Alexander Ermolov

@flothrone

Security researcher. Low-level design, BIOS and other firmwares, system software

Vrijeme pridruživanja: srpanj 2017.

Tweetovi

Blokirali ste korisnika/cu @flothrone

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @flothrone

  1. proslijedio/la je Tweet
    1. velj

    I am quite exhausted from the sheer complexity of the research I have been doing, having just spoken about the ME at . Now it's your turn: Please look into it as well and post your follow-up insights! ✨👩🏻‍💻 Slides: Video will follow.

    Prikaži ovu nit
    Poništi
  2. proslijedio/la je Tweet
    21. sij

    Untrusted Roots: exploiting vulnerabilities in Intel ACMs by

    Poništi
  3. proslijedio/la je Tweet
    31. pro 2019.

    Slightly late, but here's the slides to my talk: . Contains some useful bonus slides and links, somewhere in the next few days I will add more references to prior work on this subject.

    Poništi
  4. proslijedio/la je Tweet
    19. pro 2019.

    A new set of "Mac firmware security" pages are finally out, thanks to . Check it out, it's what me and my teammates at Apple had beet working on really damn hard for the last several years.

    Poništi
  5. proslijedio/la je Tweet
    22. stu 2019.

    Check it out for more about the first-in-the-world work & Rafal Wojtczuk have done for UEFI DMA protection and UEFI sandboxing of PCIe Option ROMs

    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet
    24. lis 2019.

    ": The iPhone Exploit That Hackers Use to Research Apple’s Most Sensitive Code" This is what the title of this write-up would be if it was a VICE article. This is a detailed write-up of the vulnerability I found and how the exploit really works.

    Poništi
  7. proslijedio/la je Tweet
    Poništi
  8. proslijedio/la je Tweet
    18. lis 2019.

    checkm8-arduino PoC - the checkm8 port for Arduino and USB Host Shield.

    Poništi
  9. proslijedio/la je Tweet
    11. lis 2019.

    I've started writing a series of articles about reverse engineering the Management Engine, I've just uploaded the first two: , and

    Poništi
  10. proslijedio/la je Tweet
    27. ruj 2019.

    EPIC JAILBREAK: Introducing checkm8 (read "checkmate"), a permanent unpatchable bootrom exploit for hundreds of millions of iOS devices. Most generations of iPhones and iPads are vulnerable: from iPhone 4S (A5 chip) to iPhone 8 and iPhone X (A11 chip).

    Prikaži ovu nit
    Poništi
  11. proslijedio/la je Tweet
    26. ruj 2019.

    We've just released a new paper "New Memory Type Against Speculative Side-Channel Attacks". Read it here:

    Poništi
  12. proslijedio/la je Tweet
    16. ruj 2019.
    Poništi
  13. proslijedio/la je Tweet
    30. kol 2019.

    lpe is a collection of verified Linux kernel exploits. Exploit testing is fully automated. Feel free to make a pull request with a new exploit to see it by yourself 😉 The end goal is to collect all public exploits that actually work.

    Poništi
  14. proslijedio/la je Tweet

    [CPR-Zero] CVE-2019-1159 (Windows 10 Kernel): Use-After-Free in the GetDCEx function in win32kfull.sys.

    Poništi
  15. proslijedio/la je Tweet
    17. kol 2019.

    I wrote a blog post "Breaking Through Another Side: Bypassing Firmware Security Boundaries". It's a first part of the series based on our research with Alexandre Gazet. HW/FW Security != Summary of all Security Boundaries

    Poništi
  16. proslijedio/la je Tweet
    14. kol 2019.

    presents a flaw in the UEFI microcode loader which tricks it into downgrading the CPU microcode, opening up exploitation of patched vulnerabilities in Authenticated Code Modules and the bypassing of hardware-based trusted/measure boot

    Poništi
  17. proslijedio/la je Tweet
    12. kol 2019.
    Poništi
  18. proslijedio/la je Tweet
    10. kol 2019.
    Poništi
  19. proslijedio/la je Tweet
    8. kol 2019.
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·