Today we're[+Mark Ermolov and Dmitry Sklyarov]disclosing the technique allowing to modify #Intel #Microcode on the fly! For the first time you have the ability to intercept control flow at such a low level. We've developed the microcode patch that changes the processor model string as PoC

Wow, we (+Maxim Goryachy and Dmitry Sklyarov) have found two undocumented x86 instructions in Intel CPUs which completely control microarchitectural state (yes, they can modify microcode)

In the last part of the Chrome beta + Android full chain series, I'll use a Chrome WebAudio UAF I reported last September (which turned out to be a bug collision) to gain RCE in the renderer sandbox. securitylab.github.com/research/one_d…

[1/4]People ask us (+Dmitry Sklyarov and Mark Ermolov) for details about undocumented crbus instructions. We recorded the demo showing that for access to crbus requires only execute arbitrary code with root/admin privilege. (details below)

New article "How we bypassed bytenode and decompiled Node.js (V8) bytecode in Ghidra" by our researcher Sergey Fedonin. swarm.ptsecurity.com/how-we-bypasse…

Finally, we've published the results of our three-year research of Intel Microcode, using it now you can earn up to $150,000.

Hey man, you want some money? Join awesome #CTF by the #CyberUnit company and my friend Yegor Aushev, which will go online as a part of the @GISECDUBAI conference. Don't lose the opportunity to defeat #blueteam and make some money! Join on: thehunt.cyberunit.ae

r0 Crew supports #ZeroNights2021! It is a community of information security researchers. The main goal of the community is to create an environment for meetings, communication, and exchange.

Pssst, Ghidra 10.0 is out => github.com/NationalSecuri… There is debugger support now which is great, that will definitely bridge a usability gap 🧙‍♂️🌶️

[LEAKED] IDA Pro 7.6 SP1 + HexRays (x86/x64/ARM/ARM64/MIPS) Some guy "gogogo" came to our telegram (t.me/r0_chat) chat and leaked IDA Pro 7.6 SP1. forum.reverse4you.org/t/leaked-ida-p… #idapro #ida #leaked #decompilers

Finally after our public talks and papers about DCI Intel officially admitted that CPU and PCH has "per-part “password” into the product through the debug interface (i.e., JTAG, I3C, USB) which is used to authenticate (and unlock)."

The ELF-file inside microcode update, Intel Atom uCode format and etc. Details in slides from our ZeroNights 2021 talk "Chip Red Pill: How we achieved to execute arbitrary [micro]code inside Intel Atom CPUs". github.com/chip-red-pill/…

Our congratulations to the winners of Hex-Rays Plugin Contest 2021!🎉🎁🎆 🥇 Tenet by 🥈 D-810 by Boris Batteux, eShard 🥉 nmips by Leonardo Galli With many excellent entries selecting just three was a real challenge. Take a look yourself: hex-rays.com/contests_detai…

🔥OFFZONE 2022 to be held in summer Hi there. It's been quite a while, but now we're back with good news: the next #OFFZONE will take place on August 25–26, 2022. Follow us and stay tuned :) offzone.moscow

IDA PRO 7.7 SP1 LEAKED AGAIN! For more info check out our chat: t.me/r0_chat #idapro #ida #leaked #tools #reverse #decompilers

OFFZONE 2022, August 25–26 Early bird tickets are now on sale: - ₽8,500 individual rate - ₽13,500 corporate rate - ₽4,500 for holders of student IDs - +₽7,000 admission to the Speaker Party Your OFFZONE 2020 ticket is still valid. Buy tickets bit.ly/3vaZpBh

OFFZONE 2022, August 25–26