NewApp Digest
search bot

Software

Researchers Use Windows Minifilter Drivers to Detect Ransomware in Real Time
Tech Optimizer
February 10, 2026

Researchers Use Windows Minifilter Drivers to Detect Ransomware in Real Time

A security researcher has developed a proof-of-concept tool called Sanctum, available on GitHub, aimed at combating ransomware within the Windows operating system. Sanctum utilizes a Windows feature known as a "filter driver" to monitor file operations at a strategic chokepoint between applications and the hard drive. It employs two primary callbacks: IRPMJCREATE, which detects rapid file write or delete requests indicative of ransomware activity, and IRPMJSET_INFORMATION, which identifies changes in file metadata, such as renaming with malicious extensions. Upon detecting suspicious activity, Sanctum blocks the action and identifies the source of the threat, logging events for security teams. Future enhancements may include real-time encryption detection and the ability to freeze malicious threads. This kernel-level approach offers greater visibility and speed compared to traditional antivirus solutions.
AKDAN Malware Hunters blocks new malware that are difficult to detect with existing Antivirus with 'AKDAN HALL'
Tech Optimizer
February 10, 2026

AKDAN Malware Hunters blocks new malware that are difficult to detect with existing Antivirus with ‘AKDAN HALL’

AKDAN Malware Hunters has launched the AKDAN HALL PED, a security solution that detects and neutralizes unknown document-based malware in 0.27 seconds, achieving a 99% success rate against emerging threats. This technology uses Pre-Execution Detection (PED) and a virtual "hypnosis" environment to analyze potentially malicious behavior, differing from traditional antivirus software that relies on known threat databases. CEO Sean Jeon, with over 15 years in cybersecurity, emphasizes the need for proactive measures as 91% of cyberattacks start via email, often using document-based malware. The AKDAN HALL product line includes a cloud-based agent for personal use and the AKDAN HALL Mini, a compact server for sensitive environments, both designed to complement existing antivirus solutions. The company has received support from the Initial Startup Package program at Seoul National University of Science and Technology and plans to expand into the Japanese market.
GuLoader Leverages Polymorphic Malware and Trusted Cloud Infrastructure to Evade Detection
Tech Optimizer
February 10, 2026

GuLoader Leverages Polymorphic Malware and Trusted Cloud Infrastructure to Evade Detection

GuLoader, also known as CloudEye, is a downloader malware that has been active since late 2019, primarily used to fetch and install secondary malware like Remote Access Trojans (RATs) and information stealers. It employs legitimate cloud services such as Google Drive and Microsoft OneDrive to host its malicious payloads, allowing it to evade detection by security tools. GuLoader utilizes advanced techniques including polymorphic code, which alters its appearance to avoid static detection signatures, and exception-based control flow to confuse analysis tools. Over the years, GuLoader has refined its tactics, including the use of software breakpoints and various exception types to redirect its operations. It also employs dynamic XOR encryption to obfuscate internal data, making it difficult for analysts to extract URLs. The malware's continuous evolution poses ongoing challenges for security researchers. Indicators of Compromise (IOCs) include specific hash values for different versions of GuLoader from 2022 to 2024.
Why Should Small Businesses Invest In Antivirus Protection?
Tech Optimizer
February 10, 2026

Why Should Small Businesses Invest In Antivirus Protection?

53% of UK businesses experience cybercrime attempts at least once a month, and 70% of business owners anticipate a cyber attack in the near future, yet only 35% feel adequately prepared. 43% of cyberattacks are directed at small businesses, with over half potentially closing due to the damage. Antivirus software is a cost-effective solution that can prevent data breaches, reduce the likelihood of ransomware, and protect devices of remote workers.
Microsoft is keeping Secure Boot alive with Windows updates
Winsage
February 10, 2026

Microsoft is keeping Secure Boot alive with Windows updates

Microsoft is enhancing the security of Windows devices by replacing boot-level security certificates that are nearing expiration, with this initiative integrated into regular Windows platform updates. The original Secure Boot certificates from 2011 will expire between June and October 2026, prompting Microsoft to issue new certificates in 2023, which are included in many new Windows devices sold since 2024. Older hardware will require updates to remain compliant. Devices with expired certificates will continue to operate but will enter a "degraded security state," potentially hindering future updates and causing compatibility issues. The new Secure Boot certificates rollout began with the Windows 11 KB5074109 update. Most Windows 11 users will have the new certificates installed automatically, while specialized systems may have different update protocols. Windows 10 users must enroll in Microsoft’s Extended Security Updates to receive the new certificates.
Your Android phone feeling slow? My 4-step refresh routine works wonders every time
AppWizard
February 10, 2026

Your Android phone feeling slow? My 4-step refresh routine works wonders every time

To enhance the performance of an aging Android device without rooting, follow these steps: 1. Delete unused apps by navigating to Settings > Storage > Apps. 2. Clear additional storage by offloading photos to an external drive or cloud storage and clearing app cache via Settings > Storage > App > Clear Cache. 3. Check for updates by going to Settings > General > System Update and updating apps through the Google Play Store. 4. Adjust animation speed by enabling Developer options (Settings > About phone > Tap on Software information > Tap Build number seven times) and modifying the Window animation scale to 0.5x, along with Transition animation scale and Animator duration scale for improved responsiveness.
Google warns millions of android users as virus spreads via WhatsApp, Instagram, Facebook, YouTube and more Apps; How to stay safe
AppWizard
February 10, 2026

Google warns millions of android users as virus spreads via WhatsApp, Instagram, Facebook, YouTube and more Apps; How to stay safe

Google has issued a warning to Android users about a dangerous malware called Arsink Malware, which is a Remote Access Trojan (RAT) capable of stealing personal information and taking control of infected devices. It spreads through apps that appear legitimate, often masquerading as "Mod" or "Premium" versions of popular applications. Arsink malware typically infiltrates devices via Telegram channels, Discord posts, third-party websites, and suspicious download links. Google has confirmed that no versions of Arsink are available on the Play Store and that devices with Google Play Protect enabled are automatically safeguarded against such threats. Google is also working with researchers to dismantle the infrastructure associated with this malware. To stay safe, users are advised to download apps only from the official Google Play Store, avoid 'Mod' or 'Premium' versions of apps, refrain from clicking on suspicious links, carefully check app permissions, keep Google Play Protect enabled, and regularly update their devices for security patches.
silver Android smartphone
BetaBeacon
February 10, 2026

GameNative gains support for Epic Games Store, giving Android handhelds wider access to PC games

Retrohandhelds has acquired Github to enhance its capabilities in developing innovative gaming solutions by leveraging Github's open-source projects and developer community. This partnership aims to accelerate product development cycles and improve software quality, signaling Retrohandhelds' commitment to modern software development practices and fostering collaboration and innovation within the company.
Your Windows PC has a secretly useful backup tool - here's how to access it
Winsage
February 10, 2026

Your Windows PC has a secretly useful backup tool – here’s how to access it

Windows Backup is a built-in feature in Windows that allows users to back up specific folders and files, as well as create a complete system image. Backups can be directed to various media, including CDs, DVDs, external hard drives, or network locations, and users can schedule backups to run at regular intervals. However, Windows Backup has been deprecated by Microsoft and is no longer supported or updated, which may lead to occasional issues. A newer tool also named Windows Backup exists, designed for backing up and restoring specific files and settings for PC transitions. Users should prepare their storage media, typically external drives with 16GB to 32GB of space, before using the older Windows Backup. Restoration options include returning files to their original location or a different one, depending on the situation. Despite its deprecated status, Windows Backup remains functional and is considered a valuable tool for users seeking a built-in backup solution.
Search