New research "A deeper UEFI dive into #MoonBounce". We discovered that CORE_DXE is quite old (Fri Jul 18 2014). We need to increase the industry awareness to FW threats and build more effective threat hunting programs with cross-industry collaboration. binarly.io/posts/A_deeper…

Curious on how to use Ghidra for reversing embedded firmware ? 🔍 Join me for two days of training on @advancedsecio platform for getting a deeper look at your embedded devices. 🕑 29 - 30 June 2022 (2 days) 🎙 Training Live Stream 🔗 advancedsecurity.training/training/live-…

Interested in what we are capable of ? Bruno will be presenting a 0-day vulnerability in the Windows 11 kernel at #Pwn2Own organized by TrendAI Zero Day Initiative ! The attempt will be streamed here at 10:30 PM CET: youtube.com/watch?v=y5kKpr… #P2O15

Success!! - On the last attempt of our 2022 #Pwn2Own Vancouver competition, Bruno PUJOS (Bruno) from REverse Tactics demonstrated a Windows 11 EoP. On to the disclosure room!

We closed the 15th edition of #Pwn2Own by demonstrating a LPE vulnerability in the Windows kernel! The vulnerability existed for almost 10 years! Thank you TrendAI Zero Day Initiative for an amazing contest and stay tuned for technical details once Microsoft has patched! #P2O15

Après 3 ans de pause, BeeRumP 2022 aura lieu le 16 septembre dans les locaux du @GroupeESIEA à Ivry ! Vous pouvez d'ores et déjà envoyer vos soumissions de rump à [email protected] (le meilleur moyen d'avoir une place 😁) !

Et de une ! Clement Rouault de ExaTrack nous fait encore une fois l'honneur d'une rump : "Chez moi ça marche" !

Today we've published Intel Microcode decryptor! It gives you an amazing opportunity for researching x86 platforms. You can understand how Intel mitigated spectre vulnerability, explore the implementation of Intel TXT, SGX,VT-x technologies! Enjoy it! github.com/chip-red-pill/…

[ZDI-22-1077|CVE-2022-34699] (Pwn2Own) Microsoft Windows win32kbase Use-After-Free Privilege Escalation Vulnerability (CVSS 8.8; Credit: @brunopujos) zerodayinitiative.com/advisories/ZDI…

The LPE vulnerability in the windows kernel we reported during #Pwn2Own 2022 in May has been patched by Microsoft on August 9: CVE-2022-34699. Leave us some time to reverse the patch and we are going to publish the technical details for the vulnerability! zerodayinitiative.com/advisories/ZDI…

So an AMD engineer and 2 Google engineers walk into a bar... and write an article about how "Hello World" in #Python works. The article turns out to be 26 pages. From Python, through C, WinAPI/Kernel, font rendering, to GPU. Enjoy! gynvael.coldwind.pl/?lang=en&id=754 asawicki.info/news_1762_hell…

Earlier this year, one of our interns found a vulnerability that affects applications using the SQLite library API. We are publicly disclosing that vuln today. blog.trailofbits.com/2022/10/25/sql…

Welcome to cbayet who is joining REverse Tactics for handling exciting security challenges and discovering new vulnerabilities!

Our team is ready for another edition of #Pwn2Own Vancouver, stay tuned for some VirtualBox VM escape and Windows elevation of privileges ! cbayet is on-site at Vancouver to meet you all !

It's a full win! During the first day of #Pwn2Own Vancouver 2024, we demonstrated a fullchain exploit that escaped from an Oracle Virtualbox's virtual machine, followed by a local elevation of privilege on the Windows 11 host!

All the vulnerabilities we used at #Pwn2Own Vancouver 2024 have been patched ! A thread of the vulnerabilities we used to escape VirtualBox and elevate privilege on the Windows host 🧵⬇️

Are you curious about the vulnerabilities we used against Oracle VirtualBox at #Pwn2Own earlier this year ? We will be at GreHack to talk about it ! Following up on last year's talk, cbayet will present tools and techniques to find and exploit vulnerabilities in hypervisors

Ready for GreHack ! This Friday, catch cbayet's talk "Attacking Hypervisors: A practical case". If you're attending, Last year's talk is a must-read for background on hypervisor security. Check it out here : reversetactics.com/publications/2…

Slides & video from our GreHack talk "Attacking Hypervisors - A Practical Case" are online! Learn how we exploited vulnerabilities to escape VirtualBox during Pwn2Own Vancouver 2024: reversetactics.com/publications/2…

Slides and video of our talk at offensivecon are already online ! Thanks to Binary Gecko for the amazing event reversetactics.com/publications/2…