내가 좋아할 만한 콘텐츠
Slides of my #BHUSA talk Shade BIOS has been uploaded! blackhat.com/us-25/briefing… Github link is below github.com/FFRI/ShadeBIOS… Thank very much for attending my presentation! I’m sorry I wasn’t able to talk to many of you, as I was feeling unwell throughout the #BlackHatEvents
⚠️ Clevo’s UEFI firmware update packages accidentally exposed Intel Boot Guard private keys, breaking the root of trust and enabling potential malicious firmware signing. 💥VU#538470: kb.cert.org/vuls/id/538470 💥More Details: binarly.io/blog/clevo-boo…
Microsoft just open sourced a Rust implementation of UEFI boot firmware called "Patina" this is a MASSIVE step forward in improving boot security for all. Exciting!!! github.com/openDevicePart…
FFRIセキュリティの純国産エンドポイント製品「yarai」は、今回アサヒグループHDを攻撃したロシア系ランサムウェア『Qilin』を検出済みでした😆 もしアサヒ🍺がyaraiを導入していたら、あの被害は防げていた可能性がありそう。。
💾✨Imagine cracking open tiny #microSD card—not just to see whats inside, but to understand it With pin-out analysis, visual signal decoding & real exercises you’ll explore the paths data take with Michal Paczkowski at #hw_ioNL2025 👉hardwear.io/netherlands-20… #monolithicdevices
🔓List of public attacks on BitLocker github.com/Wack0/bitlocke… 🪛More info about BitPixie: neodyme.io/en/blog/bitloc… If you have an account the easiest way to decrypt is if with the recovery key found at: aka.ms/myrecoverykey (personal) portal.manage.microsoft.com (managed devices)
TEEに対して物理攻撃は現実的では無いのでカバーしなくて良いとか甘えた事を言って、各ベンダがのらりくらりと躱していたら、遂に50ドルで実現してSGXやSEV-SNPを壊滅させる攻撃が出たのを、会社の人からの伝聞で知った batteringram.eu
FFRI × NFLabs. Cybersecurity Challenge 2025は無事終了いたしました。ご参加いただいた皆様、ありがとうございました。公式Writeupと問題ファイルをこちらに公開しています。参加できなかった方もぜひチェックしてみてください。 github.com/FFRI/FFRI-NFLa… #FFRI #NFLabs #CybersecurityChallenge2025
Had a blast attending and presenting at @labscon_io for the second year in a row! If you are curious about BYOVD in UEFI, and how we at @binarly_io uncovered an incomplete patch for a Supermicro BMC bug, check out our talk slides below👇
Very excited for this CodeBlue talk, as the deeper insights into this bootkit will be explained with 40-min slides. Especially for Android bootkit but Windows rootkit also seems interesting as it uses many techniques that exisiting UEFI bootkits doesn't use (WOOT paper Table 1).
I'm happy to present at CODE BLUE 2025! It’ll cover the same topic as my USENIX WOOT talk(BOOTKITTY), but this time I’ll present deeper insights into the bootkit details I couldn’t share at WOOT. See you at CODE BLUE! codeblue.jp/en/program/tim…
他のBriefingsの発表紹介は下記の発表をまとめました - Machine Check 例外による ring 0 → ring -2 権限昇格 - BYOVB(ootloader)可能なセキュアブートバイパスの脆弱性 - BitUnlocker. Windows リカバリーの脆弱性を使って Bitlocker をバイパス
今回のエンジニアブログは Black Hat USA 2025 の登壇報告になります。 今年は中川と松尾の 2 名がそれぞれ Briefings へ登壇しましたが、まずは松尾の報告になります。 登壇経緯、当日の感想に加え、いくつかの発表をご紹介します。#ffri_research #uefi engineers.ffri.jp/entry/2025/09/…
🚨Binarly REsearchers revisit an already-patched Supermicro BMC bug and discover two new high-impact vulnerabilities that expose major gaps in software supply chains. CVE-2025-7937: bypassed “fix” for CVE-2024-10237. CVE-2025-6198: Supermicro RoT bypass. binarly.io/blog/broken-tr…
United States 트렌드
- 1. #DWTS 30.6K posts
- 2. #WWENXT 14.1K posts
- 3. #DWCS 4,840 posts
- 4. Robert 102K posts
- 5. Carrie Ann 3,447 posts
- 6. #RHOSLC 3,456 posts
- 7. Elaine 51.1K posts
- 8. Whitney 14.1K posts
- 9. #USMNT N/A
- 10. Max Muncy 2,986 posts
- 11. Dylan 31.4K posts
- 12. Roldan 1,819 posts
- 13. Young Republicans 47.4K posts
- 14. Yelich 1,343 posts
- 15. Haji Wright N/A
- 16. Politico 255K posts
- 17. Mr. Feeny N/A
- 18. Peralta 5,723 posts
- 19. Danielle 9,153 posts
- 20. Pulisic 1,200 posts
Something went wrong.
Something went wrong.