Week 27 In Review – 2016

Resources Exploring and exploiting Lenovo firmware secrets - blog.cr4.sh Hi, everyone! In this article I will continue to publish my research of Lenovo ThinkPad’s firmware. Previously I shown how to discover and exploit SMM callout vulnerabilities on example of SystemSmmAhciAspiLegacyRt UEFI driver 1day vulnerability. Also, I introduced a small toolkit called fwexpl that provides API for comfortable development of firmware [...]

Week 9 In Review – 2015

Resources BSides Tampa 2015 Videos – irongeek.com These are the videos from the BSides Tampa conference. You can watch and download the videos from here. Gemalto presents the findings of its investigations into the alleged hacking of SIM card encryption keys by Britain's Government Communications Headquarters (GCHQ) and the U.S. National Security Agency (NSA) – gemalto.com The [...]

Week 8 In Review – 2015

Resources Equation Group: The Crown Creator of Cyber-Espionage – kaspersky.com Kaspersky Lab’s experts can confirm they have discovered a threat actor that surpasses anything known in terms of complexity and sophistication of techniques, and that has been active for almost two decades – The Equation Group. Russian researchers expose breakthrough U.S. spying program – reuters.com The U.S. [...]