scanning Archives

AppWizard

May 4, 2026

Hacker tracks Australian police using Android app

Australian police officers can potentially be tracked through publicly available Bluetooth applications due to a design flaw in tasers and body-worn cameras manufactured by Axon. A hacker demonstrated this vulnerability by using Android apps to detect nearby Bluetooth devices, revealing the location of police equipment, including model and serial numbers. The flaw arises from the failure to implement MAC address randomization, which could enhance security. The hacker developed software capable of tracking devices from over 400 meters away, raising concerns about the potential for criminal activities targeting police. Despite warnings to various police agencies, responses indicated confidence in existing security measures, although similar risks have been noted in the US, leading to the cessation of Axon body camera use by US Border Patrol agents. The vulnerability is considered a hardware-level issue, requiring significant redesign efforts from Axon to address it.

AppWizard

May 2, 2026

Google Clock’s alarm failed me so I found 5 better apps to wake me up

Google Clock may not effectively wake heavy sleepers. Alternatives include: - Chrono: An open-source alarm app with customizable alarms and a Tasks section that requires users to complete challenges before dismissing the alarm. - Sleep As Android: A comprehensive sleep health app that tracks sleep patterns and offers wake-up tasks (CAPTCHAs) and a Smart Wake Up feature for a gentler waking experience. - NFC Alarm Clock: A lightweight app that allows users to disable alarms using NFC tags placed around the home, promoting physical activity to get out of bed. - Alarmy: An app designed for heavy sleepers, featuring various wake-up tasks, including physical challenges and notifications, to ensure users wake up. - Sun Alarm: An app that allows users to set alarms for astronomical events like sunrise, suitable for photographers and weekend mornings.

AppWizard

April 30, 2026

Minecraft Players Targeted by LofyStealer Using Node.js Loader and In-Memory Browser Injection

A new infostealer malware called LofyStealer is targeting the gaming community, particularly Minecraft players, by disguising itself as a cheat tool named “Slinky.” It employs a two-stage attack to extract sensitive information from eight major web browsers, including Chrome and Firefox, while evading detection by security software. The malware siphons off cookies, saved passwords, payment card information, and session tokens. Researchers at Zenox.ai identified LofyStealer, linking it to the Brazilian cybercrime group LofyGang, which has been active since October 2022. The malware uses social engineering tactics to appear legitimate and operates as a Malware-as-a-Service platform, offering both Free and Premium tiers to buyers. Its technical sophistication is evident in its method of in-memory browser injection, which allows it to bypass security defenses. The stolen data is compressed and sent to a command-and-control server. Users are advised to avoid downloading unofficial game mods and enable multi-factor authentication to reduce the risk of credential theft. Security teams should monitor for specific behavioral indicators related to the malware's operations.

AppWizard

April 30, 2026

Sharing Files From Your Android Phone Just Got Easier With This Free App

Nothing Warp is an app that enables seamless file transfers between any Android device and a computer, compatible with any Android smartphone and computers with a Chromium-based browser. It connects an Android device to a browser extension on a computer using the internet for file sharing. Users can transfer files by tapping the share button on their device and selecting Nothing Warp, or by clicking the Upload button in the browser extension to send files from the computer to the Android device. Currently in Beta testing, Nothing Warp requires a Google account for operation and does not store files, ensuring privacy. Users must install both the mobile app and the browser extension, sign in with the same Google account, and grant necessary permissions for Google Drive access to use the service.

AppWizard

April 29, 2026

Your Android Camera Can Do More Than Just Take Photos And Videos

Android devices are enhanced by powerful apps that improve photography and introduce advanced features. The Android camera is versatile, serving various roles beyond image capture. The Instant Heart Rate app allows users to measure their heart rate using the camera by placing a finger over the lens for ten seconds, providing heart rate data and a PPG graph. Accessibility apps like Microsoft Seeing AI and Google Lookout assist vision-impaired users by identifying objects and reading text. The Yuka app scans barcodes of food and cosmetic products to provide health scores and suggest healthier alternatives. Google Maps features Lens in Maps, which offers real-time navigation using the camera. Skin analysis tools like MySkin by Cetaphil and Neutrogena Skin360 allow users to assess their skin health through the camera.

