vkas-afk

New blog post detailing an unpatched vulnerability I found 3 years ago in GoG Galaxy that allows an attacker to chmod 777 arbitrary folder / files. vkas-afk.github.io/28_november_20…

A blog post detailing a race condition I found in Acronis True Image that allows users to run arbitrary binaries as root. vkas-afk.github.io/26_february_20…

another day, another C developer not focusing hard enough

A very bad thing happened: now, the Intel Boot Guard on the vendor's platforms can no longer be trusted... ☹️

Blog post detailing a vulnerability I found in BlueStacks last year that allows a user to interact with the privileged helper and delete arbitrary files as root (and potentially other things) vkas-afk.github.io/22_july_2022

🛰️ For those (still) interested by the KA-SAT event which occured on the Feb. 27. It seems (*) that the attackers simply launched their payload from the modems' SSH accesses which were open to anyone on the SDWAN. (1/3)

Today we've published Intel Microcode decryptor! It gives you an amazing opportunity for researching x86 platforms. You can understand how Intel mitigated spectre vulnerability, explore the implementation of Intel TXT, SGX,VT-x technologies! Enjoy it! github.com/chip-red-pill/…

vx-underground is proud to unveil its patented EDR (Endpoint Detection and Response) technology. This technology (or lack thereof) has proven to stop 100% of malware, hackers, crooks, and even insider threats!

Found proof of china bacdoor in rsa???

The very important goal has been achieved, for the benefit of the entire information security society: we decrypted Intel XuCode!

Metal Unlock (it's also Global Unlock or Legacy Unlock) password for one of Bonnell (the very first Atoms) representative...

Wow, this side channel attack against iPhones (dubbed "iTimed" in the paper) is really cool: eprint.iacr.org/2021/464.pdf

Since iOS 15 RC had been released, I will drop the poc I mentioned a few days ago, it's a XNU IPC Race Condition bug reachable from sandbox, tested machine: iPhone 11 14.7.1 MBP 11.5.2/11.0.1 And here's my poc: gist.github.com/Peterpan0927/f… have a good day!

The advisories for the BSSA bug are out. Thanks #Intel #Nvidia #Supermicro #HP #Lenovo #Dell! intel.com/content/www/us… nvidia.custhelp.com/app/answers/de… supermicro.com/en/support/sec… support.hp.com/us-en/document… support.lenovo.com/eg/en/product_… dell.com/support/kbdoc/… CC: @matrosov @Adam_pi3 #blackhat2021

A human foot has not yet set foot here (the researcher's eyes did not look). Intel pcode (runs on 8051 power control unit in CPU complex)

Meet WiFiDemon: iOS WiFi RCE 0-Day Vulnerability & a 'Zero-Click' Vulnerability That was Silently Patched blog.zecops.com/research/meet-…

Great analysis of an iOS format string bug, incl. dynamic analysis with @fridadotre! blog.chichou.me/2021/06/20/qui…