scans Archives

Tech Optimizer

May 20, 2025

Bitcoin stealer malware found in official printer drivers

Procolored, a printer manufacturer based in Shenzhen, has been accused of distributing malware designed to steal Bitcoin through its printer drivers. The malware, embedded in USB drivers, has reportedly stolen approximately 9.3 BTC, valued at over 3,000. A backdoor program in the compromised drivers can hijack wallet addresses copied to the clipboard. Users are advised to conduct system scans and consider a complete system reset. The issue was first highlighted by YouTuber Cameron Coward, whose antivirus software flagged the malware. Procolored denied the allegations but later acknowledged the problem, stating they removed the infected drivers and attributed the malware to a supply chain compromise. Cybersecurity firm G-Data confirmed the presence of two types of malware in the drivers.

AppWizard

May 20, 2025

Best Android Security Apps for Enterprise and Personal Use

Android holds a 71.65% market share as the leading mobile operating system. In 2025, users face sophisticated cyber threats such as ransomware and phishing scams. Android Enterprise provides a multi-layered defense system validated by the U.S. Department of Defense, featuring AI-driven threat detection that blocks 99.8% of malware through 100,000 daily app scans. It supports three device management models: Fully Managed Devices (COBO), Work Profiles (BYOD), and Dedicated Kiosk Mode. Recent enhancements include automated security patch deployment and hardware-backed key attestation. Leading Mobile Device Management (MDM) solutions include TinyMDM, which offers real-time location tracking and remote device wiping, and integrates with Microsoft Intune for conditional access. Harmony Mobile combines app reputation scanning with network-level phishing prevention. Emerging trends in enterprise security include AI-powered anomaly detection, with 42% of enterprises adopting Zero Trust principles, and rugged device management optimized for industrial environments. For personal protection, Bitdefender Mobile Security leads AV-Test rankings, Kaspersky Premium blocks 5.6 million malware attacks monthly, and Norton 360 Deluxe includes biometric app locking. Privacy tools like ExpressVPN and DuckDuckGo Privacy Browser enhance user security. Google's Project Zero reports a 35% decline in critical Android vulnerabilities, attributed to improved patch adoption. The convergence of enterprise and personal security solutions is emphasized, with a focus on AI/ML integration for enterprises and comprehensive protection suites for individuals.

AppWizard

May 20, 2025

Preventing App-Based Threats on Android Devices

By 2025, the Android platform faces increasingly sophisticated app-based threats, including ransomware, fake apps, social engineering, and remote access attacks. Cybercriminals exploit Android's open architecture, prompting the need for advanced security measures. Android's security architecture includes: 1. Google Play Protect: Scans applications before installation using real-time machine learning to detect emerging malware and deceptive tactics. 2. Application Sandboxing: Isolates apps to prevent data access between them, utilizing Linux permissions and SELinux policies. 3. App Signing and Code Integrity: Requires cryptographic signatures for apps, complicating the introduction of rogue certificates and runtime modifications. Advanced protections include Runtime Application Self-Protection (RASP) for high-security apps, which monitors behavior in real time, and secure coding practices that encourage regular code reviews, strong authentication, and data encryption. User vigilance is crucial, emphasizing responsible downloading, limiting permissions, keeping software updated, enabling two-factor authentication, and being cautious with public Wi-Fi. Google continuously updates security measures, ensuring older devices receive new protections, while collaboration with the security community aids in identifying and countering emerging threats.

Tech Optimizer

May 19, 2025

How to catch and optimize problematic queries in PostgreSQL

Performance issues in PostgreSQL can arise as databases grow, leading to declines in query performance. To identify problematic queries, one can log long-running queries by setting the `log_min_duration_statement` parameter in the `postgresql.conf` file. The `pg_stat_statements` module can be enabled to monitor execution statistics of SQL statements, providing insights into query performance, including execution time and the number of calls. Queries with high standard deviation in execution time may indicate inconsistency, while sorting query statistics by total execution time can reveal excessive load from multiple fast queries. Real-time monitoring can be done using the `pg_stat_activity` view to check active queries and their states, and the `pg_locks` view can help identify blocked processes. The `EXPLAIN` command can analyze query execution plans, and using the `auto_explain` module can log plans for slow queries. Understanding cost parameters in query plans helps in optimizing performance, and different join methods (Nested Loop, Merge Join, Hash Join) have varying complexities and costs. To influence the planner's choice of scanning methods, configuration parameters can be adjusted, such as disabling sequential scanning. Extensions like `sr_plan`, `pg_hint_plan`, and `AQO` can further optimize query execution. Monitoring query progress can be done using dynamic views like `pg_stat_progress_*` for various commands.

