A practical approach to IoT devices vulnerability research Series (2021) by Ruben Santamarta (IOActive Labs) Part 1: labs.ioactive.com/2021/02/a-prac… Part 2: labs.ioactive.com/2021/02/a-prac… Part 3: labs.ioactive.com/2021/02/a-prac… #iot

Tutorial on EV charger firmware extraction, analysis, and Emulation github.com/onekey-sec/BHE… #embedded #cybersecurity

Firmware encryption bypass on ESP32 (side channel attacks) courk.cc/breaking-flash… #infosec #espressif

Collision! Dong, 남훈, Jaeho Jeong, 정상수, and nonetype of 78ResearchLab hit a one‑vulnerability collision against the Alpine iLX‑F511, earning $5,000 USD and 1 Master of Pwn point. #Pwn2Own #P2OAuto

As if competing in #Pwn2Own isn’t pressure enough, imagine being on stage in front of your professor as well! The team from 78ResearchLab is doing just that as the successfully target the Phoenix Contact CHARX. Well done! #P2OAuto

Verified! 김동희 and kjg of Team K exploited two vulnerabilities - an out-of-bounds read and a stack-based buffer overflow - against the Alpine iLX-F511, earning $10,000 USD and 2 Master of Pwn points. #Pwn2Own #P2OAuto

Another Collision! Dong, 남훈, Jaeho Jeong, 정상수, nonetype of 78ResearchLab targeted the Phoenix Contact CHARX SEC‑3150, chaining four bugs (two unique and two collisions) to earn $15,000 USD and 3 Master of Pwn points.

Collision! Dong, 남훈, Jaeho Jeong, 정상수, and nonetype of 78ResearchLab targeted the Kenwood DNR1007XR, exploiting one n-day vulnerability along with two collisions to earn $2,500 USD and 1 Master of Pwn point. #Pwn2Own #P2OAuto

"From Zero to QEMU: A journey into system emulation" (slide deck by Antonio Nappa) docs.google.com/presentation/d… #infosec #qemu

“Reverse engineering Realtek RTL8761B* Bluetooth chips, to make better Bluetooth security tools & classes” (slide deck by Xeno Kovah) darkmentor.com/publication/20… #infosec

UART access and command injection on the Nokia Beacon 1 router by spaceraccoon.dev/nokia-beacon-r… #iot #infosec

VulHunt: vulnerability detection framework by BINARLY🔬 github.com/vulhunt-re/vul… Accompanying blog series: binarly.io/blog/vulhunt-i… binarly.io/blog/vulhunt-i… binarly.io/blog/vulnerabi… binarly.io/blog/vulhunt-i… binarly.io/blog/agentic-v… #infosec