Joanna Rutkowska on Twitter: "Attacking #IntelME by @h0t_max & @_markel...
source link: https://twitter.com/rootkovska/status/938458875522666497
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Conversation
Attacking #IntelME by
&
at #BHEU 1. Requires malformed file on SPI flash (needs physical access or bug in BIOS) 2. Bug in early-loaded module, so ME "disabling" by HAP is not a cure 3. Culprit is classic(!) stack overflow 4. Full code exec in ME Congrats!
Recommend
-
86
Maxim Goryachy on Twitter: "Game over! We (I and @_markel___ ) have obtained fully functional JTAG for Intel CSME via USB DCI. #intelme #jtag #inteldci https://t.co/cRPuO8J0oG" Don’t miss what’s happeningPeople on Twi...
-
80
yrp604/atc-sources master
-
38
msdat - MSDAT: Microsoft SQL Database Attacking Tool
-
8
How to Talk so Little Kids Will Listen by Joanna Faber and Julie King Sandor Dargo 1 day ago2021-04-17T00:00:00+02:00I just finished filling up my kindle with books enough probably for the whole year ba...
-
10
Part 3: The Golden Pulse Secure SSL VPN RCE Chain, with Twitter as Case Study! Attacking SSL VPN - Part 3: The Golden Pulse Secure SSL VPN RCE Chain, with Twitter as Case Study! Author: Orange Tsai(
-
10
Tensions between IT teams and employees working from home threaten the security of organizations, with attempts to increase or update security for remote working regularly rebuffed in the name of business continuity. HP Inc. CISO Joanna Burke...
-
6
Interview - Thought-provoking Conversation With AI Expert, Joanna Bryson ...
-
6
“Attrition” – a guest post by Joanna Hardy-Susskind 22nd July 2022 The guest post below by Joanna Hardy-Susskind is a remarkable...
-
9
Credit:
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK