Explore >> Select a destination
|
You are here 
|
nixhacker.com | ||
| | | | |
blog.inhq.net
|
|
| | | | | The article describes several vulnerabilities in the KeepKey hardware wallet. Flaws in the supervisor interface can be exploited to bypass important security restrictions on firmware operations. Using these flaws, malicious firmware code can elevate privileges, permanently make the device inoperable or overwrite the trusted bootloader code to compromise the hardware wallet across reboots or storage wipes. | |
| | | | |
prog.world
|
|
| | | | | [AI summary] The article discusses the use of Intel Processor Trace (PT) technology to capture code traces from the System Management Mode (SMM) in a computer's BIOS. The authors detail the process of creating a backdoor to access SMM, modifying the SMI dispatcher to redirect execution to a custom shellcode, and using tools like WinIPT and ptxed to analyze the trace data. They also mention challenges such as synchronization issues and the need for cross-platform compatibility, and conclude that this method provides an efficient way to investigate SMM code for vulnerabilities. | |
| | | | |
keenlab.tencent.com
|
|
| | | | | In the past two years, Keen Security Lab did in-depth research on the security of Tesla Cars and presented our research results on Black Hat 2017 and Black Hat 2018. Our research involves many in-veh | |
| | | | |
blogs.juniper.net
|
|
| | | A Control Web Panel vulnerability is being used to compromise SSH servers by injecting code via dynamic library preloading. | ||
