engineering Archives

Tech Optimizer

August 21, 2025

Inside Quick Heal’s Journey: Building India’s First Antivirus to a Global Brand

Quick Heal Technologies was founded by brothers Kailash and Sanjay Katkar in Pune, focusing on antivirus solutions to combat rising computer viruses. It became India's first homegrown antivirus and is now a globally recognized company. Despite India's digital economy expanding, only 7% of organizations are mature in cybersecurity readiness, facing challenges such as a skills deficit, fragmented security implementations, and a disconnect between executive priorities and security realities. India needs over 800,000 cybersecurity professionals, and educational institutions must integrate practical threat scenarios into their curricula. The "Make in India" movement is fostering indigenous cybersecurity solutions that address local threats while being globally relevant. Quick Heal utilizes AI to enhance threat detection and response, analyzing vast amounts of data while emphasizing the irreplaceable role of human expertise in strategic decision-making. Emerging threats include AI-powered social engineering, supply chain attacks, and cloud misconfigurations. Organizations should adopt Zero Trust architectures, invest in continuous security training, and utilize integrated threat intelligence. Quick Heal's leadership emphasizes solving real problems for customers and encourages young engineers to gain practical experience in cybersecurity. Recommended strategies for CISOs include aligning security investments with business priorities, embracing automation, and establishing integrated threat intelligence for effective risk management.

AppWizard

August 19, 2025

Android VPN apps used by millions are covertly connected AND insecure

Recent research from Arizona State University and Citizen Lab has identified connections among three families of Android VPN applications with over 700 million downloads, raising concerns about user privacy and security. The analysis revealed three groups of VPN providers: 1. Group A: Eight apps from three providers sharing identical Java code and libraries, exhibiting vulnerabilities such as: - Collecting location data against privacy policies. - Using weak encryption methods. - Hard-coded Shadowsocks passwords that could allow traffic decryption. 2. Group B: Eight apps from five providers supporting only the Shadowsocks protocol, sharing libraries and hard-coded passwords, with all servers hosted by GlobalTeleHost Corp. 3. Group C: Two providers with one app each, using a custom tunneling protocol and sharing similar code, vulnerable to connection inference attacks. The research highlighted significant privacy breaches, including undisclosed location data collection and vulnerabilities that could allow eavesdroppers to decrypt communications. Alarmingly, these VPN providers are linked to Qihoo 360, a Chinese company that has concealed this connection, raising concerns about potential data sharing with the government due to China's strict laws. Additionally, the Tech Transparency Project found that many free VPN apps on the Apple App Store are also linked to companies in mainland China or Hong Kong without disclosing these ties.

Winsage

August 19, 2025

Threat Actors Abuse Microsoft Help Index File to Execute PipeMagic Malware

Cybersecurity researchers have identified a malware campaign that uses Microsoft Help Index Files (.mshi) to deploy the PipeMagic backdoor, which has primarily targeted organizations in Saudi Arabia and Brazil in 2025. PipeMagic first appeared in December 2022 during a RansomExx ransomware campaign and exploits CVE-2025-29824, a vulnerability recognized by Microsoft as actively exploited. The malware has evolved from exploiting CVE-2017-0144 to using advanced social engineering techniques. The latest campaign employs .mshi files containing obfuscated C# code and encrypted payloads, utilizing the MSBuild framework for execution to bypass security controls. The infection process begins with executing a malicious metafile.mshi, which decrypts shellcode using an RC4 stream cipher and executes it via the Windows API function EnumDeviceMonitor. The decrypted shellcode is designed for 32-bit Windows systems and uses evasion techniques to complicate analysis, ultimately establishing the PipeMagic backdoor on the system and enabling communication through a named pipe at 127.0.0.1:8082.

AppWizard

August 14, 2025

Microsoft brings native Xbox app gaming to Windows on Arm PCs – hints at bigger hardware shift ahead

Microsoft has updated its Xbox app for Arm-based Windows 11 devices, allowing users to download and play games natively instead of relying solely on Xbox Cloud Gaming. This update enables select compatible games to be installed and played locally on Arm devices, such as those powered by Qualcomm's Snapdragon X, including the Surface Laptop 7. Users must join the Windows Insider and Xbox Insider programs to access the updated Xbox PC app (version 2508.1001.27.0 or higher) via the Xbox Insider Hub. Historically, most PC games have been designed for x86 architecture, leading to performance issues on Arm devices. Nvidia is collaborating with MediaTek to develop an Arm-based SoC for Windows PCs, initially expected to launch in 2025 but delayed to late 2026. An engineering sample of this SoC has shown strong specifications, comparable to the desktop RTX 5070.

