We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

webinar

Vietnam to Block Messaging App Telegram
AppWizard
May 24, 2025

Vietnam to Block Messaging App Telegram

Morgan Williams, the Product Director at B2Core, discussed the company's Introducing Broker (IB) module in a webinar, highlighting its features such as efficient trader onboarding, automated commission tracking, and powerful growth tools for brokers. He addressed challenges brokers face when scaling their IB networks and presented a case study demonstrating the impact of B2Core's solutions.
Modernizing Public Sector IT with PostgreSQL
Tech Optimizer
May 20, 2025

Modernizing Public Sector IT with PostgreSQL

On June 24, 2025, a webinar will discuss how PostgreSQL can help government agencies modernize their IT infrastructures while maintaining security and managing costs. The session will cover PostgreSQL's capabilities in addressing legacy system migration, regulatory compliance, and its certifications like FedRAMP and DISA STIG that ensure it meets federal security standards. Gianni Cioli, a PostgreSQL consultant with over 15 years of experience, will be the speaker.
silver Android smartphone
Winsage
May 19, 2025

Windows Remote Desktop Gateway UAF Vulnerability Allows Remote Code Execution

A critical vulnerability, designated as CVE-2025-21297, has been identified in Microsoft’s Remote Desktop Gateway (RD Gateway) due to a use-after-free (UAF) bug linked to concurrent socket connections during the service's initialization. This flaw, located in the aaedge.dll library within the CTsgMsgServer::GetCTsgMsgServerInstance function, allows multiple threads to overwrite a global pointer, leading to potential arbitrary code execution. The vulnerability affects multiple versions of Windows Server, including 2016, 2019, 2022, and 2025. Microsoft released security updates in May 2025 to address the issue, implementing mutex-based synchronization. The updates are KB5050011 for Windows Server 2016, KB5050008 for Windows Server 2019, KB5049983 for Windows Server 2022, and KB5050009 for Windows Server 2025. Security experts recommend applying these patches promptly and monitoring RD Gateway logs for unusual activity.
Microsoft Scripting Engine 0-Day Vulnerability Enables Remote Code Execution Over Network
Winsage
May 14, 2025

Microsoft Scripting Engine 0-Day Vulnerability Enables Remote Code Execution Over Network

Microsoft has identified a memory corruption vulnerability in its Scripting Engine, designated as CVE-2025-30397. This vulnerability allows unauthorized remote code execution and is classified as “Important” under CWE-843 (Type Confusion). It was disclosed in the May 2025 Patch Tuesday updates and arises from improper handling of resource types. Exploitation occurs when a user clicks a specially crafted URL in Microsoft Edge's Internet Explorer Mode, potentially compromising system confidentiality, integrity, and availability. Although the attack complexity is high, successful exploitation has been confirmed in the wild. Microsoft has issued patches for all supported Windows versions, and users are advised to apply these updates and consider disabling Internet Explorer Mode to reduce risk.
Windows DWM 0-Day Vulnerability Allows Attackers to Escalate Privileges
Winsage
May 14, 2025

Windows DWM 0-Day Vulnerability Allows Attackers to Escalate Privileges

Microsoft has addressed a zero-day vulnerability in the Windows Desktop Window Manager (DWM) Core Library, identified as CVE-2025-30400, which allows attackers to gain SYSTEM-level privileges on affected systems. This "Elevation of Privilege" vulnerability, arising from a "use-after-free" memory corruption issue, was actively exploited prior to the release of a patch on May 13, 2025. The vulnerability permits an authorized attacker to execute code with SYSTEM privileges by exploiting improper memory management within the DWM process. Microsoft classified the severity of this vulnerability as "Important" and assigned it a CVSS score of 7.8. Users and administrators are strongly advised to apply the latest updates to mitigate the risk of exploitation.
Free webinar offers education on antivirus software and scams
Tech Optimizer
April 23, 2025

Free webinar offers education on antivirus software and scams

AARP is hosting a financial security event on Wednesday afternoon from 1 to 2 p.m. to educate individuals on safeguarding their devices against digital threats. The webinar will cover antivirus software and malware, and is part of a series of financial security workshops. The Fraud Watch Network will provide insights on malware and strategies to eliminate viruses. Registration for the webinar is open.
Windows Defender Antivirus Bypassed Using Direct Syscalls & XOR Encryption
Tech Optimizer
April 11, 2025

