security alert Archives

AppWizard

June 17, 2025

android users malware stay alert

A new strain of malware called "Crocodilus" is targeting Android users, designed to steal funds. It spreads through advertisements on social media that entice users to download an app with promises of rewards. Once installed, the malware can modify the user's contact list, adding numbers under trustworthy names like "Bank Support" to deceive victims. Security experts from Threat Fabric warn that this malware represents a significant threat and recommend that users only download apps from trusted sources like the Google Play Store, and to verify app developer credentials and user reviews before installation.

Winsage

April 13, 2025

Week in review: Microsoft patches exploited Windows CLFS 0-day, WinRAR MotW bypass flaw fixed

Microsoft addressed over 120 vulnerabilities during its April 2025 Patch Tuesday, including a critical zero-day vulnerability (CVE-2025-29824) that is actively exploited. WinRAR users are urged to update to version 7.11 due to a vulnerability (CVE-2025-31334) that allows attackers to bypass Windows' Mark of the Web security feature. Chief Information Security Officers (CISOs) are experiencing security platform fatigue due to the proliferation of multiple security tools. President Donald Trump signed an Executive Order revoking security clearances for Chris Krebs and his colleagues at SentinelOne. Cyber crisis simulations are becoming essential for organizational preparedness against evolving cyber threats. Fortinet has released patches for vulnerabilities, including a critical flaw (CVE-2024-48887) in FortiSwitch appliances. WhatsApp users should update their Windows client app to fix a vulnerability (CVE-2025-30401) that could allow harmful code execution. Kevin Serafin, CISO at Ecolab, discussed aligning security initiatives with business objectives. There is a rise in compromised large language model (LLM) attacks and risks associated with AI autonomy. New open-source tools like the YES3 Scanner and APTRS have been developed to enhance security capabilities. The cybersecurity job market remains strong, with increasing demand for skilled professionals.

Winsage

December 28, 2024

This Windows 11 bug can stop your security updates — here’s how to avoid it

Windows 11, version 24H2 has a security issue affecting updates released between October 8 and November 12, which may prevent further security updates and leave devices vulnerable. The latest version released on December 10 allows users to create installation discs or USB keys to ensure ongoing security updates. Alternatively, users can update directly through Windows Update or the Microsoft Update Catalog for better security and performance. If currently using Windows 11 installed via disc or USB with the October or November updates, upgrading to version 24H2 is recommended. Windows 10 Home and Pro will reach end of life on October 14, 2025, after which Microsoft will stop providing updates. Users are advised to upgrade to Windows 11 before this deadline.

AppWizard

December 23, 2024

Urgent Android warning for anyone who uses Amazon – delete dangerous app now

McAfee's security team discovered a malicious app named "BMI CalculationVsn" in Amazon's Android Appstore, which pretended to be a health tracker but was capable of screen recording, password theft, and accessing private SMS messages. Following the report, Amazon removed the app from its platform, and users who downloaded it are advised to uninstall it immediately. McAfee recommends that Android users install reliable antivirus software, scrutinize permission requests before downloading apps, and monitor app behavior for unusual activity to enhance their security.

Winsage

December 15, 2024

Dangerous New Windows Drive-By Security Alert—What You Need To Know

Cloak ransomware, emerging in 2022, has quickly become a significant threat in the cyber landscape, with a new variant raising concerns due to its advanced capabilities. The group uses initial access brokers and social engineering techniques, including phishing and malicious advertising, to gain network access. The ransomware employs a drive-by download method, disguising itself as legitimate system updates. Cloak may have connections to the Good Day ransomware group and utilizes a variant derived from leaked Babuk ransomware source code. Once delivered, it employs sophisticated mechanisms for extraction and privilege escalation, terminating security processes and modifying system settings to hinder recovery. The encryption process uses Curve25519 and SHA512 algorithms, and it exhibits advanced evasion techniques. Cloak ensures payload persistence by altering Windows registry entries and restricting user actions, disrupting essential system utilities and leading to operational downtime. Its extortion tactics include disguising ransom notes as desktop wallpapers and employing intermittent encryption to maximize damage. The ransomware deletes shadow copies and backups, complicating recovery efforts. Cloak also utilizes a data leak site to publish or sell stolen data if ransom demands are not met, claiming a ransom payment success rate of 91% to 96%. Windows users are advised to implement comprehensive security measures to reduce the risk of attacks.

AppWizard

November 26, 2024

Security Alert Issued Against Surge of ‘Spyloan’ Android Apps On The Play Store

A recent investigation by McAfee has identified over a dozen deceptive applications on the Android Play Store that pose as legitimate loan providers. These apps, known as Spyloan apps, are scams that exploit users by accessing sensitive personal data, potentially leading to extortion. They mimic reputable platforms and use marketing tactics to create a false sense of urgency. Privacy agreements associated with these apps can be invasive, allowing access to users' messages, contacts, and call history, and in some cases, the device's camera. Victims of these scams have faced severe consequences, including blackmail and threats. The fraudulent applications have a global reach, affecting countries such as Indonesia, Mexico, and Colombia. Google has removed several of these apps, while others have been modified to avoid detection. McAfee advises users to check developer details and read user reviews to avoid scams.

Winsage

September 28, 2024

Google Chrome Security Alert: Indian Govt Issues Major Warning For Windows And Mac Users – News18

The Indian government issued a security alert on September 26 regarding vulnerabilities in Google Chrome, as announced by the Indian Computer Emergency Response Team (CERT-In). Users on Windows, macOS, and Linux are at risk, particularly those using versions prior to 129.0.6668.70/.71 for Windows and Mac, and prior to 129.0.6668.70 for Linux. The vulnerabilities could allow remote attackers to execute arbitrary code and crash the application, stemming from issues such as Type Confusion in V8, Use after Free in Dawn, Integer Overflow in Skia, and inappropriate implementation in V8. Users are advised to update their browsers to the latest version to mitigate these risks.