engineering Archives

Winsage

July 23, 2025

Microsoft calls Windows 11 24H2 “The most reliable Windows yet,” and it has numbers to back it up

Microsoft has declared that Windows 11 24H2 is the most reliable version of its operating system to date, supported by telemetry data from July 2025 showing a 24% decrease in unexpected restart failures compared to Windows 10 22H2. The traditional blue screen of death (BSOD) has been replaced with a black screen, which aims to reduce visual disruption and stress for users. This new screen presents a concise message with the stop code and information about the faulty driver, eliminating the frowny face and QR code. Additionally, a hexadecimal version of the stop code has been added for easier online searches for solutions. Microsoft is committed to improving reliability through collaborative efforts across engineering, design, and user research teams. There are also hidden functionalities in Windows 11 that users can explore for enhanced capabilities.

AppWizard

July 23, 2025

Threat Actors Blend Click Fraud Apps and Malware to Steal Android Credentials

Security researchers at Trustwave SpiderLabs have identified a complex cluster of Android malware that combines click fraud, credential theft, and brand impersonation. This malware exploits the Android Package Kit (APK) file format to distribute malicious applications, often through phishing messages or deceptive websites. Users are tricked into installing these APKs, which are disguised as reputable brands or promotional apps. Once installed, the malware takes advantage of Android's permission model to access sensitive resources, primarily for click fraud and traffic redirection to generate illicit revenue. Some variants engage in data collection and credential harvesting, employing advanced evasion tactics to avoid detection, such as using counterfeit Chrome applications and overlay screens. A notable variant includes a spoofed Facebook app that mimics the official interface and connects to a remote command-and-control server for instructions. The malware uses encryption and encoding to secure data exchanges and employs open-source tools to bypass Android's signature verification. Evidence suggests that the operators may be Chinese-speaking, as indicated by the use of Simplified Chinese in the code and the promotion of related APK campaigns on Chinese-speaking underground forums.

Winsage

July 23, 2025

Introducing Surface Laptop 5G: Seamless connectivity, built for business

Microsoft has expanded its Surface Copilot+ PC portfolio with the introduction of the Surface Laptop 5G, a 13.8-inch device powered by Intel Core Ultra (Series 2) processors, set to ship on August 26. The new 13-inch Surface Laptop and 12-inch Surface Pro are available for immediate purchase. The Surface Laptop 5G features a Neural Processing Unit (NPU) capable of over 40 trillion operations per second, enhancing on-device intelligence and productivity. It includes an integrated 5G modem for continuous connectivity to Microsoft 365 Copilot and other cloud tools. The device has a dynamic antenna system with six antennas that adapt to surroundings, ensuring reliable connectivity and the ability to function as a mobile hotspot. It supports both NanoSIM and eSIM options and weighs under 3 pounds for portability. The device underwent rigorous real-world testing for performance and connectivity. IT departments can remotely manage the devices, and the Surface Management Portal offers centralized visibility into device health. The Surface Laptop 5G is part of a growing portfolio of Copilot+ PCs designed for modern business needs.

Winsage

July 22, 2025

Saying no to Windows 11 just got easier – Operese automatically transfers your Windows 10 files and settings to Linux

Microsoft will end support for Windows 10 on October 14, 2025, affecting over 200 million devices. A student developer, TechnoPorg, has created a free migration tool called Operese to facilitate the transition from Windows 10 to Linux. Operese translates a Windows 10 installation into a Linux setup, preserving data, settings, and applications as much as possible. It uses a customized version of Kubuntu to provide a user-friendly experience. While the tool is still in development and may not support all applications, it aims to offer a smooth migration process. Linux distributions, such as Kubuntu, are compatible with older hardware and provide enhanced privacy and security compared to Windows. TechnoPorg plans to open-source Operese once it is more stable and documented.

AppWizard

July 22, 2025

Threat Actors Combine Android Malware With Click Fraud Apps to Steal Login Credentials

A new wave of malicious Android Package Kit (APK) files is combining click-fraud advertising and credential theft, primarily affecting regions like Southeast Asia, Latin America, and parts of Europe. These APKs disguise themselves as casual games or clones of legitimate apps, enticing users to sideload them and bypass Google Play’s security measures. Once installed, they request excessive permissions and operate in the foreground to inflate ad impressions while capturing user credentials through convincing login forms. The malware uses a modular configuration system and communicates with an encrypted command-and-control backend. The installation process often begins with social media messages or QR codes leading to spoofed landing pages. The app can embed secondary payloads without invalidating its original signature and minimizes detection by sandboxes. By the time users notice unusual activity, the malware has already exfiltrated ad revenue and credentials.

