security breaches Archives

AppWizard

March 31, 2025

Android users ALERT! Google has an update but you need to stop installing THESE apps?

Google's AI-driven threat detection and security measures blocked approximately 2.36 million policy-violating applications from being released on the Play Store last year. In February, Google removed hundreds of malicious applications that were infecting devices with adware and malware. Over 50 times more Android malware originates from internet-sideloaded sources compared to those found on the Play Store. Google is expanding its Play Protect feature across all applications and the upcoming Android 15 will introduce live threat detection. Sophos warned about PJobRAT malware, which can steal SMS messages, contacts, and files from infected Android devices. Experts advise against sideloading apps unless their legitimacy and security are certain.

AppWizard

March 27, 2025

What Is Signal, the App Used by Trump Staff, and Is It Safe?

The Trump administration is under scrutiny for officials using the messaging app Signal for discussions about sensitive military operations, revealed in an article by Jeffrey Goldberg on March 24. Secretary of Defense Pete Hegseth and others discussed military actions in Yemen via Signal, despite prior warnings from the U.S. government against using such applications for official communications. Democratic lawmakers, including Senator Chuck Schumer, are calling for an investigation into potential national security breaches. Signal, launched in 2014, emphasizes privacy through end-to-end encryption and has gained popularity among activists. However, its use in government contexts is contentious, with previous reprimands for non-compliance with federal record preservation requirements. Concerns have been raised about sharing sensitive information on Signal, although intelligence officials stated that no classified information was exchanged in the Trump officials' conversations. The Pentagon has warned military personnel about using Signal due to risks from Russian hackers, and experts suggest that government-specific communication tools would provide a higher level of security.

Winsage

March 13, 2025

WinRing0: Why Windows is flagging your PC monitoring and fan control apps as a threat

On Tuesday morning, PC gamers received unexpected alerts from Windows Defender regarding a tool called WinRing0, which raised concerns about potential security breaches. This issue affected various hardware monitoring applications, including Razer Synapse, SteelSeries Engine, and MSI Afterburner, leading to erratic computer behavior after the HackTool was quarantined. Developers noted that WinRing0, while useful for accessing hardware data, has been flagged due to security vulnerabilities. Microsoft is under pressure to tighten software access to low-level hardware, prompting scrutiny of WinRing0. Some developers labeled the detection as a "false positive," arguing that their applications are not malicious. Timothy Sun's company developed a proprietary SMBus driver to avoid WinRing0, but this transition required significant resources. WinRing0 has been patched, but challenges remain in getting a new version signed by Microsoft. iBuyPower has expressed interest in pursuing a signed update for WinRing0, while companies like Razer and SteelSeries are working to eliminate reliance on it in their software updates.

Winsage

March 10, 2025

Microsoft: Don’t fall for unwanted apps on Windows 10, clean install Windows 11 ASAP

Microsoft has revised its support documentation to highlight the importance of recognizing unsafe applications on Windows 10 and encourages users to upgrade to Windows 11. Applications on a PC can be categorized into three groups: Clean apps (from the Microsoft Store or pre-installed), malware apps (from untrusted sources), and potentially unwanted apps (PUAs) which may not be malicious but can clutter user experience. Microsoft warns that after October 2025, Windows 10 will no longer receive updates, increasing vulnerability to cyber threats. Upgrading to Windows 11 enhances security with features like Smart App Control. To clean install Windows 11, users need the Media Creation Tool to create a bootable USB drive. The process involves downloading the tool, creating the USB, and then installing Windows 11 on the target PC. Users should ensure their PC meets the hardware requirements for Windows 11. After upgrading to Windows 11, users are advised to configure settings to block potentially unwanted applications by enabling options in the Privacy and Security settings. To minimize risks, it is recommended to download apps from the Microsoft Store, keep Windows 11 updated, and use the Microsoft Edge browser with SmartScreen.

Tech Optimizer

March 9, 2025

Do Macs Really Need Antivirus? The Truth About Mac Security in 2025

Mac users have historically believed their computers are immune to viruses and malware, but this notion may be outdated as cyber threats evolve. The rise in popularity of Macs has attracted cybercriminals, leading to the development of sophisticated malware and ransomware specifically targeting Mac operating systems. Phishing attacks have also become more prevalent, using impersonation tactics to extract sensitive information from users. Built-in security features like Gatekeeper and XProtect provide some protection, but experts now recommend considering third-party antivirus solutions for enhanced security, especially when handling private information, downloading from unverified sources, or using Macs in business environments. While some users worry that antivirus programs may slow down their systems, modern options are designed to be more efficient. Ultimately, the decision to use antivirus software depends on individual digital habits and risk tolerance.

