@NetEaseGames_JP@NetEaseGames_EN@NetEase_Global@MarvelRivals What's the reason you guys drop a vulnerable and exploitable driver called WinRing0 (version 1.2.0.5) on everyone's machine and try to hide it as powershell.sys in a legitimate powershell system folder?
@daaximus@Activision@CallofDuty Activion includes “Decompiling or Reverse Engineering” as ban reasons and will ban for having IDA: https://t.co/ypgIgiM2cY
Also a new PC doesn't mean much these days. They probably include gateway mac in hwid.
@PetrBenes The read operation stops extending once it finds a resident page, or hits the end of the mapping. In your case, it’ll fail to expand in either direction and will only page in the faulting page.
@PetrBenes The read operation will extend forwards and backwards from the faulting PTE as much as allowed by the cluster size, unless the thread has page fault clustering disabled.
“Previously available to Windows security features only, VBS enclaves are now available to third-party application developers”
Very cool. Waiting for more details :)
TIL: the 0xBACCD00B cpuid function scattered around various AMD firmware is actually just an AMD SimNow breakpoint😇
Originally spotted it in prod SMM supervisor module on my lenovo thinkpad but now realizing they're everywhere.
I got time to update a draft that should've been published long ago. Here is a fun PG-compliant hooking mechanism, and the example covered in the article is system-wide SYSCALL hooks in a PG-compliant manner.
https://t.co/U1vPQPhtuo
I’ve decided to leave Munro, @live_munro@MunroAssociates. Not sure what’s ahead for me, but I’m excited for the journey! Would love to hear ideas and advice as I move onward!
@dpakman I tried to sub to your YouTube multiple times but your upload cadence is unbearable. 5+ videos spammed daily in my feed is too much. I always unsub shortly after. You might want to consider single, quality, daily uploads.