vulnerability Archives

Winsage

August 28, 2025

Windows 10 support shutdown offers window of opportunity for a Linux OS developed in Dublin

Windows 10 support will end in October, leaving users vulnerable to cyber threats, and many older laptops may not meet the requirements for upgrading to Windows 11, prompting the need for new laptops. Zorin OS, created by the Zorin brothers, is a user-friendly Linux-based operating system that has garnered over 10 million downloads and is preparing for its 18th release. The Zorin brothers emphasize their commitment to user feedback and community collaboration, contrasting their approach with that of major tech companies. The "End of 10" campaign promotes Linux as a viable alternative to costly Windows upgrades, encouraging users to retain existing hardware while adopting new software for cost savings and enhanced privacy. Zorin OS is noted for its intuitive interface and compatibility with popular applications accessible via web browsers, making it a practical choice for users seeking to maintain security and performance on older laptops.

AppWizard

August 28, 2025

Call Of Duty: WW2 Is Once Again Available For PC Game Pass

Activision has reintroduced Call of Duty: World War II to the Microsoft Store and Xbox PC App after its removal on July 4 due to an undisclosed issue. The game is now available for PC Game Pass players. Speculation suggests the withdrawal was related to Remote Code Execution attacks affecting player security. The issues were limited to the PC version, while the Xbox edition remained available. Call of Duty: WWII is developed by Sledgehammer Games and features a campaign with realistic gameplay elements, including no automatic health regeneration. The next installment, Black Ops 7, is forthcoming, and Activision recently canceled the Carry Forward program that would have allowed content transfer from Black Ops 6.

AppWizard

August 27, 2025

Google will now verify Android developers in four countries to curb malicious apps

Google will implement a verification process for all Android developers in Brazil, Indonesia, Singapore, and Thailand to enhance accountability and security in application distribution. An invitation system will be rolled out in October 2025, with full implementation expected by March 2026, and official adoption by September 2026. All applications on certified devices in these regions will need to be linked to a verified developer, including those from alternative marketplaces or sideloaded. Google is also creating a new account category for independent developers to operate within this verified framework. This initiative is influenced by regulatory pressures and aims to improve user safety while maintaining an open environment for innovation.

AppWizard

August 26, 2025

Kremlin-Mandated Messaging App Constantly Spies On Users

Russia has mandated that all new smartphones and tablets sold within its borders come pre-installed with a messaging application called Max, developed by VK. Security experts have raised concerns about Max's functionality, describing it as a potential privacy risk due to its "excessive tracking" of user activities. The app lacks cryptography and is considered insecure by design, serving the purpose of surveillance. Max, which launched in March, is available to users with Russian and Belarussian phone numbers and features an AI chatbot, GigaChat 2.0, as well as functionalities for travel bookings and bank transfers. It requests permissions to access standard device features like the camera and microphone and is largely based on the earlier messaging service TamTam. Starting September 1, it will be required that Max is pre-installed on all mobile devices sold in Russia, alongside the domestic app store RuStore on Apple devices. Additionally, the government plans to enforce the installation of Lime HD TV on all smart televisions beginning January 1 of the following year.

AppWizard

August 26, 2025

Delete these two Android apps now: Experts warn they’re secretly stealing your personal data

Online security is a significant challenge due to the vulnerability of smartphones, which are targets for cybercriminals. Two Android applications, Wuta Camera and Max Browser, have been identified as threats associated with the Necro Trojan, a spyware that steals personal information and injects advertisements. Wuta Camera version 6.3.7.138 and later is free from malware, while users of Max Browser are advised to uninstall it immediately. The Necro Trojan, first identified in 2019, uses steganography to conceal malicious code, allowing it to evade security checks. Unofficial app versions from unauthorized sites also pose risks. To protect against these threats, users should keep apps updated, use trusted antivirus software, download from official app stores, remain vigilant, and be selective with app installations.

AppWizard

August 25, 2025

Corporate Leaders Targeted by Android Spyware Masquerading as Security Apps

Security experts at Doctor Web have identified a sophisticated Android spyware campaign targeting Russian business leaders, utilizing malware named Android.Backdoor.916. First detected in January 2025, this malware is distributed through APK files disguised as security applications, particularly under the name GuardCB, which mimics the emblem of the Central Bank of the Russian Federation. Other variants include “SECURITY_FSB” and “FSB,” and the app interface is exclusively in Russian. The malware is disseminated via private messages on popular messaging platforms, avoiding official app stores. Upon installation, it simulates device scans and generates fictitious threat reports while activating extensive spyware modules that request permissions for geolocation, camera and microphone usage, SMS and contact access, call logs, and background operation. It can transmit SMS messages, upload contact lists, forward call history and location data, and exfiltrate media. It also enables real-time audio streaming, video capture, and screen activity monitoring, using Accessibility Service to maintain a keylogger for intercepting sensitive content from various applications. Control over the malware is maintained through a modular system that reconnects to the command server every minute, with fallback connectivity options to multiple hosting providers. The malware is designed for targeted cyber-espionage rather than mass infections, focusing on corporate executives and business figures. Doctor Web's antivirus solutions for Android can detect and eliminate known variants of this backdoor, highlighting the vulnerability of high-value individuals to mobile spyware disguised as legitimate applications. Experts recommend enhancing mobile security policies and educating high-risk employees about social engineering tactics.

