security software Archives

Tech Optimizer

May 14, 2025

Best Antivirus Software (2025): ESET Recognized as Top Cybersecurity Solution by Software Experts

ESET is recognized as a leading antivirus provider in 2025, known for its robust security solutions that effectively combat rising cyber threats such as phishing, ransomware, and zero-day exploits. The company's offerings include heuristic and behavioral detection, ransomware and phishing protection, exploit blocker technology, and low resource usage, ensuring minimal impact on system performance. ESET provides various products for home users, including ESET HOME Security Essential, Premium, and Ultimate, as well as a Small Business Security package for up to 25 devices and scalable solutions for larger organizations. Pricing for home products starts at .99/year, with multi-device and multi-year discounts available. ESET operates in over 200 countries, utilizing a global network for real-time threat intelligence and maintaining a commitment to effective digital security since its establishment in 1992.

AppWizard

May 13, 2025

You can now verify Mullvad VPN’s credentials

Mullvad VPN has announced that its Android app builds are now reproducible starting with version 2025.2, allowing users to verify that the app is built from the open-source code published by Mullvad. Reproducible builds ensure that the published source code matches the distributed application and that no unintended modifications occurred during the build process. Mullvad encourages users to engage in the verification process, providing source codes and instructions on its GitHub page.

Tech Optimizer

May 12, 2025

Defendnot: A Tool That Disables Windows Defender by Registering as an Antivirus

Cybersecurity developers have created a tool called defendnot, which disables Windows Defender by utilizing undocumented Windows Security Center (WSC) APIs. This tool is a successor to the no-defender project, which was taken down due to DMCA challenges. The developer reverse-engineered WSC’s validation algorithms and identified Taskmgr.exe as a suitable process to host the necessary code. Defendnot persists across reboots by adding itself to Windows autorun and can be managed via a command-line interface with options to disable Windows Defender and Windows Firewall. Unlike its predecessor, defendnot does not use third-party antivirus code. Security experts warn that disabling protection mechanisms should only be done in controlled environments by knowledgeable users.

AppWizard

May 9, 2025

You can now verify if your Mullvad VPN app is legit

Mullvad has introduced reproducible builds for its Android VPN application starting with version 2025.2, allowing users to confirm the legitimacy of the app before installation. Reproducible builds ensure that identical copies of the application can be recreated from the same source code, build environment, and instructions, providing assurance against unauthorized modifications. This decision follows a rise in malicious free VPN applications and malware distribution through counterfeit software. Currently, only the latest version of Mullvad's Android VPN app features this capability, with no confirmed plans for other platforms. Mullvad encourages technically skilled users to verify the builds and has provided instructions for the verification process.

Winsage

May 8, 2025

Windows 0-Day Vulnerability Exploited in Wild to Deploy Play ransomware

Threat actors associated with the Play ransomware operation exploited a zero-day vulnerability in Microsoft Windows, identified as CVE-2025-29824, before a patch was released on April 8, 2025. This vulnerability affects the Windows Common Log File System (CLFS) driver, allowing attackers to elevate their privileges to full system access. The Play ransomware group targeted an unnamed organization in the United States, likely gaining initial access through a public-facing Cisco Adaptive Security Appliance (ASA). During this intrusion, no ransomware payload was deployed; instead, the attackers used a custom information-stealing tool named Grixba. Microsoft attributed this activity to the threat group Storm-2460, known for deploying PipeMagic malware. The exploitation affected various sectors, including IT, real estate in the U.S., finance in Venezuela, software in Spain, and retail in Saudi Arabia. The vulnerability received a CVSS score of 7.8 and was addressed in Microsoft's April 2025 Patch Tuesday updates. The attack involved creating files in the path C:ProgramDataSkyPDF, injecting a DLL into the winlogon.exe process, extracting credentials from LSASS memory, creating new administrator users, and establishing persistence. The Play ransomware group has been active since June 2022 and employs double-extortion tactics. Organizations are urged to apply the security updates released on April 8, 2025, especially for vulnerable Windows versions, while Windows 11 version 24H2 is not affected due to existing security mitigations.

Tech Optimizer

May 7, 2025

Opinion: Do you really need separate antivirus software? Probably not

A friend is considering purchasing antivirus software for a new Windows PC and sought advice on the best options. Major antivirus providers include Norton, McAfee, AVG, and Bitdefender, but many features overlap with Windows Defender. Most home users may not need paid antivirus software, as Microsoft and Apple provide built-in solutions. Web browsers and email providers also offer protection against online threats. Windows 11 users can monitor security through the Windows Security dashboard, while Apple users should keep their systems updated. If encountering issues from suspicious links, downloading Malwarebytes is recommended for scanning and repair. The free version is available for both Mac and Windows, but the paid version is suggested for regular use. Opinions on antivirus necessity vary, and those using computers for business may consider investing in a security suite for added peace of mind.

Winsage

April 21, 2025

April’s Windows 11 update is borking some PCs with CrowdStrike

The Windows 11 update KB5055523 has caused significant issues, including disruptions to Windows Hello logins, preventing users from using face recognition and PIN codes. It has also introduced bugs affecting business applications, particularly with SAP GUI, which may crash with error codes 0xc0000409 and 0x000b1c30 or fail to launch. These problems are linked to a conflict with the CrowdStrike Falcon Sensor security software, specifically when Additional User-Mode Data (AUMD) is activated. Users are advised to consider rolling back the update and postponing further Windows 11 24H2 updates until a solution is provided.

Tech Optimizer

April 12, 2025

I abandoned third-party antivirus tools, and here’s what I do instead

The author has transitioned from using third-party antivirus solutions to relying on Windows Security, which is built into Windows 10 and 11, due to its effectiveness and lack of cost. They emphasize the importance of keeping Windows Security updated and performing regular virus scans for added peace of mind. Ransomware protection features, such as Controlled Folder Access, are highlighted as essential. The Microsoft PC Manager app is recommended for optimizing system performance and security. The author advocates for good security hygiene, including avoiding suspicious emails and enabling two-factor authentication, as effective practices to maintain security without third-party antivirus software.

Tech Optimizer

April 9, 2025

Flaw in ESET Security Software Used to Spread Malware From ToddyCat Group

A vulnerability in ESET's software, designated as CVE-2024-11859, allows state-backed hackers to introduce a malicious dynamic-link library (DLL) that can be executed via the ESET antivirus scanner. This malicious code operates discreetly, avoiding detection by system alerts. ESET classified the issue as medium severity with a CVSS score of 6.8 out of 10 and urged users to update their systems promptly to mitigate risks.

Winsage

April 9, 2025

Microsoft resets ‘days since last Windows 11 problem’ to 0

Microsoft has implemented a compatibility hold for Windows 11 24H2 affecting devices using the sprotect.sys driver from SenseShield Technology, which is crucial for encryption protection in enterprise security software. This hold impacts all versions of the sprotect.sys driver, specifically versions 1.0.2.372 and 1.0.3.48903, causing potential disruptions such as unresponsiveness and black or blue screen errors. Users are advised not to force the Windows 11 24H2 update until the issue is resolved, and Microsoft is collaborating with SenseShield to investigate the problem. Additionally, Microsoft has previously issued holds for other issues related to Dirac Audio enhancement technology and AutoCAD 2022, raising concerns about the compatibility and stability of Windows 11 compared to Windows 10.