NewApp Digest
search bot

security measures

Windows PCs targeted by new malware hitting a vulnerable driver
Winsage
November 8, 2024

Windows PCs targeted by new malware hitting a vulnerable driver

Researchers have identified a new threat campaign called SteelFox, which uses counterfeit software activators and cracks to infiltrate Windows systems. The campaign deploys a vulnerable driver, information-stealing malware, and a cryptocurrency miner, compromising sensitive data and exploiting system resources for illicit mining. Victims are reported globally, including regions from Brazil to China, affecting users of commercial software like Foxit PDF Editor, JetBrains, and AutoCAD. Cybercriminals continue to advertise these fake software solutions, increasing the potential for further infections.
4 reasons why Windows Security alone isn’t enough to protect your PC
Tech Optimizer
November 7, 2024

4 reasons why Windows Security alone isn’t enough to protect your PC

Microsoft's Windows Security suite, also known as Windows Defender, has evolved since 2006 into a more robust security tool. However, it has limitations: 1. Web protection is limited to Microsoft Edge, with the SmartScreen feature not available for Chrome or Firefox users. 2. There is no built-in VPN; a VPN service is only available through a paid Microsoft 365 subscription with a 50 GB monthly data cap. 3. It lacks an integrated password manager, leaving users to rely on third-party solutions for password management. 4. For business users, it does not provide endpoint protection or automated response capabilities, which are essential for recovering from attacks like ransomware or DDoS. Microsoft offers Defender for Endpoint as a paid service, but many businesses may still need third-party antivirus solutions for comprehensive protection.
Uninstall these 12 Android apps that record your conversations
AppWizard
November 7, 2024

Uninstall these 12 Android apps that record your conversations

Twelve malicious Android applications have been identified that can take control of devices to record audio and perform other harmful activities. These apps include: 1. Rafaqat 2. Privee Talk 3. MeetMe 4. Let’s Chat 5. Quick Chat 6. Chit Chat 7. YohooTalk 8. TikTalk 9. Hello Cha 10. Nidus 11. GlowChat 12. Wave Chat The first six were available on the Google Play Store and were downloaded over 1,400 times before removal. Users are advised to uninstall these apps immediately and remain cautious about downloading unfamiliar applications or clicking on suspicious links.
Google Play update could make it safer to sideload Android apps
AppWizard
November 6, 2024

Google Play update could make it safer to sideload Android apps

A potential update to the Google Play Store is expected to enhance the sideloading experience for Android users by simplifying the process and improving security measures. The update will introduce a temporary pause function for Play Protect, allowing it to be disabled for a maximum of one day during sideloading, which addresses the current need for users to manually disable and later reactivate the feature. The timeline for this update is unclear, but it may coincide with the release of Android 16.
ToxicPanda Malware Targets Banking Apps on Android Devices
AppWizard
November 6, 2024

ToxicPanda Malware Targets Banking Apps on Android Devices

A new Android malware named "ToxicPanda" was first identified in late October 2024 and has been reclassified as a unique entity after initial classification under the TgToxic family. It poses a risk through account takeover via on-device fraud and primarily targets retail banking applications on Android devices. The malware has spread significantly in Italy, Portugal, Spain, and various Latin American regions, with over 1,500 devices reported as victims. ToxicPanda allows cybercriminals to gain remote access to infected devices, intercept one-time passwords, and bypass two-factor authentication. The threat actors are likely Chinese speakers, which is unusual for targeting European banking. The malware spreads through social engineering tactics, encouraging users to side-load the malicious app, and exploits Android’s accessibility services for elevated permissions. Cleafy’s analysis indicates that ToxicPanda's command-and-control infrastructure shows evolving operational strategies, and the malware may undergo further modifications. The challenges for security professionals are increasing as malware operators refine their tactics and expand their targets. Cleafy noted that contemporary antivirus solutions have struggled to detect ToxicPanda due to a lack of proactive, real-time detection systems.
Neon Authorize: Granular access controls at the database layer
Tech Optimizer
November 5, 2024

