security measures Archives

Winsage

February 20, 2025

Ditch the outdated OS — get Windows 11 Pro for life for just $18

A lifetime license for Microsoft Windows 11 Pro is available for .97 until March 30. The license includes features such as no recurring fees, advanced productivity tools, robust security measures, AI-powered Copilot, enhanced gaming experience with DirectX 12 Ultimate, and access to professional-grade tools. Users can install the software on two devices and will receive an instant redemption code via email.

Winsage

February 19, 2025

A new and dangerous keylogger is on the loose – here’s how to stay safe

Cybersecurity experts at Fortinet have identified a new threat called the Snake Keylogger, which has been involved in over 280 million blocked infection attempts. This malware uses advanced obfuscation techniques, making it difficult to detect and neutralize, and poses risks to individuals and organizations by allowing attackers access to sensitive data. Cybersecurity professionals recommend proactive defense strategies, including keeping antivirus software updated and educating users about cybersecurity issues. Fortinet has not revealed the creators of the Snake Keylogger or specific industries it targets.

AppWizard

February 19, 2025

Chrome for Android could soon have your back when you download shady apps

Google is developing a feature for Chrome on Android that will allow the browser to scan downloaded APK files for malware. This feature is currently being tested in Chrome Canary and aims to provide an additional layer of protection alongside Google Play Protect, which already scans applications before installation. Users will receive notifications about the safety of their APK downloads, with a message indicating that the APK downloads are being checked for malware. This functionality is expected to enhance user confidence and reduce the risk of malware infiltration during the download process.

AppWizard

February 19, 2025

Warning over privacy of encrypted messages as Russia targets Signal…

Russia-backed hacking groups have advanced their techniques to infiltrate encrypted messaging platforms like Signal, WhatsApp, and Telegram, posing a threat to journalists, politicians, and activists. These hackers are targeting Signal's "linked devices" feature using malicious QR codes to gain real-time access to victims' messages. Incidents have included compromised Signal accounts leading to military strikes. The Sandworm group has been linked to compromising Signal accounts on devices captured in Ukraine, utilizing a Russian-language website to provide instructions for linking accounts to their infrastructure. Successful breaches often go undetected for long periods, with attackers using modified Signal group invite pages and phishing kits. Additionally, threat actors have stolen Signal database files from Android and Windows devices, with malware like Infamous Chisel extracting sensitive data. Attacks on Signal and other messaging services are increasing, with Russia-aligned groups employing social engineering tactics against users of WhatsApp. In response, Signal has enhanced security measures, including a new interface to alert users of unauthorized device links and additional authentication steps.

Winsage

February 19, 2025

Snake Keylogger Variant Hits Windows, Steals Data via Telegram Bots

Cybersecurity experts at FortiGuard Labs have identified a new variant of the Snake Keylogger, known as AutoIt/Injector.GTY!tr, which targets Windows users and has blocked over 280 million infection attempts worldwide, particularly in China, Turkey, Indonesia, Taiwan, and Spain. The malware spreads primarily through phishing emails with malicious attachments or links and focuses on popular web browsers to steal sensitive information by logging keystrokes, capturing credentials, and monitoring clipboard activity. It exfiltrates data to its command-and-control server via email and Telegram bots. The malware uses AutoIt scripting to create standalone executables that evade antivirus detection. It installs itself by dropping "ageless.exe" in the %Local_AppData%supergroup folder and "ageless.vbs" in the %Startup% folder to ensure persistence. The malware employs process hollowing to inject its payload into a legitimate .NET process, allowing it to hide from detection. Additionally, the Snake Keylogger can retrieve the victim’s geolocation and extract sensitive information from browser autofill systems, including credit card details. It utilizes various techniques for data collection, credential access, defense evasion, and exfiltration, posing a significant threat to Windows users.

AppWizard

February 19, 2025

Chrome for Android adds new protection against malicious apps

Google is enhancing security measures for Android users by introducing a feature in Chrome for Android that will scan APK files for malware. This feature, currently in testing in Chrome Canary, will automatically check the safety of newly downloaded APK files, providing extra security for users who sideload applications. Play Protect already scans newly downloaded apps for malware and monitors installed applications for potential threats, alerting users and managing app permissions. The upcoming feature aims to improve security for sideloaded applications and reduce risks associated with harmful installations.

