explorer has used the same code for over 30 years, although updates for FAT32 support are being developed. - TrueType fonts were introduced in Windows 3.1 in 1992 through a licensing agreement with Apple, improving font rendering quality. - The "Ctrl + Alt + Delete" shortcut was created by IBM engineer David Bradley as a debugging tool and later adopted by Microsoft for secure attention sequences in Windows NT. - Windows 1.0 required a minimum of 256KB of RAM at its launch in 1985, while Windows 11 requires at least 4GB.
Ahead of Signal leak, Pentagon warned of app's weaknesses
AppWizard
March 28, 2025

Ahead of Signal leak, Pentagon warned of app’s weaknesses

The Pentagon has issued a warning about the security of the messaging application Signal, advising against its use for any communications, including unclassified ones, due to concerns over hacking vulnerabilities following a significant leak. This advisory reflects an increased awareness of cybersecurity threats and the need for robust security measures in communications, prompting individuals and organizations to reconsider their reliance on Signal and explore alternatives.
Do Macs need antivirus? Debunking the security myth
Tech Optimizer
March 27, 2025

Do Macs need antivirus? Debunking the security myth

Many users believe that Macs are immune to cybersecurity threats, leading them to neglect protective measures. This perception originated from Apple's marketing and the historical lower targeting of Macs due to their smaller market share. However, as the popularity of Macs has increased, so has the development of malware aimed at macOS. Reports indicate that malware targeting Macs has now outpaced that targeting Windows on a per-device basis. While macOS includes strong security features like XProtect, Gatekeeper, and System Integrity Protection, these are not foolproof. XProtect only defends against known malware, leaving users vulnerable to new threats. Macs are susceptible to various types of malware, including adware, Trojans, and phishing attacks. Antivirus software is important for Macs as it protects against evolving malware, shields users from phishing and online scams, enhances privacy protection, and prevents cross-platform threats.
Trump administration used Signal app to discuss Houthi attack plans
AppWizard
March 26, 2025

Trump administration used Signal app to discuss Houthi attack plans

A journalist accessed classified U.S. military details regarding plans to engage with Houthi forces due to a security lapse in the Signal messaging application. The breach occurred when a user mistakenly shared confidential military documents through the app, emphasizing the risks of human error in secure communications. Signal is an encrypted messaging platform known for its user privacy and security, utilizing end-to-end encryption.
What is Signal messaging app? Can Bucks County, PA agencies use it
AppWizard
March 26, 2025

What is Signal messaging app? Can Bucks County, PA agencies use it

Signal is an encrypted messaging application owned by the nonprofit Signal Foundation, known for its end-to-end encryption. The app has drawn attention in a controversy in Bucks County, Pennsylvania, involving allegations that school board members used Signal to communicate after being instructed to retain records related to a Sunshine Act lawsuit. This has raised concerns about the potential destruction of evidence, as Signal's auto-delete feature may violate federal record retention laws. Additionally, during the Trump administration, Mike Waltz inadvertently included a journalist in a Signal chat discussing a military strike, raising questions about the appropriateness of using commercial messaging for sensitive government communications. The use of auto-deleting messages has sparked debate regarding public accountability and compliance with the Presidential Records Act, as many records must be retained for a minimum of two years.
Search