Neon Authorize: Granular access controls at the database layer

Neon has launched Neon Authorize, a feature that enhances permission and access control management for developers using its serverless Postgres database. This feature incorporates Postgres Row-Level Security (RLS) to protect data from unauthorized access, allowing for the establishment of authorization policies at the database level. Recent findings from OWASP indicate that broken access control is a significant risk in web application security, with 94% of applications tested showing vulnerabilities. RLS enables database administrators to control user access at a granular level, making it particularly useful for multi-tenant applications. Neon Authorize simplifies the integration of authentication providers, allowing developers to authenticate database calls using JSON Web Tokens (JWT). Andy Young from Lockdown Ventures noted that adopting Neon Authorize improved security, simplified application code, and enhanced performance, with the migration process taking less than a day.
Upcoming Google Play update could strengthen protection against harmful apps (APK teardown)
AppWizard
November 5, 2024

Upcoming Google Play update could strengthen protection against harmful apps (APK teardown)

Google is developing a feature for its Play Store that allows users to temporarily pause Play Protect for one day instead of disabling it completely. This feature aims to enhance user safety by automatically reactivating Play Protect after the pause period and includes a warning prompt about potential scams when users attempt to pause or turn off the security feature. The feature is expected to be available to users in the near future.
Microsoft releases Windows Server 2025
Winsage
November 5, 2024

Microsoft releases Windows Server 2025

Microsoft has launched Windows Server 2025, which became generally available on November 1st. This version is classified as LTSC (Long-Term Servicing Channel), with mainstream support until October 2029 and extended support until October 2034. Key features include hot patching, an easily activated OpenSSH server, improved security for SMB shares, and enhancements to Hyper-V and Active Directory. Known issues include potential installation problems for systems with 256 logical cores and challenges in iSCSI environments. Windows Server 2025 is accessible through standard channels, with ISO images and VHD files available on the evaluation page.
silver Android smartphone
Winsage
November 4, 2024

Microsoft releases Windows Server 2025

Microsoft has officially announced the general availability of Windows Server 2025 on November 1st. This release is part of the Long-Term Servicing Channel (LTSC), with mainstream support ending in October 2029 and extended support lasting until October 2034. Key features include hot patching, which reduces reboots from twelve times a year to once every three months, an easily activated OpenSSH server, enhancements to the Hyper-V virtualization platform, and new security measures for Active Directory. However, there are known issues, such as installation problems and unexpected behavior on systems with 256 logical CPU cores. Windows Server 2025 is accessible through standard distribution channels, with ISO images and VHD files available on the evaluation page.
New Microsoft Windows Attacks—Stop Doing This Now, US Government Warns Users
Winsage
November 3, 2024

New Microsoft Windows Attacks—Stop Doing This Now, US Government Warns Users

The FBI has warned users about vulnerabilities in popular webmail accounts, highlighting risks to passwords and multifactor authentication (MFA) due to emerging cyber threats. The Cybersecurity and Infrastructure Security Agency (CISA) has advised Windows users to reconsider SMS-based MFA. CISA's guidance targets Chief Information Security Officers (CISOs) and enterprise users, emphasizing a sophisticated spear-phishing campaign affecting various sectors, including government and IT. Spear phishing, although less than 0.1% of phishing emails, accounts for 66% of successful breaches, with average costs of USD 4.76 million and potential losses up to USD 100 million. CISA notes that foreign threat actors often impersonate trusted entities and use malicious remote desktop protocol (RDP) files to gain unauthorized access. CISA has recommended ten security measures for organizations, including restricting outbound RDP connections, blocking RDP files, enabling MFA, and adopting phishing-resistant authentication methods. CISA advises against SMS-based MFA due to its vulnerability to SIM-jacking attacks. Kaspersky has raised concerns about SIM swap fraud, particularly in areas with high smartphone usage. Organizations are encouraged to use stronger MFA alternatives, such as software authenticators or passkeys.
Search