sensitive information Archives

Tech Optimizer

March 30, 2026

Fake Cloudflare CAPTCHA Pages Spread Infiniti Stealer On macOS

Security researchers have identified a new macOS information stealer called Infiniti Stealer, which extracts sensitive information from Mac users using a social engineering tactic known as ClickFix. This method involves a counterfeit Cloudflare human verification page that prompts users to enter a command in their Mac Terminal, allowing the malware to bypass security measures. The infection process consists of three stages: 1. A Bash dropper script downloads and decodes a hidden payload. 2. A Nuitka loader, designed for Apple Silicon Macs, complicates detection by compiling Python code into a native application. 3. The final payload, Infiniti Stealer, harvests personal data such as browser passwords, macOS Keychain entries, cryptocurrency wallets, and captures screenshots. Indicators of Compromise (IOCs) associated with Infiniti Stealer include: - MD5 Dropper: da73e42d1f9746065f061a6e85e28f0c - SHA256 Stage-3: 1e63be724bf651bb17bcf181d11bacfabef6a6360dcdfda945d6389e80f2b958 - C2 Domain: update-check[.]com - C2 URL: https://update-check[.]com/m/7d8df27d95d9 - Panel: Infiniti-stealer[.]com - Packer Magic: 4b 41 59 28 b5 2f fd (KAY + zstd) - Debug Log: /tmp/.bs_debug.log

Winsage

March 30, 2026

Microsoft’s March Security Update of High-Risk Vulnerability Notice for Multiple Products

On March 11, NSFOCUS CERT reported the release of Microsoft’s March Security Update, addressing 83 security vulnerabilities in products like Windows, Microsoft Office, Microsoft SQL Server, and Azure. The update includes eight critical vulnerabilities and 75 important ones, with risks such as privilege escalation and remote code execution. Key vulnerabilities include: - CVE-2026-26110: Microsoft Office Remote Code Execution Vulnerability (CVSS score: 8.4) - CVE-2026-26113: Microsoft Office Remote Code Execution Vulnerability (CVSS score: 8.4) - CVE-2026-26144: Microsoft Excel Information Disclosure Vulnerability (CVSS score: 7.5) - CVE-2026-23669: Windows Print Spooler Remote Code Execution Vulnerability (CVSS score: 8.8) - CVE-2026-24294: Windows SMB Server Privilege Escalation Vulnerability (CVSS score: 7.8) - CVE-2026-23668: Windows Graphics Component Privilege Escalation Vulnerability (CVSS score: 7.0) Affected product versions include various editions of Microsoft Office, Windows Server 2012 R2, Windows Server 2016, Windows 10, and Windows 11. Microsoft has released security patches for these vulnerabilities, and users are encouraged to install them promptly.

Tech Optimizer

March 28, 2026

Don’t miss out: Bitdefender, One of the World’s Best Antiviruses, Is Now on Sale

Bitdefender is known for its effective early threat detection and elimination, reflected in high scores from independent lab evaluations. The current deal offers the complete all-in-one security suite at a competitive price, allowing users to upgrade from standard protection. Bitdefender operates in the background, providing real-time scanning of files, links, and downloads for safe browsing. The suite includes virus detection, web protection, ransomware defenses, a built-in VPN, a password manager, and anti-tracking capabilities. It offers proactive protection, such as scanning downloads on public Wi-Fi to prevent security risks. Bitdefender is resource-efficient, allowing users to run it without significant impact on system performance. The current sale makes it easier to justify moving from free tools to a comprehensive solution, especially given the sensitivity of information stored on devices.

Tech Optimizer

March 26, 2026

Protect your devices from AI scams, malware, and identity theft for under $30 — Norton 360 Premium is ‘the antivirus deal to go for’ in Amazon’s Big Spring Sale

The Norton 360 Premium 2026 one-year pre-paid subscription is available for a reduced price of .99 on Amazon, down from .99. It provides security for up to 10 devices and includes features such as AI-powered scam protection, a VPN for secure internet connections, Dark Web Monitoring for personal information, real-time threat detection, and cloud backup support for up to 75GB. The subscription offers automatic renewal with the option to cancel anytime before renewal.

