Sabitlenmiş Tweet
A recording of our #defcon31 talk "Breaking BMC - The Forgotten Key to the Kingdom" is now available: youtube.com/watch?v=dbJQIQ…
cc: @Adam_pi3
YouTube
English
Alex Tereshkin
135 posts
Alex Tereshkin
@AlexTereshkin
Poked firmware before it was cool. Security researcher @NVIDIA. Opinions expressed are my own.
Katılım Ağustos 2015
166 Takip Edilen602 Takipçiler
Alex Tereshkin retweetledi
English
Alex Tereshkin retweetledi
English
Alex Tereshkin retweetledi
Nvidia OSR (@AlexTereshkin, @Adam_pi3) reveals high-impact Supermicro BMC vulnerabilities (CVE-2024-10237/38/39). Binarly REsearch documenting the details:
👻Ghost in the Controller: Abusing Supermicro BMC Firmware Verification.
Read the full story: binarly.io/blog/ghost-in-…
English
Alex Tereshkin retweetledi
Together with @AlexTereshkin we managed to summarize NVIDIA Offensive Security Research (OSR) work on breaking BMC (reference to our DefCon talk youtube.com/watch?v=dbJQIQ…). This blog post also includes a link to the full paper.
YouTube
NVIDIA Data Center@NVIDIADC
Baseboard Management Controllers (BMCs) are vital for remote server management, but they can also be a significant security risk. Explore findings and recommendations to safeguard your #datacenter infrastructure from NVIDIA's Offensive Security Research team. ➡️ nvda.ws/3HsQOme
English
Alex Tereshkin retweetledi
I'm delighted to share that our talk "How to Secure Unique Ecosystem Shipping 1 Billion+ Cores?" has been accepted to @BlackHatEvents #BHUSA 2025!
How to create a secure unique ecosystem from scratch? What's Separation Kernel? How and why to modify RISC-V? come to our talk! :)
English
Alex Tereshkin retweetledi
You can now jailbreak your AMD CPU! 🔥We've just released a full microcode toolchain, with source code and tutorials. bughunters.google.com/blog/542484235…
English
Alex Tereshkin retweetledi
Found a nice little SecureBoot bypass in a sizable bunch of UEFI firmwares, will share the details when able.
Meanwhile, this is the SHA2-256 of the PoC tool to trigger it:
530584749f90d187ac20f77c6d4bb2e09ec1c852090962dfab01c4274a8a6d2d
English
Alex Tereshkin retweetledi
New blog post: Tales from the Call-Gate: An SMM Supervisor Vulnerability
labs.ioactive.com/2024/10/tales-…
@kiqueNissim
English
Nice writeup! Thanks guys.
BINARLY🔬@binarly_io
🚨New! "CVE-2024-36435 Deep-Dive: The Year’s Most Critical BMC Security Flaw." 🔥Classic buffer overflow vulnerabilities resurface in BMCs, remotely opening the gates from the castle. 🏆Kudos to @AlexTereshkin for the initial discovery and disclosure! binarly.io/blog/cve-2024-…
English
Thanks, Xeno. Those were fun times indeed. Much respect to LegbaCore research! #ResearchRespect
Xeno Kovah@XenoKovah
I'm trying to start a positive security trend of #ResearchRespect wherein we give shoutouts to researchers whose work we really respect and describe why. I'll go first (in no particular order) with "Attacking Intel BIOS" by Rafal Wojtczuk and @AlexTereshkin at BlackHat 2009
English
@matrosov @binarly_io Brings back memories indeed! Congrats!
English
Alex Tereshkin retweetledi
#LogoFAIL abstract is online! Embargo ends on Dec 6th. LogoFAIL impacting all major IBVs reverence code: AMI, Insyde, and Phoenix. Also, this attack is not silicon-specific but UEFI-specific🔥 and impacts ARM and x86.
Kudos to @Binarly_io REsearch team!
#logofail-security-implications-of-image-parsing-during-system-boot-35042" target="_blank" rel="nofollow noopener">blackhat.com/eu-23/briefing…
English
Alex Tereshkin retweetledi
🔬OSR Team keeps rocking! @AlexTereshkin and @Adam_pi3 keep digging into BMC and FW rabbit hole.
🔥The main caveat is that most of those discoveries are related to IBVs reference code and impact the entire industry.
⛓️One vendor fix != Industry
⛓️Supply Chain Security is hard!
NVIDIA PSIRT@NVIDIAPSIRT
NVIDIA released a security bulletin for NVIDIA DGX H100. Thanks to the NVIDIA OSR team for: CVE‑2023‑25531, CVE‑2023‑25532, CVE‑2023‑25533, CVE‑2023‑25534, CVE‑2023‑31008, CVE‑2023‑31009, CVE‑2023‑31010, CVE‑2023‑31011, CVE‑2023‑31012, and CVE‑2023‑31013 nvidia.com/en-us/security/
English
English
Check out the abstract of our upcoming DC talk :)
CC: @Adam_pi3
forum.defcon.org/node/245714
English
@Grazfather @Adam_pi3 @defcon @mbazaliy @igoooo Thanks! The slidedeck: media.defcon.org/DEF%20CON%2031…
Demo is here: media.defcon.org/DEF%20CON%2031…
English
Alex Tereshkin retweetledi
What is BMC? Should we care about BMC's security? How easy is it to hack it?
You can find all the answers during our talk (CC @AlexTereshkin) at @defcon at 3:30pm on Saturday ;-) Join us!
forum.defcon.org/node/245714
CC: @mbazaliy, @igoooo, NVDA RISC-V FW dude
#DEFCON31 #Defcon
English
We enjoyed doing this research, super fun stuff. See you all in Vegas!
Adam 'pi3' Zabrocki@Adam_pi3
"Accepted Presentation: Breaking BMC: The Forgotten Key to the Kingdom Congrats! Your @defcon 31 Submission is accepted!" I'm super exited about the 3rd DefCon talk in a row! :) CC: Alex Tereshkin (@AlexTereshkin) #defcon31 #defcon
English