showcases Archives

Winsage

June 25, 2026

Introduction to COM usage by Windows threats

Component Object Model (COM) is a technology in Windows that enables object activation, inter-process communication, and automation across different programming languages. Malware exploits COM interfaces for activities such as lateral movement, execution, downloading, exfiltration, persistence, evasion, system discovery, and automation of Windows and Office functionalities. Reverse engineering COM-heavy binaries involves navigating GUIDs and indirect vtable calls to understand malware mechanics. Research at the AVAR 2025 conference and CARO 2026 workshop discusses methodologies for analyzing COM binaries and case studies of malware families that utilize COM. COM is an application binary interface (ABI) model that allows software components to be reused and enables interaction between different programming languages through interfaces defined at the binary level. Distributed COM (DCOM) allows clients to activate COM objects on remote systems. COM classes are identified by unique class identifiers (CLSIDs), and interfaces by interface identifiers (IIDs). The Windows registry stores COM registration data, with classes and interfaces located under specific keys. Malware often acts as a COM client, utilizing the COM runtime to instantiate classes and request interfaces. ProgIDs provide human-readable registry entries for COM classes. The CoCreateInstance function helps create class objects by resolving CLSID registrations. All COM interfaces derive from IUnknown, which manages object lifetimes and interface querying. COM has its own security model, and identifying classes and interfaces used by malware is crucial for threat researchers. Tools like ComView and OleView.NET assist in inspecting COM registrations. The analysis workflow includes identifying activation API calls, extracting CLSID and IID values, consulting registry definitions, and mapping vtable calls. Qakbot, a banking trojan, exemplifies the use of COM in malware, with its architecture enabling malicious activities like credential theft. Dynamic analysis tools can log COM-related calls in real-time to trace execution flow. Notable malware families that utilize COM include Gh0stRAT, which uses Task Scheduler COM interfaces, and the Attor platform, which employs BITS for file transfers. WarmCookie demonstrates the use of COM for persistence through Task Scheduler. Understanding COM's role in malware is essential for cybersecurity professionals.

AppWizard

June 24, 2026

Star Wars: Galactic Racer Fuses Episode 1: Racer and Burnout Into a Compelling Roguelite Racing Game

Disney has shifted its Star Wars video game strategy to allow a wider range of developers to create games, moving away from reliance on a limited internal team. The upcoming title, Star Wars: Galactic Racer, is developed by Fuse Games and features players as Shade, who participates in an underground racing circuit in the Outer Rim. The game includes various vehicles, a roguelite structure, and character customization. Players face challenges from AI competitors and can explore planets between races, upgrading vehicles and interacting with characters. The game also features an Arcade mode for podracing, emphasizing quick reflexes and control.

AppWizard

June 24, 2026

Herschel Backpack Trials

The text describes the benefits of teamwork in adventure gameplay, highlighting that players can complete challenges more efficiently and upgrade their backpacks together. It details the innovative features of the Herschel backpack, which can maintain and repair items automatically during gameplay, eliminating the need for cumbersome equipment management. Additionally, it mentions that the in-game Herschel backpack has over 30 real-life counterparts in the latest Minecraft collection, with designs inspired by the game. These products are available online and at select retailers worldwide.

AppWizard

June 23, 2026

5 Things You Didn’t Know Your Samsung Phone Could Do

Older Samsung phones are receiving the One UI 8.5 update, which includes several features: - Users can separate app audio streams between devices, allowing navigation instructions to play through one device while music plays through another. - The side button on newer Galaxy devices can be customized for various functions, including opening different apps or tools. - Samsung offers a Secure Folder feature for storing sensitive apps and data privately. - The Dual Messenger feature allows users to clone messaging apps for managing multiple accounts simultaneously. - With One UI 5.1 and later, users can extract subjects from photos to create cutouts or stickers for use in other applications.