AppWizard

March 26, 2026

Phishing Campaign Targeting Messaging Apps’ Users

A phishing campaign targeting users of messaging applications has been reported by the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI). This campaign exploits human behavior rather than software vulnerabilities, leading to the compromise of thousands of accounts worldwide, despite encryption. Attackers impersonate official support accounts and use social engineering tactics to prompt users to click on malicious links, request verification codes, or suggest account recovery actions. If users comply, attackers can take control of their accounts and may deploy malware. Platforms like Signal have been specifically targeted, but the tactics can apply to various messaging applications. Recommendations for users include being cautious with suspicious messages, avoiding unknown requests, carefully checking links, monitoring group chats for fake accounts, using built-in security features, and reporting incidents promptly.

AppWizard

March 25, 2026

Alert warns of cyber actors using Telegram messaging app to push malware

The FBI issued an alert on March 20 about a sophisticated cyber technique linked to the Iranian government, using the Telegram app to distribute malware globally. This has led to data breaches and reputational damage for many victims. The FBI provided recommendations for organizations and individuals to enhance cybersecurity, including staying informed about cyber threats, implementing security protocols, and educating employees on suspicious communications. Contacts for further insights at the AHA include John Riggi and Scott Gee, with resources available at aha.org/cybersecurity.

AppWizard

March 25, 2026

FBI warns of Russian, Iranian cyber activity involving messaging platforms

The FBI issued alerts regarding cyber campaigns by Russian and Iranian actors targeting messaging platforms. Russian intelligence services are reportedly infiltrating applications like Signal, leading to unauthorized access of thousands of accounts of U.S. government officials, military personnel, political figures, and journalists. Russian operatives are using phishing messages disguised as support notifications to trick users into providing verification codes or account PINs, potentially allowing attackers to take over accounts. Once compromised, attackers can access messages, contact lists, and launch further phishing attempts. The advisory emphasizes that while Signal is targeted, similar tactics can affect any messaging app. In a separate alert, the FBI highlighted Iran’s Ministry of Intelligence and Security (MOIS) using Telegram to distribute malware aimed at Iranian dissidents and journalists, enabling them to steal sensitive information. This malware often disguises itself as legitimate software and connects to Telegram bots for remote access and data exfiltration. The FBI linked these activities to the Handala Hack group, which claimed responsibility for a recent attack on medical device manufacturer Stryker. The malware can be introduced through social media by hackers posing as technical support. Experts note that the use of Telegram for cyber compromises is increasing, as it helps malicious actors avoid detection by blending their traffic with trusted platforms.

Tech Optimizer

March 24, 2026

This tax-themed malvertising attack can blind security software before it arrives — and then unleashes ransomware

Cybercriminals are targeting taxpayers with phishing schemes and malware attacks as the April 15 tax deadline approaches. They create fake tax form websites that appear in Google Ads, leading users to download malicious software like ScreenConnect, which can disable device security. These tactics aim to steal sensitive information and potentially facilitate ransomware attacks. Counterfeit Chrome updates are also being used in similar schemes. Taxpayers are advised to verify the authenticity of websites and rely on trusted sources to protect their personal information.

Winsage

March 24, 2026

A closer look at the Windows 11 features businesses rely on most

Windows 11 is a foundational platform for businesses, offering integrated productivity tools and compatibility with Microsoft 365, which enhances cybersecurity and IT management. Key security features include the requirement for TPM 2.0, Windows Hello for Business for secure sign-ins, and BitLocker device encryption enabled by default. The integration of Microsoft 365 Copilot allows AI-driven assistance for document creation and data analysis, streamlining workflows across applications like Word, Excel, Outlook, and Teams. IT management is simplified with tools like Windows Autopilot for zero-touch provisioning and Microsoft Intune for remote device management. Windows 11 also improves performance with features like adaptive energy saver mode and Fast Startup, while plans to enhance user experience include reintroducing the ability to move and resize the Taskbar.

Winsage

March 24, 2026

My 5-step security checklist for every new Windows PC

Windows 11 Pro, Enterprise, and Education editions include BitLocker, a tool that encrypts the system drive to protect against unauthorized access. BitLocker requires a 48-digit recovery key for access if the device is compromised. A Trusted Platform Module (TPM) chip is necessary for BitLocker to function, which is standard in most computers made in the last eight to nine years. To enable BitLocker, users must open File Explorer, right-click the system drive, select "Turn on BitLocker," back up the recovery key, choose the encryption portion, and run a system check to start the encryption process.