alvise

52 posts

alvise

@HBitmasks

PhD Student @vu5ec (Systems Security). Previously: decompilers @_revng, rockets @skyward_er

───○─ 🔊 Katılım Eylül 2018

250 Takip Edilen187 Takipçiler

alvise retweetledi

Mark Ermolov@_markel___·13 Ara

Hardware glitching masters have taken on Intel's microarchitecture - very, very cool! I'm so glad our work is contributing to research that was previously unimaginable. Research into hardware attacks on Intel processors has enormous potential... download.vusec.net/papers/microsp…

English

167

23.1K

alvise retweetledi

Travis Goodspeed@travisgoodspeed·24 Oca

Remote code execution on a Yamaha piano. psi3.ru/blog/swl01u/

Filipino

281

1.6K

89.8K

alvise@HBitmasks·14 Ağu

The Spectre exploit chef @SanWieb just gave an impeccable talk at @USENIXSecurity about our work on Spectre gadgets analysis and native BHI exploitation. Very happy - and proud of the Distinguished Paper award too :)

Herbert Bos@herbertbos

Happy to report that our InSpectreGadget paper won a Distinguished Paper award at @USENIXSecurity: download.vusec.net/papers/inspect… @vu5ec @SanWieb @HBitmasks @c_giuffrida Here is @SanWieb presenting the paper:

English

278

alvise retweetledi

Erik van der Kouwe@EKouwe·28 May

Just a few days left to apply to our PhD and PostDoc positions available at @vu5ec. If you love low-level systems hacking and would you like to work at a top systems security research group in Amsterdam, consider applying: workingat.vu.nl/vacancies/phd-…

English

2.3K

alvise retweetledi

rev.ng@_revng·13 May

😎 We’re going to REcon 2024! 😎 This will be the first talk in which we introduce the decompiler since the open source release. It will be very much an hands on talk. Don’t miss it. See you in June in Montreal! ⚜️🌹☘️ cfp.recon.cx/recon2024/talk…

English

3.8K

alvise@HBitmasks·9 Nis

If you ever happen to look for Spectre gadgets manually and feel pain and loneliness, you should check github.com/vusec/inspectr… ... It's been a wild ride, but working with @SanWieb was the best thing ever :) Also, BHI is back baby

VUSec@vu5ec

Branch History Injection (BHI) is back! Disclosing Native BHI, bypassing deployed Spectre-v2/BHI mitigations (e.g., eBPF=off) to leak arbitrary kernel/host memory (e.g., root password hash below). Joint work by @SanWieb @HBitmasks @herbertbos @c_giuffrida: vusec.net/projects/nativ…

English

alvise retweetledi

rev.ng@_revng·13 Oca

We ended up on HN and some interesting discussions emerged: news.ycombinator.com/item?id=389752…

English

3.1K

alvise retweetledi

VUSec@vu5ec·5 Ara

Disclosing #SLAM, aka how to combine Spectre and Intel LAM (& co.) to leak kernel memory on future CPUs (demo below). Thousands of exploitable "unmasked" (or pointer chasing) gadgets in the Linux kernel. Joint work by @MatheHertogh @SanWieb @c_giuffrida: vusec.net/projects/slam

GIF

English

180

22.9K

alvise retweetledi

Fish_@fish_·21 Eki

That’s also a way to mention the OSI layers @herbertbos🤣 #nohat2023

English

818

alvise retweetledi

Emanuele Vannacci@vanema94·10 Ağu

I'm thrilled to announce that our paper "Speculation@Fault" @USENIXSecurity is online! Read about how we automatically find information leakages arising from CPU exceptions by fuzzing against speculative contracts.

Jana Hofmann@jana_tweets_cs

Now that the embargo is finally lifted🥳: I'm excited to share details about our most recent work (appearing at USENIX this week) on modeling and testing microarchitectural information leakage of CPU exceptions (think Meltdown 👻and alike).

English

2.9K

alvise retweetledi

Stefano Zanero@raistolo·8 Haz

I am extremely happy about this paper, which is the brainchild of my PhD student @__L4w__ and my colleague @JinBlackx. BINO addresses the irksome problem of identifying inlined functions (specifically from C++ template classes) in binaries. authors.elsevier.com/c/1hD5Kc43v0Znn

English

13.1K

alvise retweetledi

Djordje Todorovic@djtodoro·14 May

Debug Location coverage for the variables in the optimized binaries compiled with the newest release of LLVM look nice. A bit longer post is at djolertrk.github.io/2023/05/14/Deb…. We started from 45%, and now we are at 71%, nice! @llvmorg

English

5.8K

alvise retweetledi

NDSS Symposium@NDSSSymposium·2 Mar

Should we lose hope already on Rowhammer attacks? Andrea Di Dio from Vrije Universiteit Amsterdam is showing us at #NDSS23 that it is feasible to devise a software-based design to mitigate ECC-aware Rowhammer attacks.

English

2.5K

alvise retweetledi

Linuxopsys@linuxopsys·13 Oca

The Linux kernel, this is really cute!

English

423

1.7K

113K

alvise retweetledi

VUSec@vu5ec·11 Oca

Disclosing CHOP, aka how attackers can bypass commodity return address protections such as stack cookies by hijacking the exception handling process. Paper to appear @NDSSSymposium: download.vusec.net/papers/chop_nd…. Joint work by @victor_duta Fabian Freyer @pagabuc @nSinusR @c_giuffrida

English

17.9K

alvise retweetledi

Filippo Cremonese@fcremo·7 Ara

Easily the highest impact bug I found (yet)

Zellic@zellic_io

We audited SPL-Token-2022 for the @SolanaFndn. It's an update for the SPL-Token program. In our review, we found an inflationary bug that would've allowed infinite minting of tokens for free. The audit was pre-launch. The code was not enabled, so no funds were at risk. 👇🧵

English

alvise@HBitmasks·11 Kas

What a blast! Thanks to all my incredible co-authors @aScarecrowHat @JinBlackx @mcarminati1988 @raistolo

JinBlack (Mario Polino)@JinBlackx

And we got this. Very happy about that.

English

alvise@HBitmasks·10 Kas

Great talk by @fcgorter about his project DangZero at @acm_ccs! Featuring also a nice little meme about @gregkh approving the work :) gg

English

alvise retweetledi

Stefano Zanero@raistolo·8 Kas

A wild ⁦@HBitmasks⁩ delivering a great talk at ⁦@acm_ccs⁩

English

alvise retweetledi

JinBlack (Mario Polino)@JinBlackx·8 Kas

I am at @acm_ccs , where @HBitmasks is about to present "Canflict: Exploiting Peripheral Conflicts for Data-Link Layer Attacks on Automotive Networks". Thanks to all coauthors: @HBitmasks, @aScarecrowHat, @mcarminati1988, @raistolo Full paper: dl.acm.org/doi/pdf/10.114…

English

Keşfet

@SanWieb @USENIXSecurity @vu5