I sometimes can't attach a debugger to a process after restoring a VM snapshot. Waiting a bit usually helps. Any ideas?

As scammers use up all verbs and nouns to name their shitty companies, search engines should introduce a -nostartup operator:

"cocktail -nostartup:lime" (search for drinks with a specific fruit)
"office365 -nostartup:zoom" (how to zoom in an online document editor)

RT @buherator@twitter.com

It looks like some fucking idiot created a company called BasicBlock (blockchain for logistics), and is now polluting search results 🤬

Trying to find info about an image zoom bug in @google@twitter.com Classroom. All search results are littered with info about @zoom_us@twitter.com ...

I just found a patent relevant to my RE target and I'm not sure if my situation got better or worse...

This guy was the primary cause of a smell bomb deactivation procedure taking place in the kid's room literally an hour ago... (He's brilliant though, you should watch)

RT @anitamassey86@twitter.com

This guy has just won the internet.

Maybe twitterverse has more answers than I do:

RT @michael_eder_@twitter.com

@buherator@twitter.com Do you have any hints or resources for thick clients? This is an area where I need to catch up massively

👇 🤯👇

RT @thracky@twitter.com

I also figured out last week that delegate items are just classes which implement the delegate interface, so there's potentially more classes/DLLs that can be reached using this whole delegate concept.

Do my memories fail me or trimming on @YouTube@twitter.com used to be applied instantly and now in the new Studio it takes hours (in fact, a 7:00->6:55 trim didn't finish overnight)?

Thick client hints:
- Attackers can't just debug/decompile the client on the workstation it was installed on
- That workstation isn't as "locked down" as one would think
- You usually don't even need a decompiler/debugger, when you have Task Manager

I helped with the parsing of some online homework submissions, and I start to realize that sharing pictures by embedding them in Word documents is one of the *better* options. And these are the supposed natural users of technology...

Now CVE-2020-0668 definitely looks like a logic bug, but is still described as "vulnerability exists in the way that the Windows Kernel handles objects in memory":


Looks like MS advisories give out less and less info :P

RT @buherator@twitter.com

Re: this month's Windows Defender Security Center EoP's (CVE-2020-0762, CVE-2020-0763): does "handles certain objects in memory" imply memory corruption these days?


In case someone has more free time than I do these days: please play some Worms


When you have a kid asking 100+ questions a day, you realize that "I don't know" is also relieving

RT @lcamtuf@twitter.com

A friend pointed me to this. No matter which side we're on... we owe it to others to sometimes just pause and say "I don't know".

Holy Balls of Stallman! How can be the autocomplete in LibreOffice Calc THIS bad?! The fact that I once typed a thing that starts with a number doesn't mean that I want to type the same thing every time I press the same fucking digit...

Someone had enough free time...

RT @underthebreach@twitter.com

Cobalt Strike 4 just got cracked and posted online, I verified it and it is real.


Black Hat Europe 2019 Keynote: Blue to Red: Traversing the Spectrum by @malwareunicorn@twitter.com

youtu.be/WhSrLk6vWgQ?t=2830 < Nice keynote to start off Monday

Devil is Virtual: Rveversing Virtual Inheritance in C++ Binaries arxiv.org/pdf/2003.05039.pdf < Haven't read this yet, but associating the Devil with C++ looks reasonable

Me, e-sporting:


(don't forget to support @internetarchive@twitter.com, they are awesome!)

Show more

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!