Fresh from Binarly REsearch team: We’ve completed an in-depth analysis of the #XZbackdoor , from initialization to the main hook enabling remote access.

Dive into our validated breakdown of techniques and backdoor functionalities, complete with proofs.
github.com/binarly-io/bin…

🎧🔥 New pod advisory: I spent time with Cris Neckar on the early days of hacking at Neohapsis, time on the Google Chrome security team, shenanigans at Pwn2Own/Pwnium, the cat-and-mouse battle for browser exploit chains, and more...

LISTEN: podcasts.apple.com/us/podcast/cri…

Binarly advisories are up and documenting detailed guidance for the security community, as always.

OOB Read in BMC firmware - Medium (CWE-125)
🔥BRLY-2024-002 binarly-io.webflow.io/advisories/brl…
🔥BRLY-2024-003 binarly-io.webflow.io/advisories/brl…
🔥BRLY-2024-004 binarly-io.webflow.io/advisories/brl…

NEW! In this blog, we discuss how our REsearchers discovered massive supply chain security failures in the AMI BMC ecosystem.

The silent Lighttpd security fix from 2018 impacted many device vendors, including Intel, Lenovo, Supermicro, and many others.

binarly.io/blog/lighttpd-…

Timeline of an old, undocumented lighttpd vulnerability across the software supply chain

As always, this is an amazing lineup! It's great to see so much attention to firmware and hardware security this year.

Come see how I used my jerry-rigged “EMBite” probe to capture an EM side-channels using a HackRF.

I used this to figure out the precise timing of where a completely unknown boot check fails - and then used that timing to bypass the check 😁

We are honored to have the #OffensiveCon24 speakers!
offensivecon.org/speakers/

Booting with Caution: Dissecting Secure Boot's Third-Party Attack Surface by Bill Demirkapi offensivecon.org/speakers/2024/…

How to Fuzz Your Way to Android Universal Root: Attacking Android Binder by Eugene Rodionov, Zi Fan Tan and Gulshan Singh offensivecon.org/speakers/2024/…

Our xz.fail scanner detects generically ifunc implantation #xzbackdoor technique on any ELF file and could spot other projects implanted by the same technique. API open and bulk scans are welcome!

The uploads we face contain all shades of file manipulations and…

I'm not sure if someone noticed, but Hex-Rays SA IDA shows a warning on the ifunc implantation technique used by #xzbackdoor , highlighting unusual relocation table manipulations. This warning shows only on implanted files🚪

some people asked for the code .. so I decided to quickly refactor my scrappy paramiko script and turned it into an ssh agent implementation that works with a vanilla openssh client that has a single line patched out. github.com/blasty/JiaTans…

Our xz.fail scanner detects generically ifunc implantation #xzbackdoor technique on any ELF file and could spot other projects implanted by the same technique. API open and bulk scans are welcome!

The uploads we face contain all shades of file manipulations and…

Added real-time scan statistics data
x.com/binarly_io/sta…

🔥 NEW! For your earholes this weekend: Costin Raiu joins the XZ backdoor investigation

Listen securityconversations.com/episode/costin…