Winsage

March 5, 2025

Microsoft To Remove DES Encryption from Windows 11 24H2 & Windows Server 2025

Microsoft plans to phase out the Data Encryption Standard (DES) encryption algorithm from Kerberos authentication in future Windows releases, specifically affecting Windows Server 2025 and Windows 11 version 24H2 after updates on or after September 9, 2025. This is part of Microsoft's Secure Future Initiative aimed at eliminating outdated encryption technologies. DES, established in 1977, has become vulnerable to security breaches and was integrated into Kerberos in 1993. While Windows has not relied solely on DES, it has been disabled by default since Windows 7 and Windows Server 2008 R2, although it remains available as an optional feature. After September 2025, affected systems will enter "DES in Kerberos Disabled Mode," making DES unsupported. Microsoft advises organizations to identify and address any existing DES usage before the deadline, recommending the use of PowerShell scripts to detect DES in security event logs and to disable it through Active Directory and Group Policy settings. Organizations should transition to more secure ciphers like the Advanced Encryption Standard (AES) and ensure compatibility with AES by changing passwords for accounts on older domain controllers.

AppWizard

March 4, 2025

Google Password Manager may be set to introduce a nuclear option for its Android app

Google is enhancing its Password Manager by introducing a 'delete all' option, allowing users to remove all saved credentials at once instead of individually. Screenshots indicate a new setting that reads, “Delete all data: From Google Password Manager, including passwords and passkeys.” Currently, users must delete their entire browser data to remove all passwords, which is not ideal. This feature is particularly useful for users migrating to different password managers. Although Google has not confirmed the rollout, the anticipation reflects the demand for better password management solutions.

Tech Optimizer

February 17, 2025

Mac users beware: AI-powered malware threats are on the rise

Apple devices, particularly Macs, are facing an increase in cyberattacks, with a new wave of sophisticated malware targeting sensitive data. The emergence of Atomic Stealer (AMOS) in mid-2023 marked a shift from less harmful adware to more serious threats, with AMOS being marketed as a user-friendly service. By mid-2024, Poseidon became the leading Mac information stealer, responsible for 70% of infections and capable of draining various cryptocurrency wallets and capturing sensitive credentials. Cybercriminals are also using malvertising to lure users into downloading disguised malware. Android users are experiencing an even more severe situation, with a significant rise in phishing attacks. In 2024, researchers identified 22,800 malicious apps designed for phishing, along with thousands capable of reading one-time passwords (OTPs). These apps often mimic legitimate software and can easily infiltrate app stores, including Google Play. While Google Play Protect offers some malware protection, it is not entirely effective. To protect against malware threats, it is recommended to use strong antivirus software, be cautious with downloads and links, keep software updated, use strong and unique passwords, and enable two-factor authentication (2FA) for critical accounts.

Winsage

February 11, 2025

Windows 10 end of life: How to prepare for the October deadline

Windows 10 will reach its end of life on October 14, 2025, after which it will no longer receive security updates. As of December 2024, over 62% of devices globally were still using Windows 10. Many organizations are delaying the upgrade to Windows 11 due to hardware compatibility issues, budget constraints, and the time required for employee training. Remaining on Windows 10 poses risks such as increased vulnerability to cyber threats and operational inefficiencies. Microsoft offers an Extended Security Updates program for organizations needing more time, but experts recommend investing in upgrading to Windows 11 for long-term benefits. The transition may require replacing incompatible devices and careful planning to minimize disruptions.

AppWizard

December 23, 2024

Amazon’s App Store Has This Dangerous Android Health App That Can Steal Your Data

The Amazon App Store is hosting a potentially harmful app named BMICalculationVsn, marketed as a body mass index (BMI) calculator. Developed by PT Visionet Data Internasional, the app has been flagged as spyware by McAfee Labs, raising privacy concerns due to its requests for sensitive information such as passwords, payment details, and audio recordings. The app has thousands of installations and has been identified as a security threat since October 8, 2024. Users are advised to keep their Play Protect feature active to mitigate risks associated with third-party app stores.