security breaches Archives

Winsage

May 29, 2025

Machines running Windows 10 — even the latest version of 22H2 — will no longer receive security patches and updates. While Windows 10 will continue to function, it won’t be secure.

October 14, 2025, marks the end of support for Windows 10, meaning devices running this OS will stop receiving security patches and updates. Since the end of 2022, Windows 10 has only received security patches without new features. While it will continue to function, its security will be compromised. Organizations may need to consult IT professionals before relying on unsupported operating systems. It is also advisable to assess older infrastructure that may depend on outdated operating systems. Upgrading to Windows 11, specifically version 24H2, is recommended before the October 2025 deadline, as unsupported operating systems pose significant security risks.

Winsage

May 28, 2025

All Windows users must ‘watch out’ and delete ‘Microsoft’ updates now

Windows 10 and Windows 11 users are experiencing a rise in phishing emails that appear to be from Microsoft, according to Action Fraud, the UK's national fraud and cybercrime reporting center. Over 250 users have reported receiving fraudulent messages claiming their devices are infected with malware, often encouraging them to click on malicious links. These emails may look credible, sometimes using legitimate Microsoft addresses. Action Fraud advises users to verify messages directly with organizations using official contact details and warns that legitimate institutions will never request personal information via email. Microsoft also states it does not send unsolicited emails or calls for personal information and recommends downloading software only from official sources.

Tech Optimizer

May 23, 2025

Cloudflare, Microsoft & police disrupt global malware service

Cloudflare, in collaboration with Microsoft and international law enforcement, has dismantled the infrastructure of LummaC2, an information-stealing malware service. This initiative led to the seizure and blocking of malicious domains and disrupted digital marketplaces used by criminals. Lumma Stealer operates as a subscription service providing threat actors access to a central panel for customized malware builds and stolen data retrieval. The stolen information includes credentials, cryptocurrency wallets, and sensitive data, posing risks of identity theft and financial fraud. Lumma Stealer was first identified on Russian-language crime forums in early 2023 and has since migrated to Telegram for distribution. Its proliferation is facilitated by social engineering campaigns, including deceptive pop-ups and bundled malware in cracked software. Cloudflare implemented measures to block access to Lumma's command and control servers and collaborated with various authorities to prevent the criminals from regaining control. Mitigation strategies for users include restricting unknown scripts, limiting password storage in browsers, and using reputable endpoint protection tools. The operation has significantly hindered Lumma's operations and aims to undermine the infostealer-as-a-service model contributing to cybercrime.

AppWizard

March 31, 2025

Android users ALERT! Google has an update but you need to stop installing THESE apps?

Google's AI-driven threat detection and security measures blocked approximately 2.36 million policy-violating applications from being released on the Play Store last year. In February, Google removed hundreds of malicious applications that were infecting devices with adware and malware. Over 50 times more Android malware originates from internet-sideloaded sources compared to those found on the Play Store. Google is expanding its Play Protect feature across all applications and the upcoming Android 15 will introduce live threat detection. Sophos warned about PJobRAT malware, which can steal SMS messages, contacts, and files from infected Android devices. Experts advise against sideloading apps unless their legitimacy and security are certain.

AppWizard

March 27, 2025

What Is Signal, the App Used by Trump Staff, and Is It Safe?

The Trump administration is under scrutiny for officials using the messaging app Signal for discussions about sensitive military operations, revealed in an article by Jeffrey Goldberg on March 24. Secretary of Defense Pete Hegseth and others discussed military actions in Yemen via Signal, despite prior warnings from the U.S. government against using such applications for official communications. Democratic lawmakers, including Senator Chuck Schumer, are calling for an investigation into potential national security breaches. Signal, launched in 2014, emphasizes privacy through end-to-end encryption and has gained popularity among activists. However, its use in government contexts is contentious, with previous reprimands for non-compliance with federal record preservation requirements. Concerns have been raised about sharing sensitive information on Signal, although intelligence officials stated that no classified information was exchanged in the Trump officials' conversations. The Pentagon has warned military personnel about using Signal due to risks from Russian hackers, and experts suggest that government-specific communication tools would provide a higher level of security.

