Kinibi TEE: reaching arbitrary code execution in a Trusted App synacktiv.com/posts/exploit/…

Here are the slides for my talk last week Insomni'hack "Building a Flexible Hypervisor-Level Debugger" drive.google.com/open?id=1ZMUsz…

The main objective of EXFILES project is to improve Law Enforcement Agencies techniques and methods, to extract digital evidence from modern encrypted smartphones used by criminals based on holistic approach (both software and hardware). #exfiles #h2020 #horizon2020 #euvation

In our latest blog post we exploit CVE-2020-11256 in order to achieve arbitrary code execution in QSEE, Qualcomm's TEE, on IPQ40xx-based devices. We modified the MMU's L1 translation table to execute directly from non-secure memory! raelize.com/blog/qualcomm-…

My article (in French) in MISCmag about the chip Titan M is now freely available. Check it out if you want to know more about how the chip communicates with Android. connect.ed-diamond.com/MISC/misc-114/…

Les résultats du challenge #Cybersécurité DG’hAck 2021 sont là ! Bravo aux + de 1000 participants qui ont relevé le défi & rendez-vous l’année prochaine! (ou dans les prochains jours pour les gagnants!) Les solutions des challenges ici ➡️ dghack.fr #CohésionDéfense

Exploiting Dirty Pipe on Android Two publications, both use similar techniques without additional vulnerabilities. 1. Notes and an exploit by polygraphene: github.com/polygraphene/D… 2. Slides by Giovanni Rocca Giovanni Rocca: docs.google.com/presentation/d…

La Gendarmerie nationale démantèle une organisation criminelle internationale facilitant le vol de véhicules par piratage - interpellation coordonnée de 31 individus - enquête menée par #ComCyberGend sous l'autorité du parquet cyber de la JUNALCO 1/2👇 bfmtv.com/police-justice…

Thanks to everyone for this awesome conference #HEXACON2022

0-Day Insights - Deep Dive: Qualcomm MSM Linux Kernel & ARM Mali GPU 0-day Exploit Attacks of October 2023 zerodayengineering.com/insights/qualc… (by Alisa Esage Шевченко)

Full Chain Baseband Exploits. Details of the baseband and baseband-to-AP pivot vulnerabilities, exploitable for RCE, chained together at the same time ▶️Part 1: labs.taszk.io/articles/post/… ▶️Part 2:labs.taszk.io/articles/post/… ▶️Part 3: labs.taszk.io/articles/post/… Taszk Security Labs Daniel Komaromy

⚡️0-Day Insights: Vmware Critical Security Advisory for ESXi, Workstation, Fusion hypervisors 1. Vmware just released security patches for four critical vulnerabilities that affect their entire core hypervisor stack: CVE-2024-22252, CVE-2024-22253, CVE-2024-22254,

Nous recrutons dans notre équipe. Si vous avez des compétences en RE, souhaitez travailler au profit de la Gendarmerie en tant qu'expert judiciaire et manager une équipe de passionnés : …stereinterieur-career.talent-soft.com/Pages/Offre/de… (rt apprécié)

🎥 TF1 est revenu sur le rôle clé des experts du Forces cyber du ministère de l'Intérieur lors d'une opération judiciaire internationale visant les utilisateurs de la messagerie chiffrée "Ghost". Une expertise qui a permis d'infiltrer des📱pourtant réputés impossibles à pirater... 💪 tf1.fr/tf1/jt-20h/vid…

Gal Beniamini And wrote a script to decrypt all keystore keys. This can also be used to bruteforce the FDE passphrase off the device! (2/2)

Awesome ! x.com/laginimaineb/s…

blog.cr4.sh/2016/06/explor… PRx bypass

Samsung security: No scrypt, single iteration hmac_sha512. Offline bruteforcing hw crypto. Seriously ? Even Google did a better job.

b370c7d85476823ef83d3991cb8078b954c3a8ffe7f2437ea23c4c7ea72a66544644b869849e4635dfbf74824a61a733

Project Zero blog: "Over The Air - Vol. 2, Pt. 3: Exploiting The Wi-Fi Stack on Apple Devices" by Gal Beniamini - googleprojectzero.blogspot.com/2017/10/over-a…