South America Archives

Tech Optimizer

October 17, 2025

Russian tech firm attacked by Chinese state hackers in allied attack

The Chinese APT group Jewelbug infiltrated a Russian IT provider undetected for five months. They have increased their activity, targeting Russian entities as well as interests in South America, South Asia, and Taiwan. Jewelbug used a disguised version of the Microsoft Console Debugger (CDB) to bypass security measures and exfiltrate data. They cleared Windows Event Logs to avoid detection and used Yandex Cloud for data exfiltration. Symantec's report indicates that Russian organizations are vulnerable to attacks from Chinese state-sponsored groups.

AppWizard

September 17, 2025

Bandai and Amazon’s canceled MMO is back with over two million pre-regs, and it’s coming soon

Blue Protocol: Star Resonance was originally launched by Bandai Namco Online but ended in early 2025. Amazon Games attempted to bring it to Western audiences in August 2024, but that effort also failed. Shanghai Bokura Network Technology is now developing a spinoff set in the world of Regnus, with an official launch date approaching after a successful beta test. The game features MMO and anime aesthetics, allowing players to engage in adventures, raids, and dungeons with various classes like Beat Performer and Stormblade. It emphasizes cooperative play, encouraging teamwork to defeat bosses and explore dungeons, contrasting with the gacha mechanics of similar games. Character customization options are extensive, appealing to players who enjoy character creation. The beta attracted over 29,000 players, and over two million have pre-registered for the launch. The game is set to debut on October 9 across North America, Europe, and South America, available on Steam and the Epic Games Store. Players are encouraged to engage with the community on Discord.

Tech Optimizer

September 15, 2025

Antivirus Software Market Size Unlocking New Opportunities for Success

The global antivirus software market is valued at approximately USD 4.0 to 4.7 billion in 2023 and is projected to grow to around USD 11.0 billion by 2033, reflecting a compound annual growth rate (CAGR) of about 8.5% from 2024 to 2033. The market is driven by increasing cyber threats, the rise of internet and device penetration, and the demand for advanced protection solutions. Key players in the market include NortonLifeLock, McAfee, Kaspersky, Bitdefender, Avast, Trend Micro, ESET, and Sophos. The market can be segmented into cloud-based and on-premises antivirus solutions, and applications include individual consumers, small and medium enterprises, and large enterprises. The report provides insights into regional growth, competitive landscape, and market dynamics, with customization options available for specific requirements.

Winsage

September 5, 2025

New China-aligned crew poisons Windows servers for SEO fraud

A cybercrime group named GhostRedirector has infiltrated at least 65 Windows servers worldwide, using undocumented malware to manipulate Google search rankings for gambling sites. The group's activities began in December, with indications of operation since at least August 2024. They employ two malware variants, Rungan (a C++ backdoor) and Gamshen (an IIS trojan), to execute SEO fraud by altering website responses to Googlebot and creating fake backlinks. Most compromised servers are located in Brazil, Peru, Thailand, Vietnam, and the United States, with a focus on South America and South Asia. The initial breach likely occurred via an SQL injection vulnerability, followed by the use of PowerShell to download privilege escalation tools and malware from a server identified as 868id[.]com. Tools used include EfsPotato and BadPotato, which are signed with a certificate linked to Shenzhen Diyuan Technology. GhostRedirector also utilizes a custom library called Comdai for various backdoor functionalities and another tool named Zunput for gathering information about active websites. Rungan executes backdoor commands, while Gamshen facilitates the SEO manipulation process.

Tech Optimizer

September 3, 2025

Malwarebytes Ultimate

Malwarebytes offers a cybersecurity suite called Malwarebytes Ultimate, which includes antivirus protection, VPN services, and identity theft remediation. The pricing starts at .99 per year for a single device, with higher costs for additional devices. The suite provides coverage for Windows, macOS, Android, and iOS. The identity theft protection is powered by TransUnion but lacks the extensive features of competitors like Bitdefender and Norton. Malwarebytes Ultimate includes a VPN with over 60 server locations across 34 countries, though it does not cover regions like Africa or certain countries. The VPN features include an automatic activation option and split tunneling. Malwarebytes has received high scores in independent testing for its antivirus capabilities on Android but did not appear in some recent evaluations. The identity theft protection system allows users to monitor personal information and receive alerts if their data is found on the dark web. Users can also track financial transactions for suspicious activity and access resources for identity and credit protection. Malwarebytes provides a dedicated resolution specialist for identity theft cases and offers a personal data removal service.

