Explore >> Select a destination
|
You are here 
|
guidovranken.com | ||
| | | | |
blog.quarkslab.com
|
|
| | | | | Following our presentation at Black Hat USA, in this blog post we provide some details on CVE-2022-20233, the latest vulnerability we found on Titan M, and how we exploited it to obtain code execution on the chip. | |
| | | | |
comsecuris.com
|
|
| | | | | [AI summary] This blog post discusses a detailed exploit chain targeting a mobile phone's application processor OS through a compromised modem. The author outlines the process of identifying vulnerabilities in the baseband firmware, reverse engineering the MT6795's cellular stack layers, and attempting to fuzz the MM layer for potential memory corruption issues. The post also touches on the challenges of creating a persistent rootkit via the modem and the importance of hardware isolation in securing mobile platforms. | |
| | | | |
blog.trailofbits.com
|
|
| | | | | By Matt Schwager Trail of Bits is excited to introduce Ruzzy, a coverage-guided fuzzer for pure Ruby code and Ruby C extensions. Fuzzing helps find bugs in software that processes untrusted input. In pure Ruby, these bugs may result in unexpected exceptions that could lead to denial of service, and in Ruby C extensions, they... | |
| | | | |
gist.github.com
|
|
| | | Simple Implementation of HTTP Server. GitHub Gist: instantly share code, notes, and snippets. | ||
