Android TV Devices: Pre-0wned Supply Chain Security Threats
Validating The Digital Supply Chain For more insights on hardware hacking, check out the webinar: Spooky Experiments – Building Your Own Security Research Lab. With the help of the Eclypsium research team (and others mentioned below), I set out to look inside some of the Android TV devices on the ... Read More
Demystifying CPU Microcode: Vulnerabilities, Updates, and Remediation
Attacks against low-level CPU architecture popped up on most tech people’s radar after the introduction of the Spectre and Meltdown vulnerabilities were made public. Since then there have been several more vulnerabilities affecting both Intel and AMD CPUs in the same category of speculative execution bugs. The goal of this ... Read More
Eclypsium Protection for “Downfall” Vulnerabilities on Intel processors
Overview Amid several recently disclosed vulnerabilities in hardware/CPUs (including a voltage fault injection against AMD CPUs in Telsa vehicles, Zenbleed, AMD CPU attacks discovered by Tavis Ormandy, also a Google researcher, and Inception, a new attack also targeting AMD CPUs) Google research Daniel Maghimi disclosed vulnerabilities targeting Intel CPUs dubbed ... Read More
My Favorite Things: Hardware Hacking and Reverse Engineering
Favorite (Hacking) Things I really enjoy researching and acquiring “gadgets”. Recently, I spent a little time with Eclypsium’s research team discussing which hardware and software are most useful for security research, specifically hardware and firmware. The Eclypsium team has published extensive research in the past so I thought it would ... Read More
CISA Issues a Call to Action for Improved UEFI Security
On August 3, 2023, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a call to action addressing the challenges we face securing UEFI and responding to incidents where attackers have leveraged weaknesses in UEFI implementations. The article “A Call to Action: Bolster UEFI Cybersecurity Now” underscores the importance of ... Read More
Linux Commands To Check The State Of Firmware
Whether you are new to Linux or a seasoned Linux systems administrator, knowing the hardware and firmware on your systems is essential. Firmware that is out-of-date can pose security and operational risks. I advise you to keep up with firmware updates before you are impacted by an attacker with a ... Read More
The Keys To The Kingdom and The Intel Boot Process
Intel-based computers implement various hardware, firmware, and cryptographic algorithms to preserve the integrity of the platform. Protecting the supply chain incorporates the protection of the keys used in the integrity-checking process. A few recent events have highlighted the risks associated with keys critical to the platform integrity, such as: It ... Read More
BlackLotus – A Threat Coming To A System Near You
What is “BlackLotus”? Following news in late 2022 of a new UEFI bootkit being sold for $5,000 on hacking forums called BlackLotus. ESET researchers have recently released an analysis of this bootkit discovered in the wild. There was speculation as to whether or not BlackLotus was real and did what ... Read More
“Permanently” Bricking Computers and Other Supply Chain Issues
“Permanently” Bricking One of my fears is the attacker who is motivated to destroy infrastructure rather than lay low, hide, and steal. Destroying a computer requires a moderate amount of skill compared to the complexities of persisting and evasion involved with non-destructive style attacks. A while back I set out ... Read More
Things I Wish I’d Known Before Joining Mastodon
Mastodon is a social media platform based on open standards and protocols. It offers an alternative to corporate-owned social media platforms such as Twitter (and is the closest thing to a Twitter alternative available today). The Mastodon network is called the “Fediverse”, a series of independently owned and operated servers ... Read More
