I wrote about a file format for Unreal Engine 2 games which for the last 20 years has inadvertently hidden game assets from data miners... until now :)

Exciting times! All-new Binarly Transparency Platform 3.5 is live 🚀 Full Java ecosystem visibility + enterprise-scale integration with YARA. See what your products depend on, write smarter rules, and eliminate YARA chaos. https://t.co/dQRqi324W3

This year @binarly_io has also expanded their sponsorship to the creation of a new Firmware Security Learning Path! This captures current and future plans for classes involving security in the deep-dark of firmware! But Binarly is starting to give visibility into what's going on

NEW! We hang out with OpenAI's Dave Aitel to talk about Aardvark and the exotics of LLM bug hunting Listen on Spotify: https://t.co/Q40ed48Yi6

I built a program analysis tool which identifies cryptographic algorithms in Java bytecode and wrote about it. Core logic backed by Joern and Code Property Graphs. Hat tip for the great tech @fabsx00, and shout-out to @xorpse and @yeggorv for the support

💥 We’ve just raised €1M in pre-seed funding to accelerate the development of FuzzForge. When I started FuzzingLabs, everything was bootstrapped: our audits, our trainings, our R&D. No investors, no funding. Just a passionate team obsessed with offensive security and the

🎉 Big news from the Binarly research, product and engineering teams: YARA is now fully integrated into the v3.5, bringing threat hunting and threat intelligence directly into the same environment used for product and software supply-chain security. https://t.co/qNakbPkNlS

We're officially announcing our speakers DistrictCon Year 1! Check out our incredible lineup:

🚀 New Release: Cryptographic Algorithm Identification in Java Bytecode. Our new analyzer scans JARs (and soon Android packages) to uncover algorithm usage, provide reachability insights, and report NIST 8457 compliance. Dive into the details:

Memory dumps aren’t always reliable. In “A Comprehensive Quantification of Inconsistencies in Memory Dumps” (with @balzarot), to be presented on October 20 at RAID 2025, Gold Coast, Australia, we quantify, classify, and trace how kernel activity and acquisition setups cause them.

Our @defcon'33 talk is online: https://t.co/RPY7WZx8Qz! Ever wondered how to get banned from online games without cheating? We've got you covered! Check out this talk for fun hacks tripping off modern anticheats. Joined work with @Cowtickle & @TomChothia.

⚡️UEFI system firmware still has a mitigation gap, and we measured it. We scanned 5,477 firmware images covering 2.3M+ UEFI modules with the Binarly Transparency Platform. The results are… 🔥 🧵👇 https://t.co/pZJbbgE2GV

TIL about Patina, an effort to implement core UEFI firmware components in Rust the project has a very nice github page, incl. UEFI memory safety case studies, and a view on how / where Rust can help mitigate such issues

Second recommendation (again from Microsoft): "Secure Boot: Lessons Learned and What’s Next" by Sochi Ogbuanya and Doug Flick. Great behind-the-scene look into how Microsoft is rolling out the new UEFI CA 2023 certificates. Looks trivial on paper (“just add a cert to db”), but in

First recommended talk is "Patina: UEFI in Rust" by Michael Kubacki (Microsoft). They are rewriting UEFI firmware in Rust to eliminate memory safety issues and more. Really curious to see how this effort evolves and how it'll impact IBVs, OEMs and the ecosystem in general.

We presented "Signed and Dangerous: BYOVD Attacks on Secure Boot" and "Repeatable Supply Chain Security Failures in Firmware Key Management", with latest data from the ecosystem, providing fresh insights into these issues and their impact:

Just got back from @osfc_io and @UEFIForum DevCon! Here’s a quick thread on our @binarly_io contributions and a few of my favorite presentations🧵

⛓️‍Tomorrow, Binarly REsearch is presenting the second talk "Repeatable Supply Chain Security Failures in Firmware Key Management". 🔑 Recurring issues with leaked, expired, or test signing keys used in production firmware. More details: https://t.co/hTQBsy2bI4

Microsoft just open sourced a Rust implementation of UEFI boot firmware called "Patina" this is a MASSIVE step forward in improving boot security for all. Exciting!!! https://t.co/xDXwBKyfFD

⚡️Binarly REsearch excited to present “Signed and Dangerous: BYOVD Attacks on Secure Boot” at the UEFI 2025 Developers Conference & Plugfest! @pagabuc More details: https://t.co/13b6KKIIwd