Martin Smolar (@smolar_m) 's Twitter Profile
Martin Smolar

@smolar_m

Malware researcher at @ESETResearch

ID: 823965462216245249

calendar_today24-01-2017 18:47:29

75 Tweet

336 Takipçi

336 Takip Edilen

ESET Research (@esetresearch) 's Twitter Profile Photo

#ESETresearch reveals the first Linux UEFI bootkit, Bootkitty. It disables kernel signature verification and preloads two ELFs unknown during our analysis. Also discovered, a possibly related unsigned LKM – both were uploaded to VT early this month. welivesecurity.com/en/eset-resear… 1/5

BINARLY🔬 (@binarly_io) 's Twitter Profile Photo

🚨Secure Boot relies on revocation lists (dbx) to block malicious bootloaders, but discrepancies between the UEFI Forum & Microsoft lists create security gaps. 👉Call for a single and openly maintained revocation list -- a unified source of truth! binarly.io/blog/from-trus…

🚨Secure Boot relies on revocation lists (dbx) to block malicious bootloaders, but discrepancies between the <a href="/UEFIForum/">UEFI Forum</a> &amp; <a href="/Microsoft/">Microsoft</a> lists create security gaps.

👉Call for a single and openly maintained revocation list -- a unified source of truth!

binarly.io/blog/from-trus…
ESET Research (@esetresearch) 's Twitter Profile Photo

#ESETresearch has discovered a zero day exploit abusing #CVE-2025-24983 vulnerability in Windows Kernel to elevate privileges (#LPE). First seen in the wild in March 2023, the exploit was deployed through #PipeMagic backdoor on the compromised machines. 1/4

#ESETresearch has discovered a zero day exploit abusing #CVE-2025-24983 vulnerability in Windows Kernel to elevate privileges (#LPE). First seen in the wild in March 2023, the exploit was deployed through #PipeMagic backdoor on the compromised machines. 1/4
BINARLY🔬 (@binarly_io) 's Twitter Profile Photo

Some exciting research to share from Binarly REsearchers Takahiro Haruyama and Fabio Pagani -- a novel approach to UEFI bootkit detection. 🔥Read the technical paper: "UEFI Bootkit Hunting: In-Depth Search for Unique Code Behavior" 👉 binarly.io/blog/uefi-boot…

Some exciting research to share from Binarly REsearchers <a href="/cci_forensics/">Takahiro Haruyama</a> and <a href="/pagabuc/">Fabio Pagani</a>  -- a novel approach to UEFI bootkit detection. 

🔥Read the technical paper: "UEFI Bootkit Hunting: In-Depth Search for Unique Code Behavior"

👉 binarly.io/blog/uefi-boot…
Check Point Research (@_cpresearch_) 's Twitter Profile Photo

Thread Execution Hijacking is one of the well-known methods that can be used to run implanted code. In this blog we introduce a new injection method, that is based on this classic technique, but much stealthier - Waiting Thread Hijacking. Read More : research.checkpoint.com/2025/waiting-t…

Nikolaj Schlej (@nikolajschlej) 's Twitter Profile Photo

There will soon be a part two of the writeup, where we'll use Hydroph0bia for getting arbitrary code execution during FW update and obtain full control over the DXE volume (and all other parts that happen to not be covered by BG/FDM hashing). youtube.com/watch?v=1uJF44…

ESET Research (@esetresearch) 's Twitter Profile Photo

#ESETresearch has conducted a comprehensive technical analysis of new malicious tools and significant updates observed in 2024 in the arsenal of the Russia-aligned #Gamaredon #APTgroup targeting Ukraine🇺🇦. welivesecurity.com/en/eset-resear… 1/9

ESET Research (@esetresearch) 's Twitter Profile Photo

An interesting case of a recent phishing campaign targeting users of the X platform. #ESETResearch analyzed the campaign and found that, in addition to the expected focus on individuals involved in crypto and digital assets, the attackers also targeted prominent journalists, a

Alex Matrosov (@matrosov) 's Twitter Profile Photo

Some of the vendors just never changing. How can we trust their products if they even cheat with vulnerability disclosures?

ESET Research (@esetresearch) 's Twitter Profile Photo

#ESETresearch has discovered a zero-day vulnerability in WinRAR, exploited in the wild by Russia-aligned #RomCom 🏴‍☠️ Anton Cherepanov welivesecurity.com/en/eset-resear… 1/7

Alon Leviev (@alon_leviev) 's Twitter Profile Photo

Just dropped a detailed blog post on our “BitUnlocker” research. If you’re into logical vulnerabilities and BitLocker bypasses, this one’s for you! techcommunity.microsoft.com/blog/microsoft…

ESET Research (@esetresearch) 's Twitter Profile Photo

#ESETResearch has discovered the first known AI-powered ransomware, which we named #PromptLock. The PromptLock malware uses the gpt-oss:20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts on the fly, which it then executes 1/6

#ESETResearch has discovered the first known AI-powered ransomware, which we named #PromptLock. The PromptLock malware uses the gpt-oss:20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts on the fly, which it then executes 1/6
BINARLY🔬 (@binarly_io) 's Twitter Profile Photo

🔐BYOVD, but in firmware. Signed UEFI shells, vulnerable modules offer new paths for Secure Boot bypasses. Read the latest REsearch from Fabio Pagani and Yegor on the fragile foundation of UEFI ecosystem. binarly.io/blog/signed-an…

🔐BYOVD, but in firmware. Signed UEFI shells, vulnerable modules offer new paths for Secure Boot bypasses.  

Read the latest REsearch from <a href="/pagabuc/">Fabio Pagani</a> and <a href="/yeggorv/">Yegor</a> on the fragile foundation of UEFI ecosystem.

binarly.io/blog/signed-an…
Dirk-jan (@_dirkjan) 's Twitter Profile Photo

I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: dirkjanm.io/obtaining-glob…

ESET Research (@esetresearch) 's Twitter Profile Photo

#ESETresearch has discovered the first known cases of collaboration between Gamaredon and Turla, in Ukraine. Both groups are affiliated with the FSB, Russia’s main domestic intelligence and security agency. welivesecurity.com/en/eset-resear… 1/3

ESET Research (@esetresearch) 's Twitter Profile Photo

#ESETresearch has observed #Gamaredon exploiting CVE-2025-8088 (#WinRAR path traversal) in an ongoing spearphishing campaign. This vulnerability allows arbitrary file write via crafted RAR archives. 1/5

#ESETresearch has observed #Gamaredon exploiting CVE-2025-8088 (#WinRAR path traversal) in an ongoing spearphishing campaign. This vulnerability allows arbitrary file write via crafted RAR archives. 1/5