unauthorized access Archives

Winsage

May 1, 2025

Microsoft RDP apparently lets you log in with expired passwords – and it apparently doesn’t have plans to fix the issue

Security researcher Daniel Wade has revealed that Microsoft’s Remote Desktop Protocol (RDP) allows users to log into systems using previously revoked passwords, raising concerns about user security. Wade highlights that this feature undermines the trust users place in password management, as changing passwords is expected to prevent unauthorized access. This issue affects a wide range of users, from individuals to employees in small businesses and hybrid work environments. Despite the increasing sophistication of cyberattacks on password managers, Microsoft has stated it will not change this RDP functionality.

Winsage

April 30, 2025

Windows RDP lets you log in using revoked passwords. Microsoft is OK with that.

The ability to use a revoked password for Remote Desktop Protocol (RDP) access on Windows machines linked to Microsoft or Azure accounts allows users to log in with either a dedicated password or the credentials from their online account. Even after changing the account password, the old password remains valid for RDP logins indefinitely, and in some cases, multiple previous passwords may still grant access. This behavior poses significant security risks, especially if the account has been compromised, as changing the password does not block access via RDP with the old password. The issue arises from credential caching on the local machine, where the initial login credentials are stored securely, allowing continued access without online verification.

Tech Optimizer

April 26, 2025

How to disable the PC webcam and protect it from unauthorized access

The webcam is a crucial tool for remote communication but poses privacy risks, particularly through a threat known as CamFecting, where unauthorized access can occur via malware, malicious websites, or system vulnerabilities. Preventive measures include using antivirus software, disabling the webcam when not in use, and physically covering the camera with privacy caps or tape. Signs of unauthorized access include unexpected illumination of the webcam light, unusual camera behavior, unknown files on the system, abnormal data consumption, and decreased battery life. To deactivate the webcam, users can adjust settings in major browsers and operating systems. Maintaining digital hygiene, such as regularly updating software, using security systems like firewalls and VPNs, and being cautious of phishing attempts, is essential to minimize risks.

AppWizard

April 25, 2025

12 Android apps secretly recorded your conversations

Recent findings from cybersecurity experts at ESET revealed that several Android applications, disguised as harmless tools, have been secretly recording conversations and stealing sensitive data. These malicious apps infiltrated devices through the Google Play Store and third-party platforms, compromising the privacy of thousands of users. One tactic used by cybercriminals involved romantic deception, where victims were coaxed into downloading a seemingly harmless messaging app containing the VajraSpy Trojan, which activated upon installation to record conversations and harvest personal data. The identified malicious apps fall into three categories: 1. Standard Messaging Apps with Hidden Trojans: These apps, including Hello Chat, MeetMe, and Chit Chat, request access to personal data and operate silently in the background, stealing contacts, SMS messages, call logs, device location, and installed app lists. 2. Apps Exploiting Accessibility Features: Apps like Wave Chat exploit Android’s accessibility features to intercept communications from secure platforms, record phone calls, keystrokes, and ambient sounds. 3. Single Non-Messaging App: Nidus, a news app, requests a phone number for sign-in and collects contacts and files, increasing the risk of data theft. The 12 malicious Android apps identified include: Rafaqat, Privee Talk, MeetMe, Let’s Chat, Quick Chat, Chit Chat, YohooTalk, TikTalk, Hello Chat, Nidus, GlowChat, and Wave Chat. The first six apps were available on the Google Play Store and had over 1,400 downloads before removal. Users are advised to uninstall these apps immediately to protect their personal data.

Winsage

April 23, 2025

Critical Flaw in Windows Update Stack Enables Code Execution and Privilege Escalation

A newly identified vulnerability in the Windows Update Stack, designated as CVE-2025-21204, allows attackers to execute arbitrary code and escalate privileges to SYSTEM level on affected machines. This critical security flaw arises from improper privilege separation and inadequate validation during the update orchestration process. Attackers can exploit it by creating harmful update packages or acting as man-in-the-middle on compromised networks. The vulnerability impacts any Windows system utilizing the vulnerable update mechanism, affecting both enterprise and consumer editions. Microsoft is working on a patch, and users are advised to monitor official channels for updates and apply patches promptly. Organizations should also restrict network access to update servers and monitor for suspicious update activities. The CVSS score for this vulnerability is 7.8 (High), indicating significant risk.

