security threats Archives

AppWizard

June 12, 2026

Android users need to uninstall these apps ASAP as they are a security risk

Google will soon notify Android users when an app they installed has lost developer support. Currently, users only receive alerts from Play Protect for significant security threats or potentially harmful apps. The only way to discover if an app has been delisted is through external sources or by trying to install it on a new device. Recent findings in the Play Store indicate that Google is preparing to inform users when apps have been removed from the Play Store and will no longer receive updates. Abandoned apps pose significant security risks, as they may contain vulnerabilities that can be exploited by malicious actors. Google's new notifications aim to encourage users to uninstall unsupported apps to protect their personal data.

Tech Optimizer

June 9, 2026

I trusted Malwarebytes to secure my PC for a month

Malwarebytes is an effective antivirus solution that provides robust protection against cyber threats, identified and blocked threats efficiently during usage. The software features a user-friendly interface with a Dashboard that includes tools such as a system scanner, VPN, and Trusted Advisor, which assesses system security. The Privacy, Identity, Tools, and Scam Guard sections offer additional functionalities, including monitoring for data breaches and identifying fraudulent emails. Malwarebytes operates with minimal CPU resource usage while effectively blocking malware and phishing attempts. An independent evaluation by MRG Effitas confirmed its high performance, earning a Level 1 certification. Pricing for Malwarebytes Premium starts at an annual fee for the Standard plan, with additional options available.

Tech Optimizer

June 3, 2026

Endpoint Security Statistics By Market Share And Insights (2026)

Endpoints are critical computing devices connected to networks, including personal computers, tablets, smartphones, and smart appliances, and are often targeted in cyberattacks. Robust endpoint security is essential, especially in business environments with sensitive data. Endpoint protection solutions include antivirus software, endpoint detection and response (EDR) systems, and multi-factor authentication. - 81% of businesses have faced malware-related attacks. - 59% of ransomware incidents compromise data stored in public cloud environments. - In 2023, the average cost associated with breach detection and escalation reached USD 1.58 million. - 97% of executives access work accounts via personal devices. - During Q3 2024, malware detections at endpoints surged by 300%. - 13% of employees reported being victims of phishing attacks while working remotely. - 70% of employees using ChatGPT in the workplace do so without informing their employers. - 68% of companies have reported at least one successful endpoint attack that compromised their data or IT infrastructure. - 55% of professionals consider smartphones among the most vulnerable endpoints. - 47% of organizations monitor their networks around the clock. - The global financial impact of cybercrime is projected to exceed .5 trillion annually by 2025. - In 2021, 53% of organizations experienced successful ransomware attacks, marking a 148% increase from 2020. - Paying a ransom can double the total cost of a ransomware incident. - 40% of organizations delay patch rollouts to avoid potential conflicts. - 67% of IT professionals believe that Bring Your Own Device (BYOD) policies have weakened their organization's security posture. - 69% of Chief Information Security Officers (CISOs) expected at least one ransomware attack in 2022. - Only 50% of organizations encrypt sensitive data on their devices. - Organizations with a high number of remote workers face the greatest risks regarding endpoint security threats. - The endpoint security market is anticipated to grow from USD 13.37 billion in 2023 to USD 31.2 billion by 2032, with a compound annual growth rate (CAGR) of 12.1%. - Approximately 70% of companies plan to increase their investment in endpoint security solutions over the next two years. - The average financial impact of a data breach is estimated at around USD 4.88 million. - In 2023, the highest costs related to breaches were linked to detection and escalation, averaging USD 1.58 million. - As of 2024, the United States has the highest average cost of data breaches globally at USD 9.36 million. - A significant breach affecting 50 to 60 million records in 2024 is expected to cost USD 375 million. - Organizations facing compliance challenges typically incur an average breach cost of USD 5.05 million. - 40% of organizations admit to postponing patch implementations to avoid potential conflicts. - 92% of remote employees report using personal smartphones or tablets for work tasks. - 80% of executives are inclined to send work-related messages from personal devices. - 80-90% of successful ransomware attacks originate from unmanaged devices. - 62% of cybersecurity experts cite data loss and leaks as their primary concerns regarding BYOD policies. - 36% of employees using personal devices for work admit to delaying security updates. - 71% of employees store sensitive work passwords on personal phones. - 67% of organizations work with multiple vendors for management and security across various device types. - Only 42% of surveyed companies have a solution to proactively identify sensitive data on employee devices. - 38% of employees state that their employer lacks BYOD policies, or that existing policies are often disregarded. - There was a 300% increase in malware detections at endpoints during Q3 2024. - In 2024, a data breach involving Twilio compromised 33 million phone numbers linked to Authy accounts. - 90% of successful cyberattacks and up to 70% of data breaches originate from endpoint devices. - 54% of security experts reported that over 20% of their total endpoints were unmanaged. - 67% of Managed Service Providers (MSPs) faced AI-driven threats in the past year. - Among HR professionals who offboarded employees in the last year, 71% reported that at least one employee failed to return company-owned devices. - 65% of employees indicated they often bypass organizational security protocols to enhance productivity. - Over 90% of security incidents related to lost or stolen devices lead to unauthorized data breaches. - 13% of employees admit to being victims of phishing attacks while working remotely. - 63% of companies may have former employees retaining access to organizational data. - 62% of employees acknowledged transferring company intellectual property to personal devices. - 59% of stolen company-owned devices contained sensitive information. - Gartner estimates that shadow IT accounts for 30-40% of IT expenditures in large organizations. - 80% of employees engage in shadow IT activities. - 76% of small and medium-sized businesses (SMBs) believe shadow IT poses a security risk. - 58% of SMBs have encountered significant shadow IT initiatives without the knowledge of their official IT departments. - 30% of IT leaders cite information security as the primary challenge to adopting BYOD policies. - The prevalence of shadow IT has surged by 59% due to remote work. - 70% of employees using ChatGPT in the workplace do so without employer knowledge. - 32% of remote and hybrid employees use applications or software not sanctioned by IT. - 59% of organizations have experienced data loss due to cloud-based shadow IT. - ChatGPT is the most frequently used unauthorized application among employees. - By 2027, it is projected that 75% of employees will acquire, modify, or create technology beyond IT's visibility. - The trend of paying ransoms has increased; over 47.8% of companies chose to pay in Q3, rising to 59.6% in Q4. - Tanium raised USD 300 million in Series G funding, resulting in a valuation of USD 9 billion. - Cybereason secured USD 275 million in Series F funding. - SentinelOne acquired Attivo Networks in a transaction valued at USD 616 million.

