Twitter | Pretraživanje | |
Ulf Frisk
IT-Security Minion | DMA Hacker | | PCILeech | MemProcFS
1.626
Tweetovi
731
Pratim
4.508
Osobe koje vas prate
Tweetovi
Ulf Frisk proslijedio/la je tweet
Eclypsium 30. sij
Eclypsium published new research exposing vulnerabilities to DMA attacks in laptops from HP and Dell. Our principal researchers, and show that high speed DMA attacks can bypass hardware protections on enterprise devices.
Reply Retweet Označi sa "sviđa mi se"
Ulf Frisk proslijedio/la je tweet
Joseph Cox 27. sij
New: leaked documents, data, contracts show how hugely popular antivirus Avast now harvests internet browsing data and sells it for millions of dollars. Clients included Home Depot, Google, Microsoft. Documents show a product called "All Clicks Feed"
Reply Retweet Označi sa "sviđa mi se"
Ulf Frisk proslijedio/la je tweet
Luca Marcelli 26. sij
Ladies and gentlemen, I present you a working Remote Code Execution (RCE) exploit for the Remote Desktop Gateway (CVE-2020-0609 & CVE-2020-0610). Accidentally followed a few rabbit holes but got it to work! Time to write a blog post ;) Don't forget to patch!
Reply Retweet Označi sa "sviđa mi se"
Ulf Frisk 26. sij
Anyone know if there are plans for nested Hyper-V on AMD/EPYC/Ryzen?
Reply Retweet Označi sa "sviđa mi se"
Ulf Frisk proslijedio/la je tweet
Joe Fitz 23. sij
I was hoping to give the first peek at some new research on attacking high speed interfaces at , and they were kind enough to accept! See you in Barcelona...
Reply Retweet Označi sa "sviđa mi se"
Ulf Frisk 22. sij
Odgovor korisniku/ci @Test89045914
Sure, just send me a DM :)
Reply Retweet Označi sa "sviđa mi se"
Ulf Frisk 21. sij
Odgovor korisniku/ci @SkelSec
haha, yeah, mbe I should get that one instead 😀 CPU is huge
Reply Retweet Označi sa "sviđa mi se"
Ulf Frisk 21. sij
Got myself a new AMD 😀 can't wait to try it out! Hopefully cooler will arrive tomorrow...
Reply Retweet Označi sa "sviđa mi se"
Ulf Frisk proslijedio/la je tweet
—(÷[ Nate Warfield speaking @ BlueHat IL ]÷)— 20. sij
- I’ve been waiting to announce this all month; I’ll be crossing another conference off my speaking bucket list in ~2wks when I go onstage at ! I’ve been waiting for this for 2+ years - I might be a little excited about it 🤩
Reply Retweet Označi sa "sviđa mi se"
Ulf Frisk 20. sij
Odgovor korisniku/ci @n0x08 @BlueHatIL
Huge Congratz man, BlueHatIL is such an awesome event! Had an awesome time speaking last year 😀
Reply Retweet Označi sa "sviđa mi se"
Ulf Frisk 19. sij
Odgovor korisniku/ci @SandboxBear
totally agree on the now mitigated hardlinks. they are less interesting now. I understand why ppl are doing it tho. a cve looks nicer on the cv than no cve...
Reply Retweet Označi sa "sviđa mi se"
Ulf Frisk 19. sij
Odgovor korisniku/ci @SandboxBear
a bug can sometimes be interesting and worthy of a write-up even tho it might not exist in the latest and greatest. regardless of cve and bounty.
Reply Retweet Označi sa "sviđa mi se"
Ulf Frisk proslijedio/la je tweet
Yarden Shafir 16. sij
After a lot of work and some crypto-related delays, I couldn't be more proud to publish 's and mine latest research - The complete overview of CET internals on Windows (so far!):
Reply Retweet Označi sa "sviđa mi se"
Ulf Frisk proslijedio/la je tweet
SwiftOnSecurity 14. sij
COMMENTARY ON CVE-2020-0601: I have been speaking to several players on this on background and there are a few things they want to highlight / clarify based on the public discourse so far.
Reply Retweet Označi sa "sviđa mi se"
Ulf Frisk proslijedio/la je tweet
—(÷[ Nate Warfield speaking @ BlueHat IL ]÷)— 14. sij
- here it is folks. The first sentence is key; this is not remote, not code execution, not "MS17-010 bad". Should you patch? Absolutely. Is it the end of computers as we know it? Lol, no, not even close.
Reply Retweet Označi sa "sviđa mi se"
Ulf Frisk 7. sij
Odgovor korisniku/ci @r3zayn
maybe, I have not looked into it, I don't really support it any more coz of the horribly outdated dev environment. I'm not going to do it tho. But the ScreamerM2 is a quite nice board...
Reply Retweet Označi sa "sviđa mi se"
Ulf Frisk 7. sij
Odgovor korisniku/ci @Stoworow
no, I'm not aware, I have not looked into it into detail yet, but you'll be able to get most PCIe TLP packets onto other computers USB as-is now.
Reply Retweet Označi sa "sviđa mi se"
Ulf Frisk 7. sij
Odgovor korisniku/ci @UlfFrisk
It's also possible to configure FPGA PCIe core to receive most config packets on software interface - mbe it's even possible to emulate a device in software (not implemented tho).
Reply Retweet Označi sa "sviđa mi se"
Ulf Frisk 7. sij
Odgovor korisniku/ci @UlfFrisk
Rebuild and flash FPGA to activate custom configspace (recommended), or activate on pre-built bitstream by calling LeechCore library API (less recommended).
Reply Retweet Označi sa "sviđa mi se"
Ulf Frisk 7. sij
PCILeech FPGA custom PCIe configspace now supported! Mimic real devices more closely for research purposes 😈 Also, code signing of binaries.
Reply Retweet Označi sa "sviđa mi se"