Latest news with #WindowsDefender
Time of India
13-05-2025
- Time of India
Signs your laptop might be bugged. And how to fight back
Ever get the feeling that your laptop's watching you… a little too closely? Maybe your battery's draining faster than usual, your fan's running loud even when nothing's open, or your cursor moves when you're not even touching it. Sounds dramatic — but it could be more than just a glitch. #Operation Sindoor The damage done at Pak bases as India strikes to avenge Pahalgam Why Pakistan pleaded to end hostilities Kashmir's Pahalgam sparks Karachi's nightmare Monitoring software — aka spyware, keyloggers, remote access tools — is designed to stay invisible while silently tracking what you do. If that freaks you out a little, good. Because today, we're diving into the signs that someone might've installed monitoring software on your laptop — and how to spot it before it's too late. First: Is Your Laptop Acting Off? One of the first signs that something shady might be running in the background is a sudden shift in how your laptop behaves. It just starts… being weird. Sluggish for no reason, booting up like it's wading through mud, or sounding like it's prepping for takeoff — even if all you've got open is Spotify. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like Co-Founder of Google Brain, Andrew Ng, Recommends: "These 5 Books Will Turn Your Life Around" Blinkist: Andrew Ng's Reading List Undo That's usually because monitoring software runs in stealth mode, logging your every move and hogging resources while pretending to do nothing. You might also start seeing: Pop-ups showing up in weird places — not just when you're online. A sudden flood of ads on sites that never had them before. Random system crashes, unexpected restarts, or fast-draining battery. And here's a sneaky one: if you tether your laptop to your phone and notice a data spike you can't explain, something's probably uploading in the background. That's not just bad luck — it's a red flag. Bottom line: If your device starts acting like it's haunted, it might just be bugged. Step One: Run a Full System Scan Start simple. Run a full scan using a trusted antivirus — and no, not the random free one that's been sitting idle for years. Even built-in tools like Windows Defender or Apple's XProtect are better than most people give them credit for. Just make sure: Your virus definitions are updated. You run a full system scan, not a quick one — because spyware knows how to hide deep in system files. Still feel like something's lurking? Let's go deeper. Extra Steps to Sniff Out Monitoring Software If your antivirus came up clean but your laptop's still giving you side-eye, it's time for some manual checks. 1. Check Your Startup Items Your first clue might be hiding in what launches when your laptop boots up. Windows: Task Manager > Startup tab Mac: System Settings > General > Login Items If there's an app you don't recognize — Google it. Then disable or remove it. 2. Audit Installed Programs Think of this like digital spring cleaning. Scroll through your list of installed apps. Names like 'System Helper' or ' are classic spyware covers. If you didn't install it, dig deeper — or uninstall it. 3. Use a Network Monitor Apps like GlassWire (Windows) or Little Snitch (Mac) show you which programs are calling home. If something's constantly pinging a remote server and you don't know why? Shut it down. 4. Keep Your OS Updated It's not exciting, but it works. Most malware relies on known vulnerabilities — and system updates patch those holes. If you've been hitting 'Remind Me Later' for a week… stop that. 5. Enable Firewall Protection Your OS comes with a built-in firewall — turn it on. It helps block shady software from sending data out behind your back. 6. Avoid Sideloading & Cracked Apps This should go without saying — but if you're downloading cracked software from sketchy forums, you're basically inviting spyware in for dinner. 7. Use Strong, Unique Passwords Spyware often tries to grab your credentials. Use a password manager. Stop recycling your Netflix password for your email. You know better. 8. Encrypt Sensitive Files Built-in tools like BitLocker (Windows) and FileVault (Mac) let you encrypt your hard drive. Even if something gets in, it won't get far. 9. Cover Your Webcam & Mic Seriously. Just cover it. Some spyware can access your camera and mic without you knowing. A sticker or a cheap webcam cover is an easy fix. Final Thoughts: Trust Your Gut You know your laptop. If it's acting weird — don't ignore it. Most people don't realize they're being monitored until it's too late. So run the scans, check the background activity, and if anything feels off… it probably is. Better paranoid than compromised.
