Zip Archives

AppWizard

May 3, 2025

How to spawn Herobrine in Minecraft (with mods)

Herobrine is a character in Minecraft that players can summon using external modifications, as the game does not support his appearance natively. The Lunar Eclipse Studios’ From The Fog Mod is a popular option for the Java version of Minecraft. To install the mod, players must ensure they are using version 1.20.5 (or 1.20.6) of the game, download the datapack, and follow a series of steps to activate it in-game. Once installed, Herobrine will appear within three in-game days. Players can also build traditional Herobrine shrines to expedite his appearance, requiring specific materials: 1. First shrine: - 2 Blocks of Gold - 2 Netherrack 2. Second shrine: - 9 Blocks of Gold - 1 Netherrack - 4 Redstone Torches Players can gather these materials by mining or crafting: - Blocks of Gold are crafted from 9 Gold Ingots, which are obtained from Nether Gold Ore. - Redstone Torches are made from 1 stick and 1 Redstone Dust. Players can also use commands to switch to Creative Mode for easier material acquisition.

Winsage

April 25, 2025

My favorite File Explorer replacement just got better

Files has released an update to version 3.9.7, enhancing its functionality and introducing new customization features. Key improvements include a revamped Release Notes dialog that opens automatically after updates, customizable file size units, automatic encoding detection for ZIP file extraction, and UTF-8 encoding as the default for creating ZIP archives. The app is recognized for introducing features ahead of Windows File Explorer, such as tabs and unique functionalities like diverse view modes, sorting options, and tagging capabilities.

Winsage

April 19, 2025

Windows vulnerability with NTLM hash abuse exploited for phishing

A vulnerability in Windows, identified as CVE-2025-24054, is being exploited in phishing campaigns targeting government and private organizations. Initially considered low-risk, it was addressed in Microsoft's March 2025 Patch Tuesday updates. Following the release of these patches, Check Point observed a rise in exploitation attempts, particularly linked to the Russian group APT28. Attackers sent phishing emails with Dropbox links containing .library-ms files, which, when accessed, connected to an external SMB server controlled by the attackers, allowing interception of NTLM hashes. A subsequent wave of attacks involved .library-ms files sent as direct attachments, requiring minimal user interaction to exploit the vulnerability. The malicious ZIP archive also contained files exploiting older NTLM vulnerabilities. Check Point identified the attackers' SMB servers with specific IP addresses. Despite being classified as medium-severity, the vulnerability's potential impact is significant, prompting organizations to apply the March 2025 updates and consider disabling NTLM authentication if not essential.

Winsage

April 17, 2025

Windows NTLM hash leak flaw exploited in phishing attacks on governments

A vulnerability in Windows, identified as CVE-2025-24054, is being actively exploited in phishing campaigns targeting government and private sectors. Initially addressed in Microsoft's March 2025 Patch Tuesday, it was not considered actively exploited at that time. Researchers from Check Point reported increased exploitation activities shortly after the patches were released, particularly between March 20 and 25, 2025. Some attacks were linked to the Russian state-sponsored group APT28, but definitive attribution is lacking. The vulnerability allows attackers to capture NTLM hashes through phishing emails containing manipulated .library-ms files that trigger the flaw when interacted with. Check Point noted that subsequent attacks involved .library-ms files sent directly, requiring minimal user interaction to exploit. The malicious files also included additional components that exploit older vulnerabilities related to NTLM hash leaks. The attacker-controlled SMB servers were traced to specific IP addresses. Although rated as medium severity, the potential for authentication bypass and privilege escalation makes it a significant concern, prompting recommendations for organizations to install updates and disable NTLM authentication if not necessary.

Winsage

April 17, 2025

Hackers Exploiting NTLM Spoofing Vulnerability in Wild to Compromise Systems

Cybercriminals are exploiting a vulnerability in Windows systems known as CVE-2025-24054, which involves NTLM hash disclosure through spoofing techniques. This flaw allows attackers to leak NTLM hashes, leading to privilege escalation and lateral movement within networks. It is triggered when a user extracts a ZIP archive containing a malicious .library-ms file, causing Windows Explorer to initiate SMB authentication requests that expose NTLMv2-SSP hashes. Exploitation of this vulnerability began shortly after a security patch was released on March 11, 2025, with campaigns targeting government and private institutions in Poland and Romania. These campaigns utilized spear-phishing emails containing malicious ZIP archives, which, when interacted with, leaked NTLM hashes. The malicious files included various types designed to initiate SMB connections to attacker-controlled servers, allowing for pass-the-hash attacks and privilege escalation. The stolen hashes were sent to servers in several countries, indicating potential links to state-sponsored groups. One campaign involved Dropbox links that exploited the vulnerability upon user interaction. Microsoft has recommended immediate patching, enhancing network defenses, user education, network segmentation, and regular security audits to mitigate risks associated with this vulnerability.