AppWizard

April 25, 2026

NoVoice malware hit 2.3 million Android devices through apps Google never should have approved

McAfee researchers discovered a complex Android rootkit campaign, dubbed Operation NoVoice, that infiltrated 50 applications on Google Play, exploiting vulnerabilities in the kernel that had been patched but not uninstalled. The malware was resilient enough to survive factory resets and was concealed within seemingly benign apps, which collectively garnered 2.3 million downloads. The malicious payload was hidden in the com.facebook.utils package and used steganography to embed an encrypted payload within a PNG image. The malware conducted multiple checks to avoid detection and established contact with a command-and-control server, polling for exploit packages every 60 seconds. It utilized 22 distinct exploits, including vulnerabilities that had received patches between 2016 and 2021. The malware disabled SELinux enforcement and installed a persistent rootkit that could survive factory resets. Google confirmed the removal of the infected apps but noted that users who had already downloaded them remained at risk, especially if their devices were running unpatched Android versions. McAfee advised affected users to treat their devices as compromised and consider professional inspection or hardware-level storage wiping for remediation.

Winsage

April 24, 2026

Microsoft to roll out Entra passkeys on Windows in late April

Microsoft will introduce passkey support for phishing-resistant passwordless authentication on Microsoft Entra-protected resources starting in late April, with broader availability expected by mid-June 2026. This feature will allow passwordless sign-in on unmanaged Windows devices and will support various device types, including corporate, personal, and shared options. Administrators can manage passkeys through Conditional Access and Authentication Methods policies. Users can create device-bound passkeys stored securely within the Windows Hello container, using methods like facial recognition, fingerprint scanning, or a PIN. The passkeys will adhere to FIDO2 standards and will be securely bound to individual devices, preventing transmission over the network to enhance security against phishing and malware attacks. Microsoft has also announced plans for mandatory multifactor authentication registration for Entra tenants by October 2024 and that all new accounts will be passwordless by default starting in May 2025.

Tech Optimizer

April 24, 2026

Fileless Malware and Email Authentication Gaps

Fileless malware operates stealthily within networks, utilizing legitimate system tools like PowerShell and Windows Management Instrumentation (WMI) to execute malicious code in memory without leaving traces on disk. Traditional antivirus solutions struggle to detect these threats due to their reliance on file signatures. The primary vector for fileless malware is email, where attackers use spoofed messages to trick users into activating malicious scripts. Misconfigurations in Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) records create vulnerabilities that attackers exploit to deliver spoofed emails. Traditional endpoint protection mechanisms are inadequate against fileless attacks, necessitating a shift towards behavioral analysis for detection. Organizations must assess their preparedness by ensuring proper email authentication configurations and enhancing endpoint security capabilities. Integration among security teams and updated employee security awareness programs are also essential. Sendmarc helps organizations mitigate vulnerabilities by providing visibility into SPF, DKIM, and DMARC configurations and enforcing DMARC to block unauthenticated messages.

Tech Optimizer

April 24, 2026

Microsoft Says You Don’t Need A Third-Party Antivirus App Anymore

Microsoft Defender Antivirus effectively addresses everyday security risks for many Windows 11 users without the need for additional software. It is active by default, integrated into the OS, and continuously updated. Windows 11 includes various security features, such as Microsoft Defender SmartScreen, Smart App Control, and Controlled Folder Access, which protect against unsafe links, untrusted applications, and unauthorized data modifications. Microsoft Defender scans files upon access and monitors system processes for threats, utilizing cloud capabilities to address emerging risks. While many users find Microsoft Defender adequate, experts note it may not meet everyone's needs, particularly in enterprise environments. Reviews have pointed out shortcomings, such as low phishing detection and inadequate ransomware protection, with a protection accuracy rating of 93 percent compared to some paid alternatives that achieved 100 percent.

Tech Optimizer

April 24, 2026

Is Microsoft defender enough to protect Windows?

The operating system on devices manages background tasks, with security being a key focus. Microsoft has improved Microsoft Defender, its pre-installed antivirus software, and now recommends it as a viable protection option for users. Microsoft Defender Antivirus is effective against everyday security risks for many Windows 11 users without needing additional software. It is deeply integrated into the operating system, continuously updated, and works alongside other security features to protect against hacking techniques, unsafe links, and untrusted applications. Microsoft Defender SmartScreen alerts users to suspicious content, while Smart App Control and Controlled Folder Access provide additional protections. Microsoft emphasizes the need to enable security features and keep devices updated. While many users find Defender adequate, experts note it has limitations, particularly in phishing detection and ransomware protection, with a protection accuracy rating of 93 percent, which is lower than some paid alternatives. For users handling sensitive tasks, a third-party antivirus solution is recommended for better protection.