security measures

Winsage
November 8, 2024
Researchers have identified a new threat campaign called SteelFox, which uses counterfeit software activators and cracks to infiltrate Windows systems. The campaign deploys a vulnerable driver, information-stealing malware, and a cryptocurrency miner, compromising sensitive data and exploiting system resources for illicit mining. Victims are reported globally, including regions from Brazil to China, affecting users of commercial software like Foxit PDF Editor, JetBrains, and AutoCAD. Cybercriminals continue to advertise these fake software solutions, increasing the potential for further infections.
Tech Optimizer
November 7, 2024
Microsoft's Windows Security suite, also known as Windows Defender, has evolved since 2006 into a more robust security tool. However, it has limitations: 1. Web protection is limited to Microsoft Edge, with the SmartScreen feature not available for Chrome or Firefox users. 2. There is no built-in VPN; a VPN service is only available through a paid Microsoft 365 subscription with a 50 GB monthly data cap. 3. It lacks an integrated password manager, leaving users to rely on third-party solutions for password management. 4. For business users, it does not provide endpoint protection or automated response capabilities, which are essential for recovering from attacks like ransomware or DDoS. Microsoft offers Defender for Endpoint as a paid service, but many businesses may still need third-party antivirus solutions for comprehensive protection.
AppWizard
November 7, 2024
Twelve malicious Android applications have been identified that can take control of devices to record audio and perform other harmful activities. These apps include: 1. Rafaqat 2. Privee Talk 3. MeetMe 4. Let’s Chat 5. Quick Chat 6. Chit Chat 7. YohooTalk 8. TikTalk 9. Hello Cha 10. Nidus 11. GlowChat 12. Wave Chat The first six were available on the Google Play Store and were downloaded over 1,400 times before removal. Users are advised to uninstall these apps immediately and remain cautious about downloading unfamiliar applications or clicking on suspicious links.
AppWizard
November 6, 2024
A potential update to the Google Play Store is expected to enhance the sideloading experience for Android users by simplifying the process and improving security measures. The update will introduce a temporary pause function for Play Protect, allowing it to be disabled for a maximum of one day during sideloading, which addresses the current need for users to manually disable and later reactivate the feature. The timeline for this update is unclear, but it may coincide with the release of Android 16.
AppWizard
November 6, 2024
A new Android malware named "ToxicPanda" was first identified in late October 2024 and has been reclassified as a unique entity after initial classification under the TgToxic family. It poses a risk through account takeover via on-device fraud and primarily targets retail banking applications on Android devices. The malware has spread significantly in Italy, Portugal, Spain, and various Latin American regions, with over 1,500 devices reported as victims. ToxicPanda allows cybercriminals to gain remote access to infected devices, intercept one-time passwords, and bypass two-factor authentication. The threat actors are likely Chinese speakers, which is unusual for targeting European banking. The malware spreads through social engineering tactics, encouraging users to side-load the malicious app, and exploits Android’s accessibility services for elevated permissions. Cleafy’s analysis indicates that ToxicPanda's command-and-control infrastructure shows evolving operational strategies, and the malware may undergo further modifications. The challenges for security professionals are increasing as malware operators refine their tactics and expand their targets. Cleafy noted that contemporary antivirus solutions have struggled to detect ToxicPanda due to a lack of proactive, real-time detection systems.
Tech Optimizer
November 5, 2024
Neon has launched Neon Authorize, a feature that enhances permission and access control management for developers using its serverless Postgres database. This feature incorporates Postgres Row-Level Security (RLS) to protect data from unauthorized access, allowing for the establishment of authorization policies at the database level. Recent findings from OWASP indicate that broken access control is a significant risk in web application security, with 94% of applications tested showing vulnerabilities. RLS enables database administrators to control user access at a granular level, making it particularly useful for multi-tenant applications. Neon Authorize simplifies the integration of authentication providers, allowing developers to authenticate database calls using JSON Web Tokens (JWT). Andy Young from Lockdown Ventures noted that adopting Neon Authorize improved security, simplified application code, and enhanced performance, with the migration process taking less than a day.
AppWizard
November 5, 2024
Google is developing a feature for its Play Store that allows users to temporarily pause Play Protect for one day instead of disabling it completely. This feature aims to enhance user safety by automatically reactivating Play Protect after the pause period and includes a warning prompt about potential scams when users attempt to pause or turn off the security feature. The feature is expected to be available to users in the near future.
Winsage
November 5, 2024
Microsoft has launched Windows Server 2025, which became generally available on November 1st. This version is classified as LTSC (Long-Term Servicing Channel), with mainstream support until October 2029 and extended support until October 2034. Key features include hot patching, an easily activated OpenSSH server, improved security for SMB shares, and enhancements to Hyper-V and Active Directory. Known issues include potential installation problems for systems with 256 logical cores and challenges in iSCSI environments. Windows Server 2025 is accessible through standard channels, with ISO images and VHD files available on the evaluation page.
Winsage
November 4, 2024
Microsoft has officially announced the general availability of Windows Server 2025 on November 1st. This release is part of the Long-Term Servicing Channel (LTSC), with mainstream support ending in October 2029 and extended support lasting until October 2034. Key features include hot patching, which reduces reboots from twelve times a year to once every three months, an easily activated OpenSSH server, enhancements to the Hyper-V virtualization platform, and new security measures for Active Directory. However, there are known issues, such as installation problems and unexpected behavior on systems with 256 logical CPU cores. Windows Server 2025 is accessible through standard distribution channels, with ISO images and VHD files available on the evaluation page.
Search