Don't miss the rest of today's #DEFCON32 author signings! Matt Burrough & jos weyers RCX (Locksport) at 2:30pm. Chris Eagle & Kara Nance (The Ghidra Book) at 3:30pm. Alex Matrosov (Rootkits and Bootkits) at 4:30pm. Detailed schedule + map: nostarch.com/defcon

Returned to Cupertino and restarted my FWSEC job today. Was a productive leave and I was able to resolve most of the issues that pushed me into it, but selling everything and moving over the Atlantic just to move back in 4 month is no fun, will try not to repeat this ever again.

Last week, National Institute of Standards and Technology rolled out new guidance on Post-Quantum Encryption. ⏳The clock is ticking ... “Technology managers can inventory their systems for applications that use encryption, which must be replaced before cryptographically relevant quantum computers appear."

The question is whether this key is reused (like the Intel Boot Guard story) across the Intel ecosystem or rotates per CPU generation or product line🍿 Confidential computing? 🔥

Thanks to BINARLY🔬 for Sponsoring #OST2 at the Gold🥇 level! Learn more about them here: binarly.io

We are thrilled to make Chiba public, a centralized management system PoC for racks running OpenBMC. We believe this initiative will enhance transparency within the OEM supply chain. Patch are welcomed! github.com/hardenedlinux/… Roy Mu 💙💛 Open Source Firmware Conference Open Source Firmware Foundation #chiba #openbmc

We believe in giving back to the research community that drives progress! We are proud to support OpenSecurityTraining2 in advancing security education and knowledge sharing.

🎉 The all-new Binarly Transparency Platform v2.5 introduces Reachability Analysis to help security teams prioritize vulnerabilities by analyzing the potential reach and impact of exploitable code paths. A game-changer in software security! binarly.io/blog/introduci…

Wohoo! BINARLY🔬 has just released 2.5 of their platform with some major new capabilities like reachability analysis, custom rules , secret discovery and cryptographic asset discovery, and container support. youtu.be/4TG6X1WjWH4?si…

Most products that detect secrets do little more than a ‘strings’ looking for certificates and high entropy data. BINARLY🔬 actually does reachability analysis which cuts down on the noise substantially enabling you to focus on what matters.

🎤 Excited to announce Zaolin's demo at Dasharo vPub: "@Binarly_io Risk Hunt: Finding Firmware Vulnerabilities in the Wild!" #Dasharo #FirmwareSecurity #Binarly #RiskHunt #CyberSecurity #Firmware #VulnerabilityHunting 📄 More info: buff.ly/4dPT6af

Zaolin BINARLY🔬 Philipp will showcase the latest updates to Binarly's Risk Hunt platform and demonstrate its capabilities. 🗓️ Sep 12, 19:00 UTC 🎟️ Sign up: buff.ly/47dBUJk

🚨NEW: "PKfail Two Months Later: Reflecting on the Impact." by Fabio Pagani Based on pk.fail data 📈 🖥️10,095 unique firmware images uploaded 🔥791 of which contained an untrusted PK 🛟9304 is safe 💥8.5% vulnerable rate 🔬Full report: binarly.io/blog/pkfail-tw…

Secure Boot-neutering PKfail debacle is more prevalent than anyone knew arstechnica.com/?p=2050182

More updates will be coming tomorrow at the #LABScon stage. The problems related to the test and non-production keys are much bigger than we initially thought.

NEW! Repeatable Failures: Test Keys Used to Sign Production Software…Again? 🔥Full details: binarly.io/blog/repeatabl…

The Qubes OS Summit 2024 has officialy started! We’d like to extend our gratitude once more to our Platinum Sponsors, Freedom of the Press Foundation and Mullvad.net for their unwavering support! Don't forget, you can still grab your virtual pass here: buff.ly/3MLiS3E

I chatted with Zaolin from BINARLY🔬 about firmware vulnerabilities, reverse engineering binaries, and the challenges in responsible disclosure. Don't miss this deep dive into firmware security! Listen here: vpetersson.com/podcast/S01E20…

Our REsearch team is thrilled about the new IDA v9.0! #efiXplorer is fully compatible with v9.0 and still supports IDA v8.4🚀 🔬github.com/binarly-io/efi… We are thrilled to announce IDAlib — idiomatic Rust bindings for the IDA SDK 🎉 Kudos to Sam Thomas! ⚙️github.com/binarly-io/ida…