|
Alexander Ermolov
@
flothrone
|
|
Security researcher. Low-level design, BIOS and other firmwares, system software
|
|
|
143
Tweetovi
|
69
Pratim
|
642
Osobe koje vas prate
|
| Tweetovi |
| Alexander Ermolov proslijedio/la je tweet | ||
|
Daniel Maslowski
@OrangeCMS
|
1. velj |
|
I am quite exhausted from the sheer complexity of the #firmware research I have been doing, having just spoken about the @intel ME at @fosdem. Now it's your turn: Please look into it as well and post your follow-up insights! ✨👩🏻💻
Slides: metaspora.org/look-at-me-fos…
Video will follow. pic.twitter.com/U75LfQZqXt
|
||
|
||
| Alexander Ermolov proslijedio/la je tweet | ||
|
offensivecon
@offensive_con
|
21. sij |
|
Untrusted Roots: exploiting vulnerabilities in Intel ACMs by @flothrone offensivecon.org/speakers/2020/…
|
||
|
|
||
| Alexander Ermolov proslijedio/la je tweet | ||
|
Peter Bosch
@peterbjornx
|
31. pro |
|
Slightly late, but here's the slides to my #36C3 talk: pbx.sh/intelme_talk.p… . Contains some useful bonus slides and links, somewhere in the next few days I will add more references to prior work on this subject.
|
||
|
|
||
| Alexander Ermolov proslijedio/la je tweet | ||
|
Nikolaj Schlej
@NikolajSchlej
|
19. pro |
|
A new set of "Mac firmware security" pages are finally out, thanks to @XenoKovah.
Check it out, it's what me and my teammates at Apple had beet working on really damn hard for the last several years.
support.apple.com/guide/security…
|
||
|
|
||
| Alexander Ermolov proslijedio/la je tweet | ||
|
Xeno Kovah
@XenoKovah
|
22. stu |
|
Check it out for more about the first-in-the-world work @CoreyKal & Rafal Wojtczuk have done for UEFI DMA protection and UEFI sandboxing of PCIe Option ROMs twitter.com/radian/status/…
|
||
|
|
||
| Alexander Ermolov proslijedio/la je tweet | ||
|
axi0mX 🌧️📲
@axi0mX
|
24. lis |
|
"#checkm8: The iPhone Exploit That Hackers Use to Research Apple’s Most Sensitive Code"
This is what the title of this write-up would be if it was a VICE article. This is a detailed write-up of the vulnerability I found and how the exploit really works. habr.com/en/company/dse…
|
||
|
|
||
| Alexander Ermolov proslijedio/la je tweet | ||
|
Platform Security Summit
@platformsec
|
22. lis |
|
(#platformsec19 video) The Evolution of Advanced Threats: REsearchers Arms Race — Alex Matrosov, Nvidia platformsecuritysummit.com/2019/speaker/m…
@matrosov @nvidia @halvarflake @uffeux @qrs @flothrone @coreboot_org @osfc_io @OpenComputePrj #uefi #firmware #security pic.twitter.com/dXwDbvwIMi
|
||
|
|
||
| Alexander Ermolov proslijedio/la je tweet | ||
|
Digital Security
@DSecRU
|
18. lis |
|
checkm8-arduino PoC - the checkm8 port for Arduino and USB Host Shield. github.com/DSecurity/chec… #Checkm8 pic.twitter.com/T5SA2AZf0d
|
||
|
|
||
| Alexander Ermolov proslijedio/la je tweet | ||
|
|
Peter Bosch
@peterbjornx
|
11. lis |
|
I've started writing a series of articles about reverse engineering the Management Engine, I've just uploaded the first two: pbx.sh/intelme-sw1/, and pbx.sh/intelme-sw2/
|
||
|
|
||
| Alexander Ermolov proslijedio/la je tweet | ||
|
|
axi0mX 🌧️📲
@axi0mX
|
27. ruj |
|
EPIC JAILBREAK: Introducing checkm8 (read "checkmate"), a permanent unpatchable bootrom exploit for hundreds of millions of iOS devices.
Most generations of iPhones and iPads are vulnerable: from iPhone 4S (A5 chip) to iPhone 8 and iPhone X (A11 chip).
github.com/axi0mX/ipwndfu
|
||
|
|
||
| Alexander Ermolov proslijedio/la je tweet | ||
|
Intel STORM
@IntelSTORMTeam
|
26. ruj |
|
We've just released a new paper "New Memory Type Against Speculative Side-Channel Attacks". Read it here: bit.ly/nonspecmemtype @wildsator @bsdaemon @Kekai_Hu #WeAreSTORM @IntelSTORMTeam
|
||
|
|
||
| Alexander Ermolov proslijedio/la je tweet | ||
|
Piotr Bania
@PiotrBania
|
17. ruj |
|
Some new bug of mine: AMD Radeon Shader Functionality Remote Code Execution - blog.talosintelligence.com/2019/09/vuln-s… amd.com/en/corporate/p…
|
||
|
|
||
| Alexander Ermolov proslijedio/la je tweet | ||
|
dump_stack()
@dump_stack
|
30. kol |
|
lpe is a collection of verified Linux kernel exploits.
Exploit testing is fully automated. Feel free to make a pull request with a new exploit to see it by yourself 😉
The end goal is to collect all public exploits that actually work.
github.com/jollheef/lpe
|
||
|
|
||
| Alexander Ermolov proslijedio/la je tweet | ||
|
Check Point Research
@_CPResearch_
|
20. kol |
|
[CPR-Zero] CVE-2019-1159 (Windows 10 Kernel): Use-After-Free in the GetDCEx function in win32kfull.sys.
cpr-zero.checkpoint.com/vulns/cprid-21…
|
||
|
|
||
| Alexander Ermolov proslijedio/la je tweet | ||
|
Alex Matrosov
@matrosov
|
18. kol |
|
I wrote a blog post "Breaking Through Another Side: Bypassing Firmware Security Boundaries". It's a first part of the series based on our #BHUSA research with Alexandre Gazet.
HW/FW Security != Summary of all Security Boundaries
medium.com/@matrosov/firm…
|
||
|
|
||
|
|
Alexander Ermolov
@flothrone
|
15. kol |
|
|
||
|
|
Alexander Ermolov
@flothrone
|
15. kol |
|
Does it support System Management Mode? :)
|
||
|
|
||
| Alexander Ermolov proslijedio/la je tweet | ||
|
HITBMedia
@HITBMedia
|
14. kol |
|
@flothrone presents a flaw in the UEFI microcode loader which tricks it into downgrading the CPU microcode, opening up exploitation of patched vulnerabilities in Authenticated Code Modules and the bypassing of hardware-based trusted/measure boot #HITBGSEC gsec.hitb.org/sg2019/session… pic.twitter.com/SPBqu5o7Ed
|
||
|
|
||
| Alexander Ermolov proslijedio/la je tweet | ||
|
Mobile Security
@mobilesecurity_
|
12. kol |
|
Breaking Samsung's ARM TrustZone
#MobileSecurity #AndroidSecurity
#BHUSA2019 [SLIDES] by @quarkslab
(@pandasec_ @NeatMonster_ @patateQbool)
i.blackhat.com/USA-19/Thursda… pic.twitter.com/H3oHhk67T9
|
||
|
|
||