Tech Optimizer

May 19, 2025

A spoof antivirus makes Windows Defender disable security scans

A researcher known as es3n1n explored Windows security mechanisms to bypass antivirus software validation checks in the Windows Security Center (WSC). He used tools like dnSpy and Process Monitor to analyze how legitimate antivirus solutions register with WSC. He confirmed that WSC validates the signatures of processes calling its APIs. Previously, es3n1n faced controversy when his project, no-defender, was removed from GitHub due to a DMCA takedown request from a software vendor.

Tech Optimizer

May 18, 2025

Do I need antivirus software for Windows 11?

Windows 11 accounts for nearly 44% of global desktop users as of April 2025, making it a prime target for cybercriminals, with 83% of malware in 2020 aimed at Windows systems. Microsoft Defender, which comes pre-installed with Windows 11, offers commendable malware protection, basic ransomware protection, a SmartScreen feature for anti-phishing, and a firewall that monitors network traffic. While it provides a solid foundation for security, additional third-party antivirus software can enhance protection, offering more comprehensive features such as superior parental controls, integrated VPN services, and identity theft protection.

Tech Optimizer

May 17, 2025

Do You Really Need Antivirus on Windows 11? Probably Not—Here’s Why

Windows 11 has robust built-in security features that may reduce the need for third-party antivirus software. Windows Security now offers comprehensive protection, including real-time malware detection, firewall protection, SmartScreen alerts, hardware-level security, account monitoring, and system health reports. According to AV-TEST results from January and February 2025, Microsoft Defender Antivirus scored 6.0/6.0 in protection, performance, and usability, effectively stopping advanced malware and phishing attempts with minimal system resource usage. Users of Microsoft Edge benefit from SmartScreen filtering, while those using other browsers receive system notifications for network protection. Basic digital hygiene practices, such as avoiding suspicious downloads and keeping software updated, are crucial for security. Third-party antivirus solutions may offer additional features but can lead to performance issues and privacy concerns. For casual users who maintain their systems and practice safe browsing, Windows Security is generally sufficient, while those handling sensitive information or needing advanced features may consider premium antivirus options.

AppWizard

May 14, 2025

Google Will Prevent Unknown App Downloads During Calls On Android 16

Google has introduced Advanced Protection for Android devices, aimed at enhancing security for users, especially those in public-facing roles. This feature was showcased on May 13, 2025, and will be released with Android 16 in June. Key functionalities include an Offline Device Key, Theft Detection, and Play Protect. Advanced Protection will restrict sideloading applications and downloading from third-party sources. It also blocks downloads from unknown sources during active phone calls and restricts access to banking applications during calls. Users will be unable to share screens with third-party applications while on calls. The initiative is currently being tested in various countries.

AppWizard

May 13, 2025

Google announces new security features for Android for protection against scam and theft

Google unveiled new security and privacy features for its Android platform, focusing on safeguarding calls, screen sharing, messages, device access, and system-level permissions. Key measures include blocking unsafe actions during calls with unknown contacts, restrictions on side-loading apps from unverified sources, and limiting accessibility permissions to prevent scams. Users on Android 6 or later will not be able to disable Google Play Protect, which scans for harmful applications. Enhanced screen-sharing protection includes reminders to stop sharing after calls and a warning screen for banking apps when sharing with unknown numbers. Google Messages will improve scam detection using on-device AI for various fraud types. Verification keys in the Google Contacts app will allow users to authenticate contacts, with end-to-end encryption for verified conversations. Identity Check protection requiring biometric authentication will be extended to more devices, and stricter controls on Factory Reset functions will be implemented. Google is also enhancing its Play Protect program to detect unsafe apps and strengthening Advanced Protection Mode for public figures, along with introducing a new Find My Hub feature.

Tech Optimizer

May 11, 2025

Mac users once skipped antivirus software — here’s why that’s no longer a good idea

In 2024, 22 new Mac malware families emerged, up from 13 in 2022, indicating a rise in malware targeting macOS. Built-in security features include XProtect, which warns users about known malicious software; Gatekeeper, which prevents the installation of unsigned software; Sandboxing, which isolates applications to prevent unauthorized changes; Lockdown Mode, which restricts app functionality to protect user data; Safari protections against phishing and tracking; and password security measures that alert users about weak or compromised passwords. While Apple's built-in protections are robust, third-party antivirus software may provide additional security layers. Users are advised to practice good security habits, keep software updated, avoid unverified apps, and use a VPN on public Wi-Fi.