Winsage

March 13, 2025

WinRing0: Why Windows is flagging your PC monitoring and fan control apps as a threat

On Tuesday morning, PC gamers received unexpected alerts from Windows Defender regarding a tool called WinRing0, which raised concerns about potential security breaches. This issue affected various hardware monitoring applications, including Razer Synapse, SteelSeries Engine, and MSI Afterburner, leading to erratic computer behavior after the HackTool was quarantined. Developers noted that WinRing0, while useful for accessing hardware data, has been flagged due to security vulnerabilities. Microsoft is under pressure to tighten software access to low-level hardware, prompting scrutiny of WinRing0. Some developers labeled the detection as a "false positive," arguing that their applications are not malicious. Timothy Sun's company developed a proprietary SMBus driver to avoid WinRing0, but this transition required significant resources. WinRing0 has been patched, but challenges remain in getting a new version signed by Microsoft. iBuyPower has expressed interest in pursuing a signed update for WinRing0, while companies like Razer and SteelSeries are working to eliminate reliance on it in their software updates.

Winsage

March 10, 2025

Microsoft: Don’t fall for unwanted apps on Windows 10, clean install Windows 11 ASAP

Microsoft has revised its support documentation to highlight the importance of recognizing unsafe applications on Windows 10 and encourages users to upgrade to Windows 11. Applications on a PC can be categorized into three groups: Clean apps (from the Microsoft Store or pre-installed), malware apps (from untrusted sources), and potentially unwanted apps (PUAs) which may not be malicious but can clutter user experience. Microsoft warns that after October 2025, Windows 10 will no longer receive updates, increasing vulnerability to cyber threats. Upgrading to Windows 11 enhances security with features like Smart App Control. To clean install Windows 11, users need the Media Creation Tool to create a bootable USB drive. The process involves downloading the tool, creating the USB, and then installing Windows 11 on the target PC. Users should ensure their PC meets the hardware requirements for Windows 11. After upgrading to Windows 11, users are advised to configure settings to block potentially unwanted applications by enabling options in the Privacy and Security settings. To minimize risks, it is recommended to download apps from the Microsoft Store, keep Windows 11 updated, and use the Microsoft Edge browser with SmartScreen.

Tech Optimizer

March 9, 2025

Do Macs Really Need Antivirus? The Truth About Mac Security in 2025

Mac users have historically believed their computers are immune to viruses and malware, but this notion may be outdated as cyber threats evolve. The rise in popularity of Macs has attracted cybercriminals, leading to the development of sophisticated malware and ransomware specifically targeting Mac operating systems. Phishing attacks have also become more prevalent, using impersonation tactics to extract sensitive information from users. Built-in security features like Gatekeeper and XProtect provide some protection, but experts now recommend considering third-party antivirus solutions for enhanced security, especially when handling private information, downloading from unverified sources, or using Macs in business environments. While some users worry that antivirus programs may slow down their systems, modern options are designed to be more efficient. Ultimately, the decision to use antivirus software depends on individual digital habits and risk tolerance.

Winsage

March 5, 2025

Microsoft To Remove DES Encryption from Windows 11 24H2 & Windows Server 2025

Microsoft plans to phase out the Data Encryption Standard (DES) encryption algorithm from Kerberos authentication in future Windows releases, specifically affecting Windows Server 2025 and Windows 11 version 24H2 after updates on or after September 9, 2025. This is part of Microsoft's Secure Future Initiative aimed at eliminating outdated encryption technologies. DES, established in 1977, has become vulnerable to security breaches and was integrated into Kerberos in 1993. While Windows has not relied solely on DES, it has been disabled by default since Windows 7 and Windows Server 2008 R2, although it remains available as an optional feature. After September 2025, affected systems will enter "DES in Kerberos Disabled Mode," making DES unsupported. Microsoft advises organizations to identify and address any existing DES usage before the deadline, recommending the use of PowerShell scripts to detect DES in security event logs and to disable it through Active Directory and Group Policy settings. Organizations should transition to more secure ciphers like the Advanced Encryption Standard (AES) and ensure compatibility with AES by changing passwords for accounts on older domain controllers.

AppWizard

March 4, 2025

Google Password Manager may be set to introduce a nuclear option for its Android app

Google is enhancing its Password Manager by introducing a 'delete all' option, allowing users to remove all saved credentials at once instead of individually. Screenshots indicate a new setting that reads, “Delete all data: From Google Password Manager, including passwords and passkeys.” Currently, users must delete their entire browser data to remove all passwords, which is not ideal. This feature is particularly useful for users migrating to different password managers. Although Google has not confirmed the rollout, the anticipation reflects the demand for better password management solutions.