verification Archives

Tech Optimizer

June 2, 2025

Streamline code conversion and testing from Microsoft SQL Server and Oracle to PostgreSQL with Amazon Bedrock

Organizations are transitioning from legacy database systems like Microsoft SQL Server and Oracle to open-source alternatives such as PostgreSQL to reduce costs and enhance scalability. This migration process involves several steps, including schema conversion, business logic transformation, data migration, application changes, and performance tuning. Amazon Bedrock aids this process by automating schema and code conversion, data transformation, identifying code compatibility issues, and generating test cases for validation. The migration challenges include adapting database objects to PostgreSQL's syntax, converting stored procedures and functions, executing ETL processes for data accuracy, modifying application code, and optimizing performance. Amazon Bedrock utilizes generative AI to simplify these tasks, significantly reducing manual effort and errors. An example of code conversion from Microsoft SQL Server to PostgreSQL is provided, illustrating how to convert a stored procedure into a PostgreSQL function while generating corresponding test cases. The process involves using the Amazon Bedrock chat interface to submit prompts for conversion and validation. To support the migration, table creation scripts for the Employees and SalaryUpdateLog tables are included, along with test data that covers various employee scenarios. This data allows for comprehensive testing of the converted function, ensuring it correctly applies salary updates based on specified criteria.

AppWizard

May 31, 2025

Google patches an annoying Wear OS authentication bug affecting Wallet

A bug affecting Google Wallet caused repeated authentication prompts for Wear OS users, which has now been patched by Google. Wear OS users can make Wallet payments without needing to authenticate if their smartwatch is unlocked and worn on their wrist. The issue was acknowledged by Google on May 20, and the fix was confirmed in a community post on May 29. The Google Wallet app on Wear OS has been updated to version 25.17, though it is unclear if the patch requires a manual update or was implemented server-side.

Winsage

May 29, 2025

Forced E-Waste PCs And The Case Of Windows 11’s Trusted Platform

The process of upgrading Windows operating systems was straightforward until Windows 11, which introduced a new requirement for a Trusted Platform Module (TPM), potentially rendering many capable PCs obsolete. The TPM is used for boot validation and storing biometric data, but it complicates data recovery and may lock out legitimate users. Users have found ways to bypass Windows 11's TPM and CPU restrictions, allowing installation on unsupported hardware. Microsoft’s enforcement of these requirements remains uncertain, raising concerns about system reliability and user access to updates. Many users are opting to stay on Windows 10 while advocating for continued support from developers.

Tech Optimizer

May 28, 2025

M&S shoppers urged to set up security measure on ‘all accounts’

M&S shoppers are being urged to enhance their online security following a cyber attack that disrupted customer services. The retailer has acknowledged ongoing challenges, stating they cannot process online orders while stores remain open. Sensitive customer information, including phone numbers, email addresses, and order histories, was compromised in the breach. Security expert Luis Corrons from Norton recommends activating two-step verification for online accounts, being cautious about stored personal and payment information, deleting unused accounts, using strong passwords, and keeping devices and software updated to improve security. He emphasizes that cyber threats are increasingly targeting human behavior and that these security measures are essential for digital safety.

AppWizard

May 27, 2025

Google Play’s latest security change may break many Android apps for some power users

Google's Play Integrity API has been updated as of May 2025 to include stricter security measures that verify app integrity on Android devices. The updated API aims to prevent abuse and protect sensitive information but excludes most custom ROMs, making it challenging for users who root their devices. This change means that many applications, particularly in banking, gaming, and medical services, may become inaccessible to rooted users. The new integrity verdicts—“basic,” “device,” and “strong”—now incorporate hardware-backed security signals, with the “strong” verdict requiring recent security patches. Developers will automatically transition to these stronger verdicts, enhancing security without additional effort. As a result, power users may be locked out of essential applications, and workarounds to bypass these restrictions are becoming less effective.

Tech Optimizer

May 26, 2025

This Stealthy Malware Takes Control of Your Computer to Steal Your Data

Skitnet is a new malware that targets personal data by stealthily infiltrating computer systems. It is used by hackers to steal sensitive information through advanced methods, including the insertion of invisible malicious code in emails and the creation of fraudulent websites. Cybersecurity experts from PRODAFT have revealed that Skitnet is often employed by ransomware groups and can remotely control infected computers using services like AnyDesk. The malware operates discreetly, monitoring user actions without detection for extended periods, making it difficult for victims to realize they are infected until after data theft occurs. To protect against such threats, security specialists recommend identifying suspicious emails, using reliable antivirus software, and enhancing account security with two-step verification and strong passwords.