Winsage

April 22, 2025

More Americans are on Windows 11 than Windows 10: the older OS is getting abandoned en masse

Microsoft will officially cease support for Windows 10 on October 14, compelling users to transition to Windows 11, which has more demanding hardware requirements. Users with older systems may struggle to meet these requirements, and Microsoft will not guarantee updates for installations on unsupported hardware. Windows 10 will continue to receive support until October 2025, after which paid updates will be available. The Trusted Platform Module (TPM) is emphasized in Windows 11 for enhanced security, providing encryption and verifying software integrity. Recent statistics show that Windows 11 has surpassed Windows 10 in market share in the U.S., with 54% of users on Windows 11 compared to 44% on Windows 10. However, Windows 10 still holds a 55% market share in Europe and over 60% in Asia.

Winsage

April 20, 2025

Microsoft’s Free Upgrade Offer—Bad News For 240 Million Windows Users

Microsoft is encouraging approximately 240 million PC owners to recycle outdated devices, as they will not qualify for a free upgrade to Windows 11 without new hardware. The company emphasizes the importance of the Trusted Platform Module (TPM) 2.0, a security chip that determines eligibility for the upgrade and protects sensitive data. TPM 2.0 offers several security benefits, including data encryption, verification of trusted software, detection of physical tampering, and support for advanced security features in Windows 11. Currently, around 240 million PCs are estimated to be ineligible for the upgrade, which may hinder the adoption of Windows 11 and leave many devices vulnerable to cyber threats.

AppWizard

April 18, 2025

Perplexity’s Android App Is Infested With Security Flaws, Report Finds

Perplexity has launched a promotional campaign called “Ask like a millionaire,” offering a million-dollar prize to users who download its app, refer friends, and engage with it during the Super Bowl. However, the Android app is facing scrutiny due to significant security vulnerabilities, including issues that could lead to data theft and account takeovers. A report from Appknox reveals that the app's API can be accessed without restriction, and the code contains hardcoded secrets, making it easy for attackers to create counterfeit versions of the app. The app is also vulnerable to task hijacking, which could allow unauthorized access to sensitive data. Perplexity, founded in 2022, has raised 0 million in venture capital and has over 10 million downloads. The company is exploring partnerships with smartphone manufacturers and has faced criticism for alleged copyright infringement. Security experts advise users to consider removing the app until the issues are resolved.

Tech Optimizer

April 17, 2025

Bitdefender Antivirus review

Bitdefender Total Security offers comprehensive antivirus protection, a VPN with a daily limit of 200 MB, and specific protections for cryptocurrency mining. The software includes multi-layered antivirus protection, real-time Advanced Threat Detection, Ransomware Remediation, a firewall, and an anti-spam feature. Performance testing shows minimal impact on speed, with quick scans completing in minutes and full scans taking about 30 minutes. Additional features include a secure browser for financial transactions, a virtual keyboard, a trial password manager, webcam and microphone privacy controls, and PC optimization tools. The user interface is designed for ease of use, with a customizable dashboard and intuitive navigation. Support options include phone, chat, and email, with quick transitions to live agents. Bitdefender typically retails at .99 annually, with competitors offering lower introductory prices.

AppWizard

April 16, 2025

How to remove a work profile from an Android device

A work profile on Android devices helps users separate personal and professional data, allowing IT administrators to manage corporate data remotely without affecting personal information. When an Android device is enrolled in an organization's Mobile Device Management (MDM) platform, a work profile is created, enabling IT to control data usage, notifications, applications, and security. Upon an employee's departure, the work profile is typically removed to protect corporate data, while personal data remains intact. Users can remove the work profile through the device's Settings or the MDM application. IT administrators can also delete a work profile via the MDM system to safeguard corporate information without wiping the entire device. Troubleshooting steps are available if difficulties arise during the removal process.