Yuriy Bulygin
@c7zero
Followers
4K
Following
2K
Media
73
Statuses
3K
@eclypsium, @CHIPSEC. Former @intel, @IntelSecurity, @McAfee
Joined April 2010
I've got some really cool gift recently... UEFI Petya PoC: https://t.co/NH0XgugFHB 😁
2
32
128
The BadCAM research has been published! Why is this significant? Attackers can now weaponize connected USB peripherals that run Linux and do not validate firmware signatures.
1
10
22
If you use llamafile, llama.cpp, llama-cpp-python, Oobabooga, LMStudio or any other software that exposes llama.cpp grammar sampling, I found a few remotely exploitable bugs triggered through a single web request that got patched today. More to come from my work at @Eclypsium
0
35
110
found a critical bug that exists in every Linux boot loader signed in the past decade 🥰 https://t.co/kjATsR4uvJ
17
122
543
I've been getting to know Bluetooth recently, and it is a scary place :)
4
38
133
Added #downfall detection via content update
A recent update to the Eclypsium platform allows customers to detect one of the latest hardware attacks against Intel processors dubbed "Downfall." Downfall allows attackers to steal data from other processes, such as cryptographic keys. Fixes are available for certain platforms.
0
1
4
I found a remote(-ish) memory corruption bug in Intel's BIOS. Bluetooth HID Report parsing is yucky https://t.co/8s0uQGMo4z
nccgroup.com
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
1
49
148
Hundreds of models of Gigabyte motherboards, used in gaming and other high-performance computers, have a backdoor in their firmware that invisibly downloads code to the machine at startup—and does so insecurely, leaving the feature open to abuse.
wired.com
Hidden code in hundreds of models of Gigabyte motherboards invisibly and insecurely downloads programs—a feature ripe for abuse, researchers say.
15
235
470
Eclypsium analysis found a backdoor in Gigabyte systems implementing intentional functionality during system startup. Due to significant #supplychainrisk, we're disclosing this info & defensive strategies on an accelerated timeline >> https://t.co/HgmUUmFPq2
#supplychainsecurity
eclypsium.com
Eclypsium Research discovers that Gigabyte motherboards have an embedded backdoor in their firmware, which drops a Windows executable that can download and execute additional payloads insecurely. The...
4
43
81
Attention anyone having an MSI motherboard or computer. MSI just said they were hacked and attackers might have tried modifying BIOS and software updates. Disable all updates from MSI for the time being https://t.co/7bm7yYT0Nv
pcmag.com
The ransomware group is reportedly demanding $4 million or it will leak the stolen data, which includes company source code.
11
143
286
Such a loss :(
It is with profound sadness that we mourn the loss of our friend and mentor, @aloria. Kelly had an indomitable spirit, and our world is a bit darker without her.
0
0
0
New release: #TinyTracer v2.3 : https://t.co/Ajq09c2TUQ - with improved syscalls tracing support - now syscalls are automatically mapped to corresponding functions names
7
160
489
It's no surprise that supply chain security has become a top national priority. In its recently-published SP 1800-34, NIST hones in on one of the most important, challenging aspects of #supplychainsecurity — devices. Here, we highlight the key takeaways.
eclypsium.com
Today, virtually every business and mission-critical task depends on complex technology supply chains, and organizations need to know for certain that these assets are authentic, unaltered, and free...
0
5
6
We finally released our research about an 0day RCE we found on the Western Digital PR4100 NAS device. Check it out on our NEW WEBSITE:
flashback.sh
RCE with a plot twist.
0
49
121
https://t.co/fFZc051E6C - I just uploaded the slides for my #BlueHat talk
1
20
63
Are you looking to learn about Bootkits, Rootkits, SMM or UEFI exploitation and debug? With this @_ringzer0 class you will gain hands-on experience in these and more! https://t.co/QIJl8Aspdy
#RETURN23XPLOIT #offensivesecurity #Training
1
18
57
Our team has discovered 3 vulnerabilities in American Megatrends, Inc. MegaRAC Baseboard Management Controller software.These vulnerabilities range in severity & include remote code execution & unauthorized device access w/superuser permissions.More here! https://t.co/Pirsj71UiR
0
3
13
Very proud of this latest research coming out of my team here at @eclypsium 🤘 Watch for updates coming from OEMs in the coming days & make sure your BMC network is off the internet (we scanned, didn’t find much). Lock down your internal networks & use remote syslog.
This is really awesome research from the team at Eclypsium (you likely need to patch something): https://t.co/fGHjoHhX0t
0
4
17