AppWizard

May 27, 2026

‘No Future Updates’—Google Will Confirm Play Store App Deletion

Google is enhancing the security of its Play Store by removing high-risk and low-quality applications and will soon notify users when an app has been deleted from the Play Store. This notification will inform users that the app will no longer receive updates, which is crucial for security as unpatched apps can be exploited. Currently, users only receive alerts about significant security threats, but the new feature aims to improve user awareness regarding app removals. The change comes amid rising cyber threats, with a recent report indicating that vulnerability exploitation is a major risk. Previously, users were not notified about app removals, leaving them unaware unless they found out through other means.

Winsage

May 26, 2026

‘Restart Multiple Times’—Microsoft Changes Windows Next Week

Microsoft will begin the expiration of Secure Boot certificates on most PCs in June, marking the end of a 15-year period of stability. This affects all PCs manufactured before 2023. Users will likely need to perform multiple restarts during the update process, which includes pushing data into firmware and loading a new bootloader. Ignoring the Secure Boot deadline in June 2026 may lead to significant security risks, as Microsoft will stop providing essential boot updates and malware blacklists. The Windows Security App has been updated to help users monitor these changes, and users should check for warnings indicating the status of Secure Boot. It is important for Windows 10 users to ensure they are enrolled in the Extended Security Updates (ESU) program to avoid vulnerabilities.

Winsage

May 19, 2026

Introducing new Surface devices built for business and AI acceleration

IT leaders face challenges from the rise of artificial intelligence, sophisticated security threats, and scrutiny over investment decisions regarding PC fleets. Microsoft has introduced the Surface line to address these demands, integrating advanced silicon and software for enhanced security and AI capabilities. The new Surface Pro for Business and Surface Laptop for Business, powered by Intel Core Ultra Series 3 processors, offer significant performance improvements, including up to 35% better graphics than the MacBook Air with M5 and over 90% faster than the Laptop 5 on select configurations. The Surface Laptop for Business is available in 13-inch and 15-inch models, starting at 9.99, featuring a high-resolution touchscreen, advanced haptic touchpad, and up to 23 hours of battery life. The 13-inch Surface Pro for Business, also starting at 9.99, combines multiple input methods with on-device AI processing. All Surface devices are designed with security as a core principle, shipping as Secured-core PCs, and include an optional integrated privacy screen. They support AI applications both in the cloud and on-device, enhancing productivity. Devices can be managed through Microsoft Intune for operational efficiency. The new Surface devices are made from recycled materials, designed for energy efficiency, and certified by ENERGY STAR.