AppWizard

August 26, 2025

Spotify launches in app messaging for one on one chats

Spotify has launched an in-app messaging feature that allows one-on-one chats between users, enhancing interaction around shared music and podcasts. To start a conversation, users need to connect through shared content like collaborative playlists or family plans, and chat requests must be approved by the recipient. Users can also send invite links to contacts. The feature includes emoji reactions and ensures messages are encrypted, though not end-to-end encrypted. Users can disable the feature in the Settings menu. It is currently rolling out on mobile devices for users aged 16 and older in select markets in Latin and South America, with plans to expand to other regions soon.

Winsage

August 19, 2025

Ransomware gang masking PipeMagic backdoor as ChatGPT desktop app: Microsoft

Microsoft has identified a sophisticated malware called PipeMagic, disguised as a ChatGPT desktop application, linked to the threat actor Storm-2460, who is preparing for ransomware attacks. This malware exploits a zero-day vulnerability (CVE-2025-29824) affecting the Windows Common Log File System Driver (CFLS), first disclosed in April. PipeMagic has targeted sectors such as information technology, financial, and real estate across the U.S., Europe, South America, and the Middle East. It emerged in 2022 during attacks on Asian entities and resurfaced in September 2024. Victims see a blank screen upon opening the malicious application, complicating detection. Hackers modified an open-source ChatGPT project to embed malicious code that activates the malware, allowing privilege escalation and ransomware deployment. Kaspersky reported that PipeMagic was used in a RansomExx ransomware campaign, and Symantec noted its exploitation by the Play ransomware group.

Tech Optimizer

July 24, 2025

Amazon Aurora PostgreSQL Limitless Database is now available in 22 additional Regions

The Amazon Aurora PostgreSQL Limitless Database has launched in various regions, including the US West (Northern California), Africa (Cape Town), Asia Pacific (Hyderabad, Jakarta, Melbourne), Canada (Central and West), Europe (London, Milan, Paris, Spain, Zurich), Israel (Tel Aviv), Mexico (Central), the Middle East (Bahrain, UAE), and South America (Sao Paulo). It features a serverless endpoint that distributes data and queries across multiple Amazon Aurora Serverless instances, ensuring transactional consistency and enhancing performance. The database includes distributed query planning and transaction management, dynamically allocates compute resources based on workload fluctuations, and supports PostgreSQL versions 16.6 and 16.8. Users can create an Aurora PostgreSQL Limitless Database via the Amazon RDS console.

AppWizard

June 13, 2025

Sony Removes PC Region Locks for Major PlayStation Games on Steam

Sony has lifted regional restrictions on its popular PlayStation titles for PC, allowing access to games like God of War Ragnarök, Marvel’s Spider-Man 2, The Last of Us Part II Remastered, and Helldivers 2 in many new countries. This change follows the successful launch of Stellar Blade on Steam, which achieved over 183,000 concurrent players. Previously, Sony had region locks that restricted access to significant portions of Africa, Asia, and South America. Some regions, including Russia and Syria, remain restricted.

Tech Optimizer

June 5, 2025

CISA releases TTPs & IoCs for Play Ransomware That Hacked 900+ Orgs

The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the FBI and the Australian Cyber Security Centre, released an advisory on the Play ransomware group, which has targeted around 900 entities since its inception in June 2022. The group employs a double extortion model, exploiting vulnerabilities in public-facing applications and using tools for lateral movement and credential dumping. Their operations involve recompiling ransomware binaries for each attack to evade detection. The advisory highlights mitigation measures such as multifactor authentication and regular software patching. The Play ransomware specifically targets virtual environments and encrypts files using AES-256 encryption. Indicators of Compromise (IoCs) include: - SVCHost.dll (Backdoor) - SHA-256: 47B7B2DD88959CD7224A5542AE8D5BCE928BFC986BF0D0321532A7515C244A1E - Backdoor - SHA-256: 75B525B220169F07AECFB3B1991702FBD9A1E170CAF0040D1FCB07C3E819F54A - PSexesvc.exe (Custom Play “psexesvc”) - SHA-256: 1409E010675BF4A40DB0A845B60DB3AAE5B302834E80ADEEC884AEBC55ECCBF7 - HRsword.exe (Disables endpoint protection) - SHA-256: 0E408AED1ACF902A9F97ABF71CF0DD354024109C5D52A79054C421BE35D93549 - Hi.exe (Associated with ransomware) - SHA-256: 6DE8DD5757F9A3AC5E2AC28E8A77682D7A29BE25C106F785A061DCF582A20DC6