Forbes
12-05-2025
- Forbes
Warning — Microsoft Windows Defender Can Be Disabled By Hackers
Defendnot tool disables Windows Defender. There have been some concerning news headlines for Microsoft users over the last few weeks. From the confirmation of a 10/10 cloud security vulnerability, to Windows denial of service attack methods that have yet to be fixed, and the inevitable password-stealing warnings impacting Windows users. Today, however, might be the most alarming news of all: hackers can now disable Windows Defender using a newly released security tool. Here's everything you need to know about Defendnot. There are a number of antivirus, anti-malware, and internet security solutions available in today's crowded marketplace. Most will charge you a hefty annual subscription fee, but some of the best ones are free. One of the latter, and widely regarded as one of the best, is Windows Defender, which comes as a default offering with the Windows operating system. Whereas Windows Defender used to be seen as 'better than nothing at all' in the eyes of those who test such solutions, it has quickly risen in the ranks to become a security bulwark that competes with the best of them in protecting users from threats. That assessment might need to change following the release of a new tool that can directly disable Windows Defender and its associated protections on Windows. While not the first method to successfully bypass Windows Defender, Defendnot is undoubtedly the most straightforward: it works by getting Windows Defender to disable itself. A security researcher and reverse engineer known as 'es3n1n' has confirmed that Defendnot, an update to an earlier project called No-Defender, could disable Windows Defender by convincing the operating system that an alternative antivirus solution was already installed. Defendnot came about when some friends asked if it was possible to create a No-Defender tool that used a clean implementation without relying on any antivirus software at all. Or, rather, no third-party antivirus code to insert itself in the process. 'The part of the system that manages all this mess is called Windows Security Center - WSC for short,' es3n1n said. By using undocumented application programming interfaces that are only shared with certified antivirus vendors, and under a strict non-disclosure agreement, es3n1n has managed to convince Windows Defender that such an alternative solution is already installed without any third-party AV code being required. Defendnot has now been published, which means it could soon be in the hacker armory of anyone who looks for it. I have reached out to Microsoft for a statement about this concerning Windows Defender bypass development.
Fox News
28-04-2025
- Fox News
FBI warns of time-traveling hackers
Cybercriminals always find new ways to scam you, whether it's mimicking a government agency, creating a fake website or delivering malware disguised as a software update. Just when you think you've seen it all, they come up with a new trick. This time, the FBI has issued an alert: Hackers are using a "time-traveling" technique to bypass your device's security measures. No, we're not talking about actual time travel (though wouldn't that be something?). This is a sophisticated cyberattack where hackers manipulate a system's internal clock to sneak past security defenses. Join The FREE "CyberGuy Report": Get my expert tech tips, critical security alerts and exclusive deals, plus instant access to my free "Ultimate Scam Survival Guide" when you sign up. The concept of "time-traveling hackers" refers not to literal time travel but to a sophisticated cyberattack technique where hackers manipulate a system's internal clock to bypass security measures. This attack is reportedly tied to the Medusa ransomware gang. In this type of attack, hackers exploit expired security certificates by altering the system date on a targeted device to a time when those certificates were still valid. For example, a security certificate that expired in, say, 2020 could be made usable again if the system's clock is set back to 2019. This allows malicious software signed with these outdated certificates to be recognized as legitimate by the system, effectively "traveling back in time" from a security perspective. This technique was notably used in the Medusa ransomware attacks, which targeted critical infrastructure and prompted an FBI cybersecurity advisory (AA25-071A) earlier in 2025. The campaign has affected over 300 critical infrastructure targets. The attackers combined this method with social engineering and exploited unpatched vulnerabilities, amplifying the threat. The FBI has warned that such attacks pose a significant risk, as they can disable modern security protections like Windows Defender by tricking the system into accepting outdated drivers or software. Traditional search and rescue tools, like rigid robots and specialized cameras, often struggle in disaster zones. Cameras follow only straight paths, forcing teams to cut through debris just to see further in. Rigid robots are vulnerable in tight, unstable spaces and expensive to repair when damaged. And manual probing is slow, exhausting and risks responder safety. 1) Use strong antivirus software: A strong antivirus isn't just for catching old-school viruses anymore. It can detect phishing links, block malicious downloads and stop ransomware before it gets a foothold. Since the Medusa gang uses fake updates and social engineering to trick users, having strong antivirus software adds a critical layer of protection against threats you might not see coming. Get my picks of the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices. 2) Enable two-factor authentication (2FA): The FBI specifically recommends enabling 2FA across all services, especially for high-value targets like webmail accounts, VPNs and remote access tools. 