tactics

Winsage
July 8, 2026
Microsoft developed Windows 95 with innovative detection mechanisms to prevent external installers from downgrading essential system components. The team used a heuristics-based approach to identify installer files by analyzing their names for keywords like "setup," "installer," or "inst," and also considered variations in other languages. If these keywords were not present, the system would check the file path for "setup." File checks were delayed until the next start to catch improperly modified files, as some setup programs would exit Windows to run batch files. Additionally, live file checks were conducted for multimedia driver installations via INF files, which was a special exception.
Winsage
July 7, 2026
LG monitors are displaying unsolicited advertisements for McAfee, which users find intrusive and frustrating. This issue arose when the LG Monitor App Installer was automatically added to users' PCs, similar to how some motherboard software integrates during Windows reinstallation. Reports indicate that this is not an isolated incident, as other users have experienced the same problem. Additionally, other manufacturers like Alienware and Samsung may be engaging in similar practices, facilitated by a Microsoft policy that allows automatic downloads of related monitor software. This trend raises concerns about user consent and the prevalence of unwanted software installations.
AppWizard
July 3, 2026
GOG is offering the 2004 game Nexus: The Jupiter Incident for free for a limited time of two days and 17 hours. After this promotional period, it will return to its standard price. If claimed during the promotion, it will remain permanently in the user's GOG library as a DRM-free copy. The game was developed by Mithis Entertainment and published by HD Interactive, and it has a Metacritic score of 77, a 4.4 out of 5 stars rating on GOG, and an 86% approval rating on Steam. The intellectual property is currently held by THQ Nordic.
Tech Optimizer
July 3, 2026
Cybercriminals are using a sophisticated method to bypass security measures by embedding malware within the VLC media player. This campaign exploits VLC to install ValleyRAT, a remote access trojan, through phishing emails that contain links to download a seemingly harmless file. Once the file is opened, it activates a hidden backdoor that evades detection by antivirus solutions. The malware has been active since 2023, with a significant increase in activity noted through 2025 and into 2026, particularly targeting Chinese and Japanese-speaking users. The infection process begins when a victim clicks a link in a phishing email, leading to a ZIP archive containing a disguised executable and a malicious DLL (libvlc.dll). The executable mimics a legitimate VLC file, and when executed, it loads the DLL, allowing the malware to run under the guise of VLC. The malware establishes persistence by creating a registry entry and connects to a remote server to retrieve the final payload. ValleyRAT employs evasion tactics to avoid detection, such as performing checks on system behavior and using a fileless approach to inject its payload directly into memory, avoiding storage on disk. Researchers recommend training employees to recognize suspicious filenames and deploying endpoint detection tools to identify DLL sideloading behavior. For organizations affected by this campaign, isolating compromised systems and reviewing security logs are critical initial steps. Indicators of compromise include a malicious email domain, a ZIP archive containing a fake VLC executable, and a download URL for ValleyRAT.
AppWizard
July 3, 2026
The Consumer Competition Claims Foundation (CCC), a Dutch nonprofit organization, has filed a class action claim against Valve, alleging that the company's practices are stifling competition in the PC gaming market and inflating game prices. The CCC claims that Valve enforces price-parity agreements through contracts and peer pressure, preventing game developers from offering lower prices on competing platforms. They argue that Valve's 30% commission on sales restricts studios from setting their own prices, leading to higher costs for consumers. The CCC is also concerned about Valve's requirement for microtransactions to go through the Steam Wallet, which incurs an additional 30% commission, and the practice of region-locking keys. They are seeking €220 million in damages for affected Dutch players. The CCC is currently exploring an amicable resolution with Valve and is encouraging individuals to support their cause by signing up on the GameClaim website. The CCC's claims extend beyond direct Steam purchases, affecting the entire market. The likelihood of a successful lawsuit is uncertain, as the CCC has a mixed track record in previous cases. Valve has faced legal challenges in the past, including a penalty in 2016 for misleading consumer representations, and ongoing lawsuits regarding its market dominance.
Search