Winsage

May 22, 2025

Windows Server Flaw a Shortcut to Privilege Escalation

An unpatched vulnerability in Windows Server 2025, identified by Akamai researchers, is associated with a method called "BadSuccessor." This flaw, considered "trivial" to exploit and present in the default configuration, allows for privilege escalation and potential full domain compromise. The vulnerability arises from delegated managed service accounts (dMSA), which were intended to enhance security during the migration of legacy service accounts. However, dMSAs can inherit permissions from legacy accounts, enabling attackers to simulate a migration and gain access to the permissions and encryption keys of those accounts without verification. The attack requires prior permissions within an Active Directory organizational unit, indicating a previous breach. Akamai reported the vulnerability to Microsoft on April 1, but Microsoft classified its severity as "moderate." Akamai recommends organizations restrict the creation of dMSAs to mitigate risks associated with this vulnerability.

Tech Optimizer

May 21, 2025

Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer

Microsoft has monitored Lumma Stealer, an infostealer malware used by financially motivated threat actors. Lumma Stealer, also known as LummaC2, functions as a malware-as-a-service (MaaS) solution that extracts data from browsers and applications, including cryptocurrency wallets. The entity behind Lumma is identified as Storm-2477, which maintains the malware and its command-and-control (C2) infrastructure. Affiliates can create malware binaries and manage C2 communications through a panel provided by Storm-2477. Ransomware groups have integrated Lumma Stealer into their operations. Lumma Stealer employs various delivery techniques, including phishing emails, malvertising, drive-by downloads, Trojanized applications, and abuse of legitimate services. Specific campaigns have been identified, such as one in April 2025 that used EtherHiding and ClickFix techniques to deliver Lumma Stealer via compromised websites. Another campaign on April 7, 2025, targeted Canadian organizations with emails containing invoice lures that led to malicious downloads. The malware is developed using C++ and ASM, employing advanced obfuscation techniques to evade detection. It can extract a wide range of user data, including browser credentials, cryptocurrency wallet information, and user documents. Lumma Stealer maintains a robust C2 infrastructure with multiple hardcoded and fallback C2 servers, utilizing encryption methods to secure communications. Microsoft's Digital Crimes Unit has disrupted Lumma Stealer's infrastructure by blocking approximately 2,300 malicious domains. Recommendations to mitigate the impact of Lumma Stealer include strengthening Microsoft Defender configurations, implementing multifactor authentication, and utilizing phishing-resistant authentication methods. Microsoft Defender products can detect and block activities associated with Lumma Stealer, providing alerts and insights for incident response.

Winsage

May 21, 2025

Active Directory DMSA Attack Detailed By Researchers

The delegated Managed Service Account (dMSA) feature in Windows Server 2025 has a privilege escalation vulnerability that allows attackers to compromise any user in an Active Directory (AD) environment. Research by Yuval Gordon revealed that in 91% of examined environments, users outside the domain admins group had the necessary permissions to exploit this vulnerability. The attack can be executed with benign permissions on any organizational unit (OU) and does not require actual migration of accounts. Gordon's technique, called “BadSuccessor,” enables an attacker controlling a dMSA object to inherit the permissions and keys of any user, including those with high privileges. Microsoft has acknowledged the vulnerability but categorized it as a Moderate severity issue. Akamai recommends limiting the creation of dMSAs and tightening permissions until a patch is released.

Winsage

May 21, 2025

Windows 11 Introduces Enhanced Administrator Protection to Strengthen Security Against Elevated Privilege Attacks

Microsoft has launched Administrator Protection for Windows 11, a feature designed to enhance cybersecurity by preventing privilege escalation attacks. This feature creates a security boundary around administrative operations, reducing the attack surface for cybercriminals. It introduces a hidden, system-managed local user account that generates isolated admin tokens, preventing user-level malware from compromising elevated processes. Administrator Protection eliminates auto-elevation functionality, requiring users to explicitly authorize administrative actions. It utilizes a System Managed Administrator Account (SMAA) that generates non-persistent admin tokens for specific tasks, which are discarded after use. The feature is currently available to Windows Insiders in the Canary channel and will expand to the Dev channel, with broader deployment expected in the 24H2 release. Compatibility challenges may arise in complex development environments, such as with Visual Studio.