Winsage

May 14, 2026

Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation

An anonymous cybersecurity researcher disclosed two new zero-day vulnerabilities affecting Microsoft systems: YellowKey and GreenPlasma. YellowKey is a BitLocker bypass that operates as a backdoor within the Windows Recovery Environment, impacting Windows 11 and Windows Server 2022/2025. Exploiting YellowKey involves copying specially crafted files to a USB drive, connecting it to a Windows computer, and rebooting into WinRE. The researcher expressed skepticism about Microsoft's response time to this vulnerability, noting that using TPM+PIN does not mitigate the risk. GreenPlasma is a privilege escalation vulnerability that allows an unprivileged user to obtain a shell with SYSTEM permissions through arbitrary section creation in Windows CTFMON. The proof-of-concept for this exploit is incomplete but indicates potential manipulation of trusted privileged services or drivers. Additionally, a related attack against BitLocker was detailed by French cybersecurity firm Intrinsec, which exploits a boot manager downgrade using CVE-2025-48804 to bypass encryption protections on fully patched Windows 11 systems. This method allows attackers to boot from a controlled WIM while the boot manager checks the legitimate one, executing with the decrypted BitLocker volume. Despite Microsoft releasing fixes for this defect in July 2025, a flaw in Secure Boot verification allows a vulnerable boot manager to bypass BitLocker safeguards. To mitigate these risks, enabling a BitLocker PIN at startup and migrating to a new boot manager certificate is recommended.

AppWizard

May 12, 2026

Android Apps on Windows 11: Safe Alternatives After WSA

In 2025, Microsoft announced it would discontinue support for the Windows Subsystem for Android (WSA), making Android applications non-functional on Windows 11. This decision surprised many users in Indonesia who relied on these applications. HP developed a guide outlining secure alternatives to WSA, which included reputable Android emulators like BlueStacks, LDPlayer, and NoxPlayer, as well as native Windows alternatives such as Microsoft Teams and Microsoft 365 apps. Users were advised against unverified APK sideloading, unofficial emulators, and modified apps due to security risks. Microsoft’s end of support means no further security updates or bug fixes will be provided, and integration with the Amazon Appstore will cease. Users can continue using WSA apps, but they will be exposed to potential security threats. To migrate data from WSA, users were instructed to inventory apps, research alternatives, and export app data before performing a clean uninstall. Best practices for running Android apps safely on Windows included downloading from official sources and keeping software updated.

AppWizard

May 8, 2026

Android alert: 7 million users downloaded ‘stalking’ apps that were actually scams

Security researchers at ESET uncovered a scam involving 28 applications named "CallPhantom," which collectively amassed over 7.3 million downloads on the Google Play Store. These apps promised access to call histories, SMS records, and WhatsApp call logs for any phone number, raising privacy concerns. They requested intrusive permissions from users' devices, leading to potential privacy violations. Payment structures varied, with some using Google Play's billing system and others circumventing it through third-party methods. ESET reported the apps to Google in December 2025, resulting in their removal from the Play Store. A recent search confirmed that these apps are no longer available.

Winsage

May 7, 2026

Upwind expands runtime protection to Windows Server VMs

Upwind has expanded its runtime protection and visibility offerings to include Windows Server virtual machines (VMs) on major cloud platforms such as Amazon Web Services, Google Cloud, and Microsoft Azure. This integration applies to Windows Server 2016 and later versions and enhances runtime monitoring and detection workflows. Upwind's Windows Sensor provides visibility into host activities, including process executions, network connections, and DNS requests, while also conducting continuous assessments for vulnerabilities and configuration issues. The telemetry collected aids in real-time detection of potential security threats and supports ongoing vulnerability scanning. The integration of Windows Server VMs into Upwind's Runtime Map, Detections, and Sensor components allows for unified monitoring and risk prioritization across cloud environments. This expansion aims to address the critical need for runtime behavior insights in cloud security, particularly for businesses relying on Windows Server for essential applications.