engineering Archives

AppWizard

April 2, 2025

Naughty Dog And Nixxes On The PC Port Of The Last Of Us Part II: “We Take The Steam Deck Very, Very Seriously”

The Last of Us Part II is set to launch on Steam on April 3, marking a shift in Sony's strategy to release titles across multiple platforms. The porting process involves adapting the game from PlayStation hardware to PC, which presents challenges due to differences in architecture and the need for customizable experiences for PC gamers. The development team, including members from Naughty Dog and Nixxes, has implemented a system for real-time shader compilation to enhance performance. The port will also include new characters and gameplay modes, while maintaining the original narrative. Extensive collaboration between Naughty Dog and Nixxes has ensured support for various input devices and accessibility options.

AppWizard

March 28, 2025

PJobRAT Android RAT as Dating & Instant Messaging Apps Attacking Military Personnel

PJobRAT is an Android Remote Access Trojan (RAT) that re-emerged in 2023 with improved capabilities and a refined targeting strategy, previously known for attacking Indian military personnel in 2021. It is now targeting users in Taiwan through social engineering tactics, disguising itself as legitimate dating and messaging apps. The malware is distributed via compromised WordPress sites hosting fake applications like “SaangalLite” and “CChat.” The infection footprint is small, indicating highly targeted attacks rather than widespread campaigns. PJobRAT retains its core functionality of exfiltrating sensitive information, including SMS messages, contacts, and media files, while enhancing command execution capabilities. Upon installation, the malicious apps request extensive permissions to operate continuously in the background. The malware uses a dual-channel communication infrastructure, with Firebase Cloud Messaging (FCM) as the primary command channel and a secondary HTTP-based channel for data exfiltration to a command-and-control server. The campaign appears to have concluded, but the evolution of PJobRAT highlights the ongoing threat of sophisticated mobile malware targeting high-value individuals.

Winsage

March 27, 2025

Looking back at Windows Longhorn

Retired Microsoft engineer Dave Plummer discussed the Windows Longhorn project, which aimed to succeed Windows XP but faced significant challenges. Longhorn was envisioned to overhaul the user experience and introduce features like WinFS for content-based file searching. However, the simultaneous development of many new features led to a fragile and bloated codebase, making it difficult to use in daily operations. A 2002 memo from Bill Gates prioritizing security diverted resources from Longhorn, further complicating development. Ultimately, in August 2004, Microsoft scrapped the existing Longhorn codebase in favor of the Windows Server 2003 SP1 codebase, integrating select Longhorn features. The project resulted in Windows Vista, which retained some Longhorn features while discarding others. Plummer reflected on the mixed legacy of Longhorn, acknowledging its failures and the lessons learned that shaped Microsoft's future practices.

AppWizard

March 27, 2025

Quincy Museum Hosts “Minecraft at the Museum” Event

The Quincy Museum will host "Minecraft at the Museum" on April 5, 2025, from 1 to 3:15 p.m., coinciding with the release of A Minecraft Movie. The event will feature interactive stations focused on archaeology, blacksmithing, sustainable farming, geology, electrical engineering, and textiles. Attendees will receive raffle tickets, swag bags, and access to a themed photo booth. The museum has partnered with VIP Quincy 3 to offer reciprocal discounts for moviegoers and museum visitors. Tickets for the event are limited to 150 guests and can be purchased online.

AppWizard

March 26, 2025

Google bolsters Android security for app developers and users

Google has announced a suite of improvements to enhance security within the Android ecosystem and the Google Play Store. Key advancements include: - Enhanced tools to protect businesses from scams and fraud. - Pre-review checks to identify policy and compatibility issues early in app development. - Transparent information on Google Play to build consumer trust. - Strengthened threat-detection capabilities using AI to combat malicious activities. Developers will receive earlier notifications about relevant policies within Android Studio, and the policy experience has been revamped for clearer updates and more time for changes. The Google Play Developer Help Community is expanding to facilitate knowledge sharing among developers. The Play Integrity API is being utilized for over 500 million daily checks to prevent fraud and abuse, with apps using these features seeing an 80% reduction in usage from unverified sources. Improvements for devices running Android 13 include enhanced security signals and automatic updates for developers. New badges for app categories, including a "Verified" badge for VPN apps, are being introduced to validate secure applications. Google is also focusing on creating a safe online experience for children and developing tools like the Credential Manager API for Digital IDs. Last year, investments in security measures prevented 2.36 million policy-violating apps from being published. Google Play Protect is evolving to counter new threats, and the company is collaborating with industry leaders to establish security standards through the App Defense Alliance.

