Now, you can see the Hall of Fame of the Samsung Mobile Security Rewards Program. security.samsungmobile.com/hallOfFameInfo…

We just released FitM, the Fuzzer in the Middle!🎉🎉 Together with otto, Liikt and mmunier we added snapshotting and a network emulator to qemuafl. It fuzzes multiple stages of client-server interactions independently. Paper @ BAR'22, Code here: github.com/FGSect/FitM

I know Ange since the Rosetta Flash days, and can totally vouch for his reverse engineering / file format wizardry. Just look at one of his workshops (pinned tweet). He's looking for a remote job. Let's help him.

#OffensiveCon22 talks are now up on our YouTube channel! enjoy :) youtube.com/playlist?list=…

"A lot of ROMs are open source, you just need an exploit" - Carlo Mara😂

Attacking Titan M with Only One Byte Code execution and exfiltration of encryption keys from Google Pixel phone's Secure Element now being presented by Damiano Melotti and Maxime Rossi Bellom at Black Hat #BHUSA Full details are now public in their blog post: blog.quarkslab.com/attacking-tita…

Some Pixel users are upset by the fact that the Pixel 6 cannot revert from Android 13 back to Android 12. I thought it might be helpful to write a short thread on anti-rollback counters, what they are and why they should be used a lot more. 🧵 1/7

#OffensiveCon23 will take place on the 19th-20th of May 2023. Stay tuned for further updates!

New writeup about an unlocked TSEG in the Acer Swift 3 model, resulting in full SMM access: labs.ioactive.com/2022/11/explor… You can verify if your system is properly locked with Platbox: github.com/IOActive/Platb… IOActive, Inc #Acer #SMM #AMD #firmware Krzysztof Okupski n3k droogie

#OffensiveCon23 CFP is now officially open! cfp.offensivecon.org Don't wait until the last minute to submit!

Seems I will be there again 😁

My dear humans and non-humans, I present to you the speakers for #OffensiveCon23 offensivecon.org/speakers/

Join me on my journey of finding 2 critical vulnerabilities in the months after the Pixel 6 was launched 😁 I’m very excited to be part of such amazing lineup again!

Slide-deck of our talk at BH USA 2023 on attacking & securing Pixel modem are available at i.blackhat.com/BH-US-23/Prese… Farzan Karimi, Xuan & Xiling

New (explicit) addition to Android's VRP: pivot from bare-metal firmware (basebands?) to the main OS! source.android.com/docs/security/…

We are looking forward to make Fault Injection art offensivecon ! 🥳 Pew Pew Pew!

Well, it really looks legit... 🙈

More news, as I already told many last weekend / week, my team is expanding to Amsterdam! So if you want to do Offensive research on Pixel devices, ping me! google.com/about/careers/…

A big honor to coauthor with abcSup and Gulshan the very first blog from Android Red Team on analysis and exploitation of CVE-2023-20938 in Android Binder driver at androidoffsec.withgoogle.com/posts/attackin… 🔥 The slide-deck presented at offensivecon is available at androidoffsec.withgoogle.com/posts/attackin…

Happy and proud to share that our work on the AMD Sinkclose vulnerability has been published by Wired wired.com/story/amd-chip…