scanning Archives

Tech Optimizer

May 19, 2025

How to catch and optimize problematic queries in PostgreSQL

Performance issues in PostgreSQL can arise as databases grow, leading to declines in query performance. To identify problematic queries, one can log long-running queries by setting the `log_min_duration_statement` parameter in the `postgresql.conf` file. The `pg_stat_statements` module can be enabled to monitor execution statistics of SQL statements, providing insights into query performance, including execution time and the number of calls. Queries with high standard deviation in execution time may indicate inconsistency, while sorting query statistics by total execution time can reveal excessive load from multiple fast queries. Real-time monitoring can be done using the `pg_stat_activity` view to check active queries and their states, and the `pg_locks` view can help identify blocked processes. The `EXPLAIN` command can analyze query execution plans, and using the `auto_explain` module can log plans for slow queries. Understanding cost parameters in query plans helps in optimizing performance, and different join methods (Nested Loop, Merge Join, Hash Join) have varying complexities and costs. To influence the planner's choice of scanning methods, configuration parameters can be adjusted, such as disabling sequential scanning. Extensions like `sr_plan`, `pg_hint_plan`, and `AQO` can further optimize query execution. Monitoring query progress can be done using dynamic views like `pg_stat_progress_*` for various commands.

Tech Optimizer

May 18, 2025

Defendnot tool pitched as ‘an even funnier way’ to disable Windows Defender

A new tool called Defendnot, developed by es3n1n, allows users to disable Windows Defender by using an undocumented Windows Security Center (WSC) API to simulate the presence of another antivirus program. This tool is a successor to the no-defender tool, which was taken down due to legal issues. Defendnot does not use third-party antivirus code and aims for a clean implementation. It disables Microsoft Defender upon activation, leaving users vulnerable to malware as it does not provide real-time scanning. Defendnot is designed to run automatically at Windows startup. Microsoft classifies Defendnot as a Trojan, raising concerns about its potential misuse by malicious actors.

Tech Optimizer

May 18, 2025

Do I need antivirus software for Windows 11?

Windows 11 accounts for nearly 44% of global desktop users as of April 2025, making it a prime target for cybercriminals, with 83% of malware in 2020 aimed at Windows systems. Microsoft Defender, which comes pre-installed with Windows 11, offers commendable malware protection, basic ransomware protection, a SmartScreen feature for anti-phishing, and a firewall that monitors network traffic. While it provides a solid foundation for security, additional third-party antivirus software can enhance protection, offering more comprehensive features such as superior parental controls, integrated VPN services, and identity theft protection.

Tech Optimizer

May 17, 2025

Do You Really Need Antivirus on Windows 11? Probably Not—Here’s Why

Windows 11 has robust built-in security features that may reduce the need for third-party antivirus software. Windows Security now offers comprehensive protection, including real-time malware detection, firewall protection, SmartScreen alerts, hardware-level security, account monitoring, and system health reports. According to AV-TEST results from January and February 2025, Microsoft Defender Antivirus scored 6.0/6.0 in protection, performance, and usability, effectively stopping advanced malware and phishing attempts with minimal system resource usage. Users of Microsoft Edge benefit from SmartScreen filtering, while those using other browsers receive system notifications for network protection. Basic digital hygiene practices, such as avoiding suspicious downloads and keeping software updated, are crucial for security. Third-party antivirus solutions may offer additional features but can lead to performance issues and privacy concerns. For casual users who maintain their systems and practice safe browsing, Windows Security is generally sufficient, while those handling sensitive information or needing advanced features may consider premium antivirus options.

Tech Optimizer

May 16, 2025

Best antivirus software for Windows 2025, tried and tested

Antivirus software has been a common tool for PC users over the past two decades, with many opting for third-party solutions for enhanced protection despite Windows 11's built-in features. User behavior significantly impacts computer security, emphasizing the importance of avoiding unknown links and not reusing passwords. Antivirus packages are designed to combat threats like ransomware, spyware, and viruses. The evaluation process for antivirus applications involved testing on a Windows 11 PC with simulated virus attacks and scanning the SSD for performance metrics. The top antivirus apps for 2025 include BitDefender Total Security (£49.99), Avira Free (free), Malwarebytes Plus (£49.99), and Sophos Home Premium (£37.46).

Tech Optimizer

May 14, 2025

Best Antivirus Software (2025): ESET Recognized as Top Cybersecurity Solution by Software Experts

ESET is recognized as a leading antivirus provider in 2025, known for its robust security solutions that effectively combat rising cyber threats such as phishing, ransomware, and zero-day exploits. The company's offerings include heuristic and behavioral detection, ransomware and phishing protection, exploit blocker technology, and low resource usage, ensuring minimal impact on system performance. ESET provides various products for home users, including ESET HOME Security Essential, Premium, and Ultimate, as well as a Small Business Security package for up to 25 devices and scalable solutions for larger organizations. Pricing for home products starts at .99/year, with multi-device and multi-year discounts available. ESET operates in over 200 countries, utilizing a global network for real-time threat intelligence and maintaining a commitment to effective digital security since its establishment in 1992.

