#firmwarebleed search results
⚡️You don't want to miss our #FirmwareBleed talk with @_zaolin_ tomorrow at #OSFC2022. When it comes to firmware supply chain security, the industry constantly failing. #FwHunt binarly.io/posts/Firmware… osfc.io/2022/talks/fir…
🔥The inconsistency in applying mitigations indicates a failure in the firmware supply chain when reference code from Intel and AMD contains mitigations but device vendors have not adopted them as intended. #FirmwareBleed 🔬Trust but verify! #FwHunt binarly.io/posts/Firmware…
New Study Finds Most Enterprise Vendors Failing to Mitigate Speculative Execution Attacks thehackernews.com/2022/07/new-st… #supplychain #cybersecurity #firmwarebleed
It took almost two years for #FirmwareBleed to be accepted by Intel as a security issue. This industry badly needs a radical push by more strict compliance regulations on (in)secure by design. intel.com/content/www/us…
⛓️Thank you @IntelSecurity for fixing the incomplete RSB stuffing SMM mitigation (#FirmwareBleed/CVE-2022-38087). 💥BRLY: binarly.io/advisories/BRL… 💥Intel: intel.com/content/www/us… 💥IBM: ibm.com/support/pages/… 💥Dell: dell.com/support/kbdoc/… 🔬Details: binarly.io/posts/Firmware…
#FirmwareBleed — A new study has highlighted an " industry failure" to adopting mitigations for "Speculative Execution" attacks released by #AMD and Intel, posing a firmware supply chain threat. thehackernews.com/2022/07/new-st… #infosec #cybersecurity #hacking #malware
The speculative execution bugs like #Zenbleed are not rare and break confidential computing by design. We have been working with device vendors for over a year to fix #FirmwareBleed/CVE-2022-38087. Stay tuned for new AMD-specific REsearch at #LABScon23! binarly.io/advisories/BRL…
binarly.io
[BRLY-2022-028] Absence or incomplete applying the Return Stack Buffer (RSB) stuffing mitigation...
Binarly REsearch Team discovered that most enterprise vendors are affected by not correctly applying the Return Stack Buffer (RSB) stuffin...read more
I'm very proud of the REsearch we conducted together with @AlexTereshkin and @Adam_pi3 last year on Intel BSSA DFT bug (this slide is part of it). However, we have not seen much adoption of these mitigations in the wild. The #FirmwareBleed has also been skipped by the industry.
The INTEL-SA-00706 should also address #FirmwareBleed and acknowledge @Binarly_io on discovering this issues at scale. #FirmwareBleed is only confirmed in this advisory as a legitimate problem (github.com/binarly-io/Vul…).
Glad to see that Intel updated their rsb stuffing guidance with way more comprehensive information including the need at vmenter as we have reported: intel.com/content/www/us… #Openness
intel.com
Retpoline: A Branch Target Injection Mitigation
Technical deep dive on using the retpoline software construct to help mitigate branch target injection (Spectre v2) cross-domain transient execution attacks
It took almost two years for #FirmwareBleed to be accepted by Intel as a security issue. This industry badly needs a radical push by more strict compliance regulations on (in)secure by design. intel.com/content/www/us…
The speculative execution bugs like #Zenbleed are not rare and break confidential computing by design. We have been working with device vendors for over a year to fix #FirmwareBleed/CVE-2022-38087. Stay tuned for new AMD-specific REsearch at #LABScon23! binarly.io/advisories/BRL…
binarly.io
[BRLY-2022-028] Absence or incomplete applying the Return Stack Buffer (RSB) stuffing mitigation...
Binarly REsearch Team discovered that most enterprise vendors are affected by not correctly applying the Return Stack Buffer (RSB) stuffin...read more
⛓️Thank you @IntelSecurity for fixing the incomplete RSB stuffing SMM mitigation (#FirmwareBleed/CVE-2022-38087). 💥BRLY: binarly.io/advisories/BRL… 💥Intel: intel.com/content/www/us… 💥IBM: ibm.com/support/pages/… 💥Dell: dell.com/support/kbdoc/… 🔬Details: binarly.io/posts/Firmware…
⚡️You don't want to miss our #FirmwareBleed talk with @_zaolin_ tomorrow at #OSFC2022. When it comes to firmware supply chain security, the industry constantly failing. #FwHunt binarly.io/posts/Firmware… osfc.io/2022/talks/fir…
The INTEL-SA-00706 should also address #FirmwareBleed and acknowledge @Binarly_io on discovering this issues at scale. #FirmwareBleed is only confirmed in this advisory as a legitimate problem (github.com/binarly-io/Vul…).
Glad to see that Intel updated their rsb stuffing guidance with way more comprehensive information including the need at vmenter as we have reported: intel.com/content/www/us… #Openness
intel.com
Retpoline: A Branch Target Injection Mitigation
Technical deep dive on using the retpoline software construct to help mitigate branch target injection (Spectre v2) cross-domain transient execution attacks
I'm very proud of the REsearch we conducted together with @AlexTereshkin and @Adam_pi3 last year on Intel BSSA DFT bug (this slide is part of it). However, we have not seen much adoption of these mitigations in the wild. The #FirmwareBleed has also been skipped by the industry.
🔥The inconsistency in applying mitigations indicates a failure in the firmware supply chain when reference code from Intel and AMD contains mitigations but device vendors have not adopted them as intended. #FirmwareBleed 🔬Trust but verify! #FwHunt binarly.io/posts/Firmware…
#FirmwareBleed — A new study has highlighted an " industry failure" to adopting mitigations for "Speculative Execution" attacks released by #AMD and Intel, posing a firmware supply chain threat. thehackernews.com/2022/07/new-st… #infosec #cybersecurity #hacking #malware
New Study Finds Most Enterprise Vendors Failing to Mitigate Speculative Execution Attacks thehackernews.com/2022/07/new-st… #supplychain #cybersecurity #firmwarebleed
⚡️You don't want to miss our #FirmwareBleed talk with @_zaolin_ tomorrow at #OSFC2022. When it comes to firmware supply chain security, the industry constantly failing. #FwHunt binarly.io/posts/Firmware… osfc.io/2022/talks/fir…
🔥The inconsistency in applying mitigations indicates a failure in the firmware supply chain when reference code from Intel and AMD contains mitigations but device vendors have not adopted them as intended. #FirmwareBleed 🔬Trust but verify! #FwHunt binarly.io/posts/Firmware…
Something went wrong.
Something went wrong.
United States Trends
- 1. Good Monday 23.5K posts
- 2. Steelers 53.5K posts
- 3. #ITZY_TUNNELVISION 32.4K posts
- 4. Mr. 4 4,739 posts
- 5. #MondayMotivation 29K posts
- 6. Rudy Giuliani 13.4K posts
- 7. Resign 115K posts
- 8. Chargers 38.7K posts
- 9. Schumer 235K posts
- 10. #Talus_Labs N/A
- 11. Happy Birthday Marines 3,229 posts
- 12. Tomlin 8,409 posts
- 13. 8 Democrats 10.6K posts
- 14. Rodgers 21.6K posts
- 15. Tim Kaine 23.2K posts
- 16. Sonix 1,434 posts
- 17. Voltaire 9,252 posts
- 18. Angus King 19.2K posts
- 19. #BoltUp 3,134 posts
- 20. The BBC 406K posts