Winsage

February 18, 2025

Windows 10 Approaches Its End of Life: What You Need to Know

Microsoft has announced that Windows 10 will reach its end of support on October 14, 2025, meaning it will no longer receive security updates, bug fixes, or technical support. Users will be left vulnerable to malware and other cyber threats, and existing system issues will remain unresolved. Microsoft recommends upgrading to Windows 11, which offers new features, improved performance, and enhanced security. Users can upgrade to Windows 11 through Windows Update if their devices meet the system requirements. If not, they may need to consider new hardware. While Windows 10 will still receive security updates until the end of support date, it will not receive new features, prompting users to plan their migration to avoid security risks. It is advised to back up important data before transitioning to ensure a smooth upgrade process.

Tech Optimizer

February 18, 2025

Microsoft Discovers Return Of Alarming MacOS Malware With Sinister New Tricks

The XCSSET malware, discovered in 2020, allows cybercriminals remote access to developers' MacBooks and has led to a reassessment of macOS security measures. A new variant of XCSSET has been identified, specifically targeting macOS systems and exploiting vulnerabilities, particularly in keychains, to steal sensitive information like usernames and passwords. This variant spreads through Xcode projects and features enhanced functionality that makes detection and removal more challenging. It employs increased randomization in payload generation and uses both xxd and Base64 encoding. The malware can remain undetected, targeting Xcode projects for payload insertion and extracting data from cryptocurrency wallets and the Notes app. Microsoft has confirmed that its Defender for Endpoint on Mac can detect both the old and new variants of XCSSET, but developers are advised to exercise caution by downloading only from trusted sources, using the latest software versions, inspecting Xcode projects before opening them, and avoiding third-party applications.

Winsage

February 18, 2025

Windows Mobile Pos Terminal Market Size by Application, Type, Geographic Scope, and Forecast 2025-2032

The global Windows Mobile POS Terminal market is expected to grow significantly from 2025 to 2032, driven by the rise of mobile payment systems, digital transactions, and technological advancements. Key factors include the demand for flexible payment options in retail and hospitality, the increase in e-commerce and contactless payments, and ongoing innovations in security and software. Challenges such as high initial costs, regulatory complexities, supply chain disruptions, and market saturation in developed regions may hinder growth. Emerging trends include the integration of AI, automation, and IoT, a focus on sustainability, and a demand for personalized offerings. The competitive landscape features intense rivalry among key players, with a focus on product innovation and regional expansion, particularly in North America, Europe, and the rapidly growing Asia-Pacific region. Emerging markets in Latin America and the Middle East & Africa show potential for growth, despite facing economic and regulatory challenges.

Winsage

February 18, 2025

Earth Preta APT Exploit Microsoft Utility Tool to Control Windows

Researchers from Trend Micro's Threat Hunting team have identified a cyberattack campaign by the APT group Earth Preta, targeting government entities in the Asia-Pacific region, including Taiwan, Vietnam, Malaysia, and Thailand. The group uses spear-phishing emails and advanced malware to compromise Windows systems, notably employing the Microsoft Application Virtualization Injector (MAVInject.exe) to inject malicious payloads into legitimate processes. The attack typically begins with a malicious file, IRSetup.exe, which drops both legitimate and malicious files onto the system, often accompanied by a decoy PDF posing as an official document. Earth Preta utilizes a modified variant of the TONESHELL backdoor malware, sideloaded using OriginLegacyCLI.exe and a malicious DLL, EACore.dll. This malware communicates with a command-and-control server for data exfiltration and remote operations, offering capabilities such as reverse shell access, file deletion, and persistent storage of victim identifiers. The malware adapts its behavior based on the presence of ESET antivirus software, using different techniques for code injection. Trend Micro attributes this campaign to Earth Preta with medium confidence, noting that the group has compromised over 200 victims since at least 2022, primarily focusing on government entities and using phishing as the initial attack vector.