Streaming remote dynamically executed code into the kernel 

https://twitter.com/vm_call/status/1214263096845488133 …
Nope, such an amazing attack vector installed on millions of computers, just waiting for the supply chain attack of the decade to happen when someone gets a hold of battleye servers 
-
-
in fairness, its clear they need to move fast and i get why they want to update frequently. Also i am not sure this any worse in terms of a supply chain attack than a static driver update
-
Static driver updates require certificate access as well, and can be verified by checking the hash on disk for updates. This shellcode streaming is completely silent to the user and depending on server setup, might not need access to fully recompile the driver with certificate.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.