Windows Defender Antivirus Bypassed Using Direct Syscalls & XOR Encryption

A recent study has revealed a method that bypasses Microsoft’s Windows Defender antivirus by using direct system calls and XOR encryption techniques, exposing vulnerabilities in the security solution. The technique targets the user mode and kernel mode operations of Windows, allowing attackers to execute harmful code without detection. Researchers demonstrated that by directly invoking syscall instructions, they could evade security monitoring that typically occurs at the user mode level. They utilized XOR encryption to obfuscate malicious shellcodes, making them unrecognizable and undetectable by signature-based systems. Tests showed that a Meterpreter reverse shell payload, encrypted with XOR and executed via direct syscalls, successfully bypassed Windows Defender protections without leaving traces on the disk. This method has been effective since at least 2022 and continues to work against recent updates of Windows Defender. The researchers recommend that Microsoft enhance defenses with kernel-level monitoring of syscalls and advise organizations to implement additional security measures beyond Windows Defender.
Windows Common Log File System 0-Day Vulnerability Exploited in the Wild
Winsage
April 9, 2025

Windows Common Log File System 0-Day Vulnerability Exploited in the Wild

A critical zero-day vulnerability in the Windows Common Log File System (CLFS) driver, identified as CVE-2025-29824, is actively exploited, allowing attackers to elevate privileges to SYSTEM level and compromise system integrity. This flaw arises from a use-after-free issue within the CLFS driver, enabling local attackers to execute malicious code. Microsoft is aware of the exploitation and is working on a security update, but no immediate patch is available. The vulnerability affects multiple versions of Windows 10, including x64-based and 32-bit systems, and can lead to privilege escalation, data breaches, operational disruption, and malware deployment. Microsoft has classified this vulnerability as "Important" and urges organizations to apply patches promptly once available.
Exclusive Liquid Web Webinar: Learn to Resell Minecraft Servers & Claim 4 Free Months of Hosting
AppWizard
March 19, 2025

Exclusive Liquid Web Webinar: Learn to Resell Minecraft Servers & Claim 4 Free Months of Hosting

26% of players are willing to invest more for superior server hosting in the gaming sector. Liquid Web is hosting a free webinar on March 27th at 2 PM EST titled "How to Start Selling Minecraft Servers," aimed at helping gaming enthusiasts turn their passion into a business. The Minecraft community has over 173 million active players, with one in four willing to invest in enhanced hosting tools to improve performance. Pre-registered attendees will receive four complimentary months of bare metal hosting with an annual plan. The webinar will cover the business opportunity, market potential, technical requirements, reseller process, pricing strategies, and include a Q&A session with experts.
TSforge - A New Tool Exploits Every Version of Windows Activation
Winsage
February 25, 2025

TSforge – A New Tool Exploits Every Version of Windows Activation

Security researchers from MASSGRAVE have developed TSforge, a tool that exploits vulnerabilities in Microsoft’s Software Protection Platform (SPP) to activate all Windows versions from Windows 7 onward, as well as various Office suites. This marks the first successful attack on SPP’s cryptographic defenses since its introduction in Windows Vista. The exploit involves manipulating encrypted “trusted stores” used by SPP to validate software activation. Researchers reverse-engineered SPP’s private key infrastructure, using leaked Windows 8 beta builds, to forge activation data and deceive SPP into accepting permanent licenses. The process includes extracting SPP’s RSA private key, simulating ExecCodes to derive the private exponent, and decrypting the AES key that protects activation data. TSforge can inject zeroed hardware ID hashes, precomputed product key blobs, and timestamped license metadata with validity windows of over 4000 years. The tool is compatible with different Windows versions, affecting both Windows 7 and Windows 10. Microsoft has not commented on the exploit, but enterprise clients using KMS should check their activation logs for spoofed status codes. Although TSforge is not publicly available, it reveals significant vulnerabilities in SPP’s security model, which may impact enterprise licensing strategies as the end-of-life for Windows 10 approaches in 2025.
Search