AppWizard

June 23, 2026

Realistic Roblox FPS made by two people hits 7 million plays, reminding us that Roblox games don’t have to be terrible

TTK is a multiplayer first-person shooter (FPS) game on Roblox developed by Sable Digital, consisting of PoptartNoahh and CanyonJack. Launched in April, it has over 7 million plays and gained popularity through viral clips of its realistic deathmatches. The game features impressive graphics for mobile, directional audio, and engaging map layouts. TTK offers a single supporter pack for 400 Robux, avoiding aggressive in-game purchases. It showcases the potential of Roblox beyond typical games, standing out among FPS titles.

AppWizard

June 22, 2026

I usually skip souslikes not made by FromSoftware, but one Steam demo just won me over

Prison of Husks is a new game available for exploration through its demo on Steam, featuring Soulslike mechanics with a camera and control scheme reminiscent of FromSoftware's titles. It showcases a retro PS1 aesthetic, evoking nostalgia while maintaining originality. The game balances homage to classic games with innovative elements, distinguishing itself in the crowded genre.

AppWizard

June 22, 2026

Steam finally found a way to recommend new games that doesn’t feel like I’m getting KO’d by a fire hose

Steam has introduced a "personal calendar" feature that highlights upcoming game releases for the next five days based on individual wishlists and preferred game tags. The calendar shows games released in the past month and previews up to six games per day for the next two months. Users can filter by specific game tags and hide games already on their wishlist. Notable upcoming releases include "Beast of Reincarnation" on August 3, "Big Walk" on August 4, and "Fields of Mistria" on August 5. The feature aims to enhance game discovery without overwhelming users, allowing them to find smaller indie games like "Cat Isle." Feedback indicates that the calendar effectively showcases a variety of titles tailored to user preferences.

AppWizard

June 22, 2026

Google Photos may have a new trick to make your pictures look dramatically different

Google Photos is set to introduce a new feature called Moods in version 7.81 of the app, which utilizes artificial intelligence for photo editing. Moods offers eight distinct templates: Airy Minimalist, Crisp 35mm, 2000’s Cinema, Rich Textures, Pink Digicam, Retro Contrast, Night Lights, and 2000’s Night, each designed to evoke specific visual styles. The feature aims to provide a more personalized editing experience by analyzing images individually rather than applying uniform filters. Although Moods is not yet operational, it represents a shift towards a more AI-driven editing experience in Google Photos. An APK teardown indicates potential features, but there is no guarantee they will be publicly released.

AppWizard

June 21, 2026

Crysis 2 had problems, but it got one thing right: destruction

Crysis 2 features a narrative centered around Alcatraz, a U.S. Marine caught in an alien invasion, guided by Prophet from the original Crysis. The game emphasizes destruction, transforming New York into a chaotic battleground, although it suffers from simplistic AI, a convoluted narrative, and clichéd characters. The nanosuit's functionality is reduced compared to its predecessor, limiting active abilities and creativity in gameplay. Players can use stealth and engage in direct combat, with standout moments during defensive missions where they assist civilians and demolish buildings to disrupt enemies. However, the final mission is anticlimactic, leaving players unsatisfied with the conclusion. Despite its limitations, Crysis 2 showcases moments of brilliance and potential for innovation in gaming.

AppWizard

June 21, 2026

Commodore Callback 8020 Retro Flip Phone Runs Android Apps

The Commodore Callback 8020 is a Sailfish OS flip phone designed to block browsers and social media, while retaining essential features like maps, messaging, music, and calls. It operates on Sailfish OS and can run over 99% of Android apps through a sandboxed Android AppSupport layer. The device lacks Google Play Services and the Play Store but comes preloaded with WhatsApp and supports various applications such as Signal, Telegram, and mapping services. It blocks web browsers and major social media applications at the system level, and email and work-related apps are excluded from the app store. The Callback 8020 features a clamshell design, T9-style texting, a 48MP rear camera, FM radio, and comes in multiple retro-inspired finishes. Preorders will start on June 30 at a price of 9.99, with shipping expected to begin in winter.