Winsage

April 17, 2025

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)

CVE-2025-24054 is a vulnerability that allows attackers to capture NTLMv2-SSP hashes from a victim's machine during authentication requests to an attacker-controlled SMB server. Active exploitation of this vulnerability has been observed since March 19, 2025, targeting government and private sectors in Poland and Romania. The attacks involve phishing emails that lead victims to download an archive file containing exploits designed to leak NTLMv2-SSP hashes. Microsoft has released patches for this vulnerability, but users on older, unsupported versions may need to consider micropatching.

Winsage

April 9, 2025

4 reasons I use virtual hard disks in Windows, and you should too

Creating virtual hard disks (VHD or VHDX) in Windows 11 23H2 and later is straightforward through the Settings app. Users can create a VHD by navigating to Settings -> System -> Storage -> Advanced storage settings -> Disks and volumes, where they can choose to create a VHD or Dev Drive. The VHD format supports up to 2040GB, while VHDX supports up to 64TB and offers resilience during power failures. VHDX can be encrypted with BitLocker for password protection. Virtual disks can be shared over a network, enhancing efficiency by eliminating the need for physical media. They are cost-effective compared to physical drives, reducing hardware costs and potential points of failure. The Hyper-V hypervisor provides a versatile platform for these virtual drives, which offer portability, flexibility, ease of sharing, efficient backups, and robust security, though they may have slower performance than SSDs and limited native boot support for Windows.

Winsage

April 6, 2025

5 best dual-pane file managers for Windows power users

The default Windows File Explorer lacks multi-pane support, making file management cumbersome for users who frequently transfer files between folders or manage multiple drives. Dual-pane or multi-pane third-party file managers offer solutions by allowing users to view and manage multiple folders side by side within a single window. Total Commander is a veteran dual-pane file manager with built-in FTP support, fast file transfers, and comprehensive archive handling. Directory Opus is a premium file management solution with a dual-pane layout, tabbed navigation, and features like batch file operations and scripting capabilities. FreeCommander XE is a free dual-pane file manager that offers essential features such as tabbed browsing and folder synchronization. XYplorer is a portable dual-pane file manager designed for speed, featuring tabbed browsing and powerful search functions. Q-Dir, or Quad-Directory Explorer, allows for up to four panes in a single window and supports drag-and-drop functionality and color filters.

Winsage

March 26, 2025

ReactOS 0.4.15 Released With Major Improvements

Version 0.4.15 of ReactOS has been released, marking the first major update since 2020. This version includes extensive modifications to the kernel, user interface, audio systems, and driver support. Key enhancements include upgraded plug-and-play support, improved compatibility with the Microsoft FAT filesystem driver, registry healing, enhanced caching mechanisms, and kernel access checks for better operation within a Windows environment. The user interface features a refined input method editor, enhanced native ZIP archive support, and various graphical improvements. Additionally, since the branching of version 0.4.15, the master branch has seen developments such as SMP enhancements, UEFI support, a new NTFS driver, power management improvements, and enhanced application support. Regular bug fixes have also been implemented.

Winsage

March 26, 2025

An open-source Windows alternative you’ve probably never heard of just got updated

ReactOS 0.4.15 is the largest release to date, focusing on compatibility, bug fixes, and improved system stability. It introduces new features such as registry mechanisms, enhanced security, and improvements to system tools. The release supports 64-bit x86 architecture and includes significant updates to the Plug and Play Manager, audio enhancements, and better memory management. Users can now boot from USB devices and utilize more third-party drivers. The update also features quality-of-life improvements in tools like Notepad and Paint, and a new visual style. Future upgrades are promised, including power management and UEFI support. ReactOS 0.4.15 is available for download, but it remains in alpha status.