2FA makes it significantly harder for attackers to break in, even if they've managed to steal your username and password through phishing or other tactics. 3) Use strong, unique passwords: Many ransomware groups, including Medusa, rely on reused or weak passwords to gain access. Using a strong password (think long, random and unique to each account) greatly reduces that risk. A password manager can help you generate and store complex passwords so you don't have to remember them all yourself. Get more details about my best expert-reviewed password managers of 2025 here. 4) Monitor for suspicious system time changes: The core of this "time-traveling" attack is clock manipulation: Hackers roll back a device's clock to a time when expired security certificates were still valid. This allows outdated and potentially malicious software to appear trustworthy. Be alert to unexpected system time changes, and if you're managing an organization, use tools that flag and log these types of configuration shifts. 5) Keep systems updated and patch known vulnerabilities: The Medusa ransomware campaign has a track record of exploiting unpatched systems. That means old software, outdated drivers and ignored security updates can all become entry points. Regularly installing updates for your OS, applications and drivers is one of the most effective ways to stay protected. Don't put off those system notifications; they exist for a reason. The Medusa attack is a good example of how cybercriminals are shifting tactics. Instead of relying on traditional methods like brute force or obvious exploits, they are targeting the basic logic that systems depend on to function. In this case, it is something as simple as the system clock. This kind of strategy challenges the way we think about security. It is not just about building stronger defenses but also about questioning the default assumptions built into the technology we use every day. How do you think technology companies can better support individual users in protecting their data and devices? Let us know by writing us at For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Follow Kurt on his social channels: Answers to the most-asked CyberGuy questions: New from Kurt: Copyright 2025 All rights reserved.
Forbes
20-04-2025
- Forbes
587 Windows Vulnerabilities — A Microsoft Security Record Breaker
2024 was a record year for Microsoft security vulnerabilities. As a cybersecurity analyst and writer, it can often feel like Microsoft is too easy a target when it comes to matters of threats, incidents, and, of course, security vulnerabilities. There's good reason why Microsoft itself, and especially the Windows operating system ecosystem, gets so many cybersecurity-related headlines — it's a massive target because of the size of its user base. It really is as simple as that. You really do have to bear this in mind when reading about 2FA bypass attacks, multi-stage malware campaigns, infostealers infecting a million Windows devices, and hackers finding ways around Windows Defender defenses. Don't get sucked into the Microsoft doesn't care about your security trap as nothing could further from the truth. Indeed, even though a newly published report has confirmed a record-breaking year for reported Microsoft vulnerabilities, including hundreds impacting the Windows and Windows Server platforms, that's actually not as bad a thing as you might imagine. When you see any headline alerting you to a security vulnerability, you probably immediately think that this is a bad thing. I mean, you aren't 100% wrong, of course, but it really isn't quite that straightforward. It rather depends on who is doing the disclosing and whether attacks are already underway. So-called zero-day vulnerabilities, where the security flaw has remained unknown until an attacker starts to exploit it, are one thing. But responsibly disclosed vulnerabilities, reported by internal security teams and external researchers, are quite another. Take the average Microsoft Patch Tuesday security rollout, where such vulnerabilities are disclosed to the public for the first time, and the patches to fix them are provided at the same time, for example. Does that make you less or more secure? The correct answer, dear reader, is the latter. In much the same way, a new report from BeyondTrust analysts that has revealed 2024 to be a record-breaking year for the number of Microsoft security vulnerabilities reported, a total of 1,360 in all, is a good thing as far as I am concerned. Imagine if those vulnerabilities had gone unreported until a criminal hacker found them and exploited them; now that would be a bad thing. I'm pleased that the report found this number to be an 11% increase over 2023, as that means security researchers are doing a better job of hunting down the holes in product code. Would I like there to have been fewer security feature bypass vulnerabilities than the 90 discovered, up 60% from the previous year? Heck yes, of course, I'm no fan of sloppy coding allowing such things to be worked around. Yet still, the fact remains, these bypasses were found and patched. When it comes to Windows, the report found 587 with 33 meeting Microsoft's critical rating criteria, Windows Server had 684, 43 of which were critical. BeyondTrust is absolutely right when it said that the longer-term trend appears to not only show that the pace of vulnerability growth is stabilising, however, but also that 'Microsoft's security initiatives and improvements in the security architecture of modern operating systems are paying off.' Security initiatives that have, for example, seen Microsoft pay security researchers more than $60 million in bounties for finding vulnerabilities in its software. How safe are you using Windows? Safer than using software that doesn't invest in finding and fixing security vulnerabilities. Simples.