AppWizard

August 14, 2025

Surge in Android Malware Targets Banking Apps with NFC Fraud

A new wave of Android malware is targeting banking applications, utilizing techniques such as NFC relay fraud, call hijacking, and root-level exploits. Variants like PhantomCard, SpyBanker, and KernelSU are designed to infiltrate devices and manipulate transactions in real time. PhantomCard mimics legitimate NFC payment processes, SpyBanker hijacks calls from financial institutions, and KernelSU exploits kernel vulnerabilities for persistent access. This malware has affected thousands of devices, with attackers using disguises on the Google Play Store and phishing campaigns. A related variant, Anatsa, impacted over 90,000 users through fake PDF applications. The rise of such malware correlates with the increasing adoption of contactless payments, particularly in Europe and Asia. Experts recommend that banks enhance their defenses with behavioral analytics and that users enable app verification. Additionally, malware like KernelSU allows evasion of detection by operating at the system's core. Cybersecurity firms suggest a multi-layered security approach, including device encryption and AI-driven threat detection, to combat these evolving threats.

AppWizard

August 13, 2025

Beware the strange file in your messages: This “antivirus” app fakes scans, then watches everything

A new Android app called LunaSpy poses as an antivirus or banking protection tool but is actually sophisticated spyware. It spreads mainly through messaging platforms like Telegram, using social engineering tactics to prompt users to grant extensive permissions by generating fake “threats found” notifications. Once granted access, LunaSpy can read text messages, extract credentials, track locations, and record audio or video. The app is distributed through links that encourage users to sideload an APK rather than downloading from the official Play Store. It requests excessive permissions that legitimate antivirus apps would not demand, making devices vulnerable to data exfiltration. Users are advised to avoid installing APKs from chat links, uninstall suspicious applications, review and revoke excessive permissions, and take steps to secure their accounts.

AppWizard

August 12, 2025

Is Redstone Minecraft’s Hardest Mechanic or Its Secret Gateway to Engineering?

Redstone in Minecraft is a complex element that can be both confusing and rewarding for players. While it appears simple—being mined and placed down—it often leads casual players to abandon it due to its perceived complexity. However, those who persist can unlock its potential for creating automated systems and machines. Redstone operates on real-world engineering principles, such as logic gates and circuits, allowing players to engage with concepts similar to electrical engineering. The lack of in-game guidance complicates its mastery, requiring players to learn through experimentation and trial and error. Advanced users can create intricate devices, including functioning CPUs, using Redstone. It fosters essential skills like problem-solving and logical reasoning, making it a valuable educational tool in STEM thinking.

Winsage

August 12, 2025

Web Account Manager: The Foundational Enabler of Single Sign-On for Windows Applications within the Microsoft Identity Ecosystem

Organizations are adopting cloud-first strategies for digital identity management, particularly using Microsoft identity providers and implementing Zero Trust Architecture. Microsoft's Web Account Manager (WAM), introduced with Windows 10, is central to this transformation, enabling secure access and single sign-on (SSO) across applications like Microsoft 365 Copilot, Office 365, Teams, and OneDrive. WAM addresses fragmentation issues associated with traditional authentication methods by centralizing identity management and token handling, thus enhancing security and user experience. WAM mitigates fragmentation challenges by simplifying protocol integration, managing token lifecycle, and reducing operational overhead. It provides seamless SSO for end-users, simplifies integration for developers, and supports compliance and security for organizations. WAM features two primary APIs for token acquisition: GetTokenSilently and RequestToken, which facilitate secure token requests based on device states and application needs. Future enhancements will focus on improving token protection strategies.

Tech Optimizer

August 12, 2025

Why SMEs can’t afford to ignore cybersecurity

Small and medium-sized enterprises (SMEs) are crucial to the Indian economy and are increasingly adopting digital tools for growth. However, they face significant cybersecurity risks due to misconceptions about their vulnerability. SMEs often have limited IT resources, outdated systems, and poor security practices, making them attractive targets for cybercriminals. The World Economic Forum's Global Cybersecurity Outlook 2025 indicates that 60% of organizations consider geopolitical tensions in their security strategies, highlighting the risks for digitizing economies like India. Cyber incidents can have severe consequences for SMEs, including operational disruptions and damage to customer trust. Cybersecurity should be viewed as a strategic investment rather than a discretionary expense, with practical measures such as firewalls, antivirus software, strong password policies, and employee training recommended. Additionally, having recovery plans and incident response procedures in place is essential for minimizing downtime and protecting business reputation. As India aims for Viksit Bharat 2047, robust cybersecurity measures are critical for sustainable growth.

Tech Optimizer

August 9, 2025

No firewalls or antivirus software—this new quantum technology using magnets promises to protect your information at the subatomic level

A team from Kyoto University has developed a light source that emits single photons, enhanced in brightness by a small magnetic field, which can be used for secure quantum communications. This technology relies on the principles of quantum mechanics, making it difficult for eavesdroppers to replicate or measure the quantum states without detection. The researchers used a one-atom-thick semiconductor sheet, WSe₂, creating traps for excitons that emit photons when relaxed. Current limitations include the need for cryogenic temperatures for operation, but advancements in materials may allow for room-temperature single-photon emission. The technology has potential applications in secure communications for sensitive transactions and could evolve into compact modules for practical use. Recent studies have demonstrated successful quantum key distribution (QKD) using true single-photon sources, indicating progress in integrating quantum technology into real-world networking.