🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Today we're[+Mark Ermolov and Dmitry Sklyarov]disclosing the technique allowing to modify #Intel #Microcode on the fly! For the first time you have the ability to intercept control flow at such a low level. We've developed the microcode patch that changes the processor model string as PoC

Guest story on how-to check the strength of your user’s AD passwords using open source tools #domainsecurity #adsecurity #passwordspraying cyberlands.io/adpasswordspra…

In Oct 2020, we discovered seven 0-day exploits in-the-wild from two exploit servers. The exploit chains targeted Android, Windows, and iOS devices. Each step we take towards making 0-day hard, makes all of us safer. googleprojectzero.blogspot.com/2021/03/in-wil…

Wow, we (+Maxim Goryachy and Dmitry Sklyarov) have found two undocumented x86 instructions in Intel CPUs which completely control microarchitectural state (yes, they can modify microcode)

In the last part of the Chrome beta + Android full chain series, I'll use a Chrome WebAudio UAF I reported last September (which turned out to be a bug collision) to gain RCE in the renderer sandbox. securitylab.github.com/research/one_d…

[1/4]People ask us (+Dmitry Sklyarov and Mark Ermolov) for details about undocumented crbus instructions. We recorded the demo showing that for access to crbus requires only execute arbitrary code with root/admin privilege. (details below)

New article "How we bypassed bytenode and decompiled Node.js (V8) bytecode in Ghidra" by our researcher Sergey Fedonin. swarm.ptsecurity.com/how-we-bypasse…

Finally, we've published the results of our three-year research of Intel Microcode, using it now you can earn up to $150,000.

r0 Crew supports #ZeroNights2021! It is a community of information security researchers. The main goal of the community is to create an environment for meetings, communication, and exchange.

Pssst, Ghidra 10.0 is out => github.com/NationalSecuri… There is debugger support now which is great, that will definitely bridge a usability gap 🧙‍♂️🌶️

Do you need to research the security of your Android app for free? Check out TOP-10 open-souce security assessment tools guide cyberlands.io/top10toolsandr… #androidsecurity #mobilesecurity #securityresearch cyberlands.io/top10toolsandr…

Do you have an iOS app and want to have its security checked? Discover 10 open-source ten tools that we love when doing the same thing for living cyberlands.io/toptoolsiosecu… cyberlands.io/toptoolsiosecu…

[LEAKED] IDA Pro 7.6 SP1 + HexRays (x86/x64/ARM/ARM64/MIPS) Some guy "gogogo" came to our telegram (t.me/r0_chat) chat and leaked IDA Pro 7.6 SP1. forum.reverse4you.org/t/leaked-ida-p… #idapro #ida #leaked #decompilers

Finally after our public talks and papers about DCI Intel officially admitted that CPU and PCH has "per-part “password” into the product through the debug interface (i.e., JTAG, I3C, USB) which is used to authenticate (and unlock)."

The ELF-file inside microcode update, Intel Atom uCode format and etc. Details in slides from our ZeroNights 2021 talk "Chip Red Pill: How we achieved to execute arbitrary [micro]code inside Intel Atom CPUs". github.com/chip-red-pill/…

Our congratulations to the winners of Hex-Rays Plugin Contest 2021!🎉🎁🎆 🥇 Tenet by 🥈 D-810 by Boris Batteux, eShard 🥉 nmips by Leonardo Galli With many excellent entries selecting just three was a real challenge. Take a look yourself: hex-rays.com/contests_detai…

🔥OFFZONE 2022 to be held in summer Hi there. It's been quite a while, but now we're back with good news: the next #OFFZONE will take place on August 25–26, 2022. Follow us and stay tuned :) offzone.moscow

IDA PRO 7.7 SP1 LEAKED AGAIN! For more info check out our chat: t.me/r0_chat #idapro #ida #leaked #tools #reverse #decompilers

OFFZONE 2022, August 25–26 Early bird tickets are now on sale: - ₽8,500 individual rate - ₽13,500 corporate rate - ₽4,500 for holders of student IDs - +₽7,000 admission to the Speaker Party Your OFFZONE 2020 ticket is still valid. Buy tickets bit.ly/3vaZpBh

OFFZONE 2022, August 25–26