Forbes
18-04-2025
- Forbes
Sell Us Your Hacker Account, Admins Paid Extra — SYS Initiative Says
Hacker forum accounts wanted in exchange for crypto. Criminal hackers are known for their ingenuity, constantly evolving and coming up with new ways to compromise your systems, accounts and data. Be that by way of bypassing Windows Defender security controls, stealing passwords by way of your GPU, or even employing automatic password hacking machines, they are ceaselessly shaking the infosecurity tree and seeing what falls out. Fighting fire with fire is often talked about within the cybersecurity industry as being a bad thing, the so-called hacking back attacks that can create more problems than they solve, but that's not always the case. What if you could get your threat intelligence right from under the noses of the hackers in the very forums they inhabit and where they discuss tactics, techniques and procedures? Welcome to the world of the SYS Initiative, which aims to do just that. Cybercrime forums exist on the dark web, the deep web, within hidden group chats, even sometimes on the clear web itself. These are the places where you will find millions of leaked X user records, 2FA bypassing cookies for sale, and ransomware groups recruiting affiliates and selling the latest attack exploit kits. 'These are the parts of the web where people go searching for information that isn't available through a regular Google search,' Threat Intelligence specialist Prodaft said as it launched a new April 17 project called the SYS Initiative. SYS, shorthand for sell your source, promises pretty much what it says on the tin. For threat intelligence to be truly valuable, it requires visibility into the very heart of the infrastructures used by cybercriminals. That means diving deep into illicit marketplaces, the dark web, and underground hacker forums, where information that can help in the understanding of adversarial networks and provide insight into new and evolving attacks can be found. Access to these hacker hangouts is not, as you might well imagine, just a matter of completing a quick registration form. More often than not, to access forums that have any meaningful intelligence content requires an existing member to vouch for you, contacts within the criminal underworld, or something of proven value that you can bring to the table. The older and better established the forum, the harder it is to get in and gain trusted access to the levels of membership where actual cybercrime tactics, techniques and procedures are discussed. In launching the SYS Initiative, Prodaft is looking to purchase hacker accounts for selected, established, and active cybercrime forums. To be eligible, the accounts must have been created before December 2022 and not have been actively engaged in criminal or unethical activity. 'We want to utilize those accounts for human intelligence purposes (HUMINT) and ensure we have as much visibility into the dark web as possible,' Prodaft said. Initially, Prodaft said that it was interested in hearing from people with accounts on the following forums: The accounts that have either operator or admin roles will be eligible for higher payments, Prodaft said. If this sounds like you, then Prodaft said you should reach out by way of ToX chat or email to tips@ 'We ensure secure and private communication to protect your identity throughout the process,' the company stated. 'Attackers reliably hit where defenders don't even know they are vulnerable,' Evan Dornbush, a former NSA cybersecurity expert, said. These attackers have something of a monopoly on the vulnerability and tools-related knowledge, knowledge that many defenders are blissfully ignorant of. Profit is 'engaging the community to break the attacker's monopoly,' Dornbush concluded, 'and we should all hope they are successful in this endeavor.' So, if you have an old hacker forum account and haven't been naughty with it, maybe now is the time to do the right thing and cash in while you can.