AppWizard

August 24, 2025

Week in review: Covertly connected and insecure Android VPN apps, Apple fixes exploited zero-day

A study by Arizona State University and Citizen Lab found that three families of Android VPN apps, with over 700 million downloads, have significant security vulnerabilities. Apple has released a fix for a zero-day vulnerability (CVE-2025-43300) that was being exploited in targeted attacks. Researchers from the University of Melbourne and Imperial College London developed a method using lightweight large language models to improve incident response planning. The FBI and Cisco warned about a Russian threat group exploiting an old Cisco vulnerability (CVE-2018-0171) to compromise critical infrastructure. Fog Security researchers discovered a flaw in AWS’s Trusted Advisor tool that could mislead users about the security of their data. AI is now being used in security operations centers to reduce alert noise and assist analysts. U.S. federal prosecutors charged an individual linked to the Rapper Bot DDoS botnet. Nikoloz Kokhreidze discussed the strategic choice between hiring a fractional or full-time Chief Information Security Officer for B2B companies. Commvault patched four vulnerabilities that risked remote code execution. Jacob Ideskog highlighted security risks posed by AI agents. VX Underground released an exploit for two SAP Netweaver vulnerabilities (CVE-2025-31324, CVE-2025-42999). Healthcare organizations are preparing for new password security risks in 2025 that may threaten HIPAA compliance. Researchers identified a spear-phishing campaign using the Noodlophile infostealer. Financial institutions are increasingly using open-source intelligence tools to combat money laundering. Greg Bak discussed security risks for DevOps teams in the cloud. NIST released guidelines for detecting morph attacks. Organizations face six challenges in implementing machine learning and AI security. Recep Ozdag discussed vulnerabilities in airport and airline systems. Google introduced new AI and cloud security capabilities at the Cloud Security Summit 2025. Cybersecurity myths continue to complicate the security landscape. LudusHound is an open-source tool that replicates an Active Directory environment for testing. Buttercup is an AI-powered platform for automated vulnerability management in open-source software. The book "Data Engineering for Cybersecurity" addresses challenges in managing logs and telemetry data. A selection of current cybersecurity job openings has been compiled. A forthcoming webinar will discuss AI and SaaS security risks. The iStorage datAshur PRO+C is a USB-C flash drive with AES-XTS 256-bit hardware encryption. New infosec products were released by companies such as Doppel, Druva, LastPass, and StackHawk.

Winsage

August 23, 2025

Microsoft Warns All Windows Users—This Message Is An Attack

Microsoft has issued an advisory warning Windows and macOS users about a wave of attacks known as ClickFix, which targets enterprise and end-user devices globally. ClickFix is a sophisticated social engineering tactic that deceives users into executing malicious scripts on their devices, leading to malware installation, information theft, and potential ransomware attacks. The attacks often begin with deceptive technical support popups or fake Captchas that instruct users to run commands in systems like Windows PowerShell. ClickFix relies on human intervention, allowing it to bypass traditional security measures. Microsoft emphasizes the importance of user education to recognize these threats and reduce vulnerability, as well as implementing policies to strengthen device configurations.

Tech Optimizer

August 21, 2025

Inside Quick Heal’s Journey: Building India’s First Antivirus to a Global Brand

Quick Heal Technologies was founded by brothers Kailash and Sanjay Katkar in Pune, focusing on antivirus solutions to combat rising computer viruses. It became India's first homegrown antivirus and is now a globally recognized company. Despite India's digital economy expanding, only 7% of organizations are mature in cybersecurity readiness, facing challenges such as a skills deficit, fragmented security implementations, and a disconnect between executive priorities and security realities. India needs over 800,000 cybersecurity professionals, and educational institutions must integrate practical threat scenarios into their curricula. The "Make in India" movement is fostering indigenous cybersecurity solutions that address local threats while being globally relevant. Quick Heal utilizes AI to enhance threat detection and response, analyzing vast amounts of data while emphasizing the irreplaceable role of human expertise in strategic decision-making. Emerging threats include AI-powered social engineering, supply chain attacks, and cloud misconfigurations. Organizations should adopt Zero Trust architectures, invest in continuous security training, and utilize integrated threat intelligence. Quick Heal's leadership emphasizes solving real problems for customers and encourages young engineers to gain practical experience in cybersecurity. Recommended strategies for CISOs include aligning security investments with business priorities, embracing automation, and establishing integrated threat intelligence for effective risk management.

Winsage

August 20, 2025

Microsoft confirms when final ever update is coming to your Windows 10 PC — what you need to do next

Microsoft will stop providing security updates for Windows 10 on October 14, 2025. The final monthly security update will be released on that date, coinciding with the end of support for Windows 10, version 22H2. Users will no longer receive security patches, bug fixes, or feature updates after this date. Approximately 42.99% of all PCs currently run Windows 10, which translates to millions of unsupported devices. Users have several options: upgrade to Windows 11 for free if their device meets the requirements, purchase a new PC with Windows 11, pay for an Extended Security Update (ESU) subscription for additional security updates, utilize OneDrive for free additional security updates, or switch to a different operating system like Linux or ChromeOS.