Winsage

March 26, 2025

ReactOS drops release 0.4.15

ReactOS has released version 0.4.15, its first point-release in several years, following version 0.4.14 from December 2021. This release includes significant improvements such as enhanced plug-and-play support, improved sound and memory management, better Registry handling, a strengthened security subsystem, refinements in the graphical desktop environment, and upgrades to bundled accessories. ReactOS 0.4.15 can run Firefox 52 and successfully installed VirtualBox Guest Additions, recognizing a VirtualBox display adaptor. The operating system operates as an x86-32 platform, identifying itself as Windows NT 5.2 Build 3790: Service Pack 3. ReactOS can install Windows drivers through clean-room reverse engineering, and it features an integrated app store supporting nearly 400 programs, although some functionality issues exist with the built-in "WINE Internet Explorer" browser. The project appeals to users nostalgic for early Windows NT versions and serves as an alternative for those without a Windows license.

Winsage

March 25, 2025

EncryptHub linked to zero-day attacks targeting Windows systems

A newly identified threat actor, EncryptHub, is involved in Windows zero-day attacks exploiting a vulnerability in the Microsoft Management Console (MMC), known as 'MSC EvilTwin' (CVE-2025-26633). This vulnerability allows attackers to bypass Windows file reputation protections by manipulating MSC files on unpatched systems. Attackers can execute code without user alerts through email or web-based attacks. Trend Micro's research indicates that EncryptHub has used CVE-2025-26633 to deploy various malicious payloads, including the EncryptHub stealer and DarkWisp backdoor, to extract data from compromised systems. The threat actor employs multiple delivery methods and custom payloads to maintain persistence and exfiltrate sensitive information. EncryptHub has been linked to breaches affecting at least 618 organizations globally and is known to deploy ransomware after stealing sensitive data. Microsoft has also patched another zero-day vulnerability (CVE-2025-24983) in the Windows Win32 Kernel Subsystem.

AppWizard

March 24, 2025

Malicious Game Infects Steam Users With Info-Stealing Malware

Steam removed the game Sniper: Phantom's Resolution due to a security breach involving malware designed to extract sensitive user information. The malware was disguised as a legitimate Windows process and employed tactics like executing Node.js scripts and establishing startup persistence. A month earlier, another game, PirateFi, was found to be spreading the Vidar infostealer, affecting up to 1,500 users. Both incidents highlight the risks associated with malware hosted on trusted platforms like Steam, which may exploit vulnerabilities in submission processes. Users often identified suspicious behavior before the platforms did, indicating delayed detection and response times. The lack of timely communication regarding breaches further exacerbates user concerns.

AppWizard

March 21, 2025

A high schooler built a website that lets you challenge AI models to a Minecraft build-off

Developers are exploring new methods to benchmark generative AI models, with one initiative being the Minecraft Benchmark (MC-Bench), a platform for head-to-head competitions among AI models that generate unique Minecraft creations. Users vote on the performances without knowing which AI created each entry. The project, created by 12th-grade student Adi Singh, leverages Minecraft's universal recognition to evaluate AI capabilities. MC-Bench currently has eight volunteer contributors and has received support from major AI companies like Anthropic, Google, OpenAI, and Alibaba. The focus is on simple builds, with plans to scale to more complex tasks. MC-Bench requires models to write code for requested builds, making it easier for users to assess the quality of creations visually. Singh believes the scores from MC-Bench provide meaningful insights into AI performance compared to traditional text-based benchmarks.

Winsage

March 18, 2025

Windows Defender misidentifies key driver, disrupting popular PC monitoring tools

PC gamers experienced false alarms from Windows Defender regarding the kernel-level driver WinRing0, which is essential for hardware monitoring applications. This misidentification caused issues such as fan control applications malfunctioning after being quarantined. WinRing0 allows applications to interact with hardware components, and its use is widespread among developers. Microsoft flagged WinRing0, complicating matters for developers due to the requirement for digital signatures on drivers, which can be costly for open-source projects. Some developers, like SignalRGB, are creating proprietary drivers as alternatives, though this requires significant resources. Microsoft is reviewing its detection logic to reduce false positives, while iBuyPower plans to provide a signed version of WinRing0 to aid developers. Users may need to update applications or adjust Windows Defender settings to maintain functionality, as Razer and SteelSeries have moved away from using WinRing0 in their software.