AppWizard

May 14, 2025

Marbled Dust leverages zero-day in Output Messenger for regional espionage

Since April 2024, the threat actor Marbled Dust has been exploiting a zero-day vulnerability (CVE-2025-27920) in the Output Messenger chat application, targeting user accounts that have not applied necessary fixes. This exploitation has resulted in the collection of sensitive data from users in Iraq, specifically linked to the Kurdish military. Microsoft has high confidence in this assessment and notes that Marbled Dust conducts reconnaissance to identify potential targets using Output Messenger. Marbled Dust has successfully utilized this vulnerability to deploy malicious files and exfiltrate data. Microsoft notified the application’s developer, Srimax, about the vulnerability, leading to the release of a software update. A second vulnerability (CVE-2025-27921) was also found, but no exploitation of this second flaw has been observed. The zero-day vulnerability allows an authenticated user to upload malicious files to the server's startup directory. Marbled Dust has exploited this flaw to place a backdoor file, OMServerService.vbs, in the startup folder, enabling them to access communications and sensitive data indiscriminately. The attack chain begins with Marbled Dust gaining access to the Output Messenger Server Manager, likely through DNS hijacking or other credential interception techniques. Once inside, they exploit the vulnerability to drop malicious files, including a GoLang backdoor, which connects to a Marbled Dust command-and-control domain for data exfiltration. To mitigate this threat, Microsoft recommends updating to the latest version of Output Messenger, activating various security protections, and implementing rigorous vulnerability management strategies. Microsoft Defender XDR customers can identify potential threat activity through specific alerts related to Marbled Dust and utilize advanced hunting queries for detection. Indicators of compromise include traffic to the domain api.wordinfos[.]com, associated with Marbled Dust activities.

AppWizard

May 13, 2025

Google announces new security features for Android for protection against scam and theft

Google unveiled new security and privacy features for its Android platform, focusing on safeguarding calls, screen sharing, messages, device access, and system-level permissions. Key measures include blocking unsafe actions during calls with unknown contacts, restrictions on side-loading apps from unverified sources, and limiting accessibility permissions to prevent scams. Users on Android 6 or later will not be able to disable Google Play Protect, which scans for harmful applications. Enhanced screen-sharing protection includes reminders to stop sharing after calls and a warning screen for banking apps when sharing with unknown numbers. Google Messages will improve scam detection using on-device AI for various fraud types. Verification keys in the Google Contacts app will allow users to authenticate contacts, with end-to-end encryption for verified conversations. Identity Check protection requiring biometric authentication will be extended to more devices, and stricter controls on Factory Reset functions will be implemented. Google is also enhancing its Play Protect program to detect unsafe apps and strengthening Advanced Protection Mode for public figures, along with introducing a new Find My Hub feature.

AppWizard

May 13, 2025

Your Android phone is getting a huge security upgrade for free

Google has introduced a suite of security tools for Android users to protect against various threats, including: 1. Protection against Scam Calls: Alerts users to potential scam calls and blocks harmful actions, focusing on disabling Google Play Protect, preventing sideloading of unverified apps, and restricting accessibility permissions. 2. In-call Protections for Banking Apps: A feature that warns users when they open banking apps while sharing their screen with unknown callers, starting in the UK, and automatically enabled for participating banks on devices running Android 11 or higher. 3. Improved Scam Detection in Google Messages: Enhanced scam detection capabilities that now cover a wider range of scams, including toll road, cryptocurrency, financial impersonation, gift card, and technical support scams. 4. Better Encryption for Text Messages via Key Verifier: A tool that allows users to confirm contacts' identities through public encryption keys, enhancing privacy and security. 5. Stronger Mobile Phone Theft Protection: Expanded theft protection features, including the Identity Check tool, restrictions on unauthorized factory resets, and obscured one-time passwords on the lock screen. 6. Advanced Protection for Mobile Devices: An Advanced Protection Program offering cryptographic verification for all login operations, available on devices running Android 16. 7. Improvements to Google Play Protect: Upgrades to identify malicious apps before installation and live threat detection to alert users of suspicious app behavior. 8. Enhancing Overall Android Security: Ongoing commitment to improve Android security through regular updates and new tools to protect users from evolving cyber threats.

AppWizard

May 13, 2025

Your Android phone will soon warn you about that sketchy app sneakily changing icons

Google Play Protect is set to enhance its security features to better defend against malicious applications. The upcoming update will include the ability to detect changes in app icons, alerting users when an app alters its icon, a tactic used by malicious developers. Additionally, Google Play Protect will improve its on-device malware detection capabilities by implementing new rules to identify specific text or binary patterns associated with known malware families. These enhancements aim to provide users with timely alerts before installing potentially harmful applications, significantly reducing the risk of malware. The new icon detection feature will roll out in the coming months, initially available on the Pixel 6 series and select devices from other manufacturers. The on-device rules will be updated regularly to address emerging threats, and the enhanced malware scanning capability will be accessible to all Android users with Google Play Services.