AppWizard

July 22, 2025

Cybercriminals Merge Android Malware with Click Fraud Apps to Harvest Credentials

Researchers have identified a sophisticated cluster of Android malware that merges brand impersonation with traffic monetization strategies, utilizing Android Package Kit (APK) files to compromise user trust and extract sensitive information. The malware disguises itself as legitimate services and uses social engineering techniques to encourage manual installations. Once installed, it exploits Android's permission model to access device resources and hijack network traffic for advertising fraud. The malware includes various categories such as ad fraud apps, credential stealers, background data harvesters, task reward apps, and gambling apps, each designed to manipulate user interactions and collect sensitive data. Common strategies include redirecting traffic through monetized domains and employing encrypted command-and-control communications. A notable variant is a spoofed Facebook APK that requests extensive permissions and retrieves encrypted configuration files from specific domains. The malware's infrastructure allows it to circumvent Android signature verification and adapt its behavior based on the environment, evading detection. Analysis suggests involvement from Chinese-speaking operators, with connections to underground economies trading stolen data. The campaign combines ad fraud and credential theft, highlighting a dual purpose of monetization and intelligence gathering. Users are advised to limit installations to trusted sources and scrutinize unsolicited APKs to mitigate threats.

AppWizard

July 17, 2025

Codev giant Virtuos making layoffs

Virtuos is reducing its workforce by approximately seven percent, equating to around 300 positions. The layoffs will primarily impact its Asian operations, with 200 employees affected, 70 roles in Europe, and fewer than ten positions in France. The company aims to realign its global capabilities to enhance high-value co-development services. Virtuos will provide separation pay, job placement assistance, and opportunities for affected employees within its network. This decision reflects broader job cuts in the gaming industry, as seen with Microsoft's recent layoffs.

Tech Optimizer

July 17, 2025

TigerData Launches Tiger Lake, Unifying Postgres and the Lakehouse for Real-Time Intelligence

TigerData has introduced Tiger Lake, an architectural layer that integrates the operational speed of Postgres with the analytical capabilities of lakehouses. This innovation allows for continuous, bidirectional data movement between operational databases and scalable cloud storage systems, eliminating the need for data duplication and complex pipelines. Tiger Lake enables real-time replication of Postgres tables into the lakehouse and synchronization of processed results back into Postgres. It is built into Tiger Postgres and enhanced by TimescaleDB, making it suitable for high-ingest, time-series data management. Tiger Lake is based on open standards, such as Apache Iceberg, allowing flexibility without vendor lock-in. It is currently in public beta, enabling users to stream data between Postgres and Iceberg-backed S3 storage, with future updates planned for enhanced querying and synchronization capabilities.

AppWizard

July 16, 2025

Konfety Android Malware Exploits ZIP Tricks to Masquerade as Legit Apps on Google Play

Security researchers from zLabs have identified a new version of the Konfety Android malware that uses advanced ZIP-level modifications to avoid detection and mimic legitimate apps on the Google Play Store. The malware employs an "evil-twin" strategy, distributing malicious versions with the same package names as harmless apps. It manipulates the APK's ZIP structure to disrupt reverse engineering tools, allowing it to evade analysis. The installation process on Android can handle these malformed packages without raising alarms. Konfety features a dynamic code loading mechanism, hiding a secondary Dalvik Executable (DEX) file that is decrypted at runtime, which contains malicious components. It integrates with the CaramelAds SDK for ad fraud, while disguising its activities through geofencing and icon concealment. The malware has been linked to previous campaigns and uses decoy applications on the Play Store for camouflage. Upon execution, it redirects users to fraudulent websites, leading to unwanted app installations and compromising user privacy. The threat actors behind Konfety continuously update their tactics to evade detection, highlighting the growing sophistication of Android malware. Users are advised to scrutinize app sources and monitor network activity to mitigate risks.

AppWizard

July 15, 2025

Can You Play Minecraft on Mac? Here’s What You Need to Know

Playing Minecraft on a Mac is feasible, with two primary editions available: Java Edition and Bedrock Edition. Java Edition runs natively on macOS and supports mods, while Bedrock Edition lacks official support for Mac and requires workarounds to run. To acquire Minecraft, users can visit minecraft.net, select Java Edition, download the installer, and launch the game. Mods function similarly on Mac as they do on Windows, with popular mod managers like Forge and Fabric supporting macOS. Hosting a Minecraft server on a Mac is possible but cumbersome, leading many to rent servers instead. In Java Edition, players can join IP-based servers and share addresses with friends. Performance can vary, with modern Macs generally handling the game well, but adjustments may be needed for base models. Minecraft Bedrock does not exist natively for Mac, and the Mac App Store version is the Education Edition. Compatibility issues with mods can arise, and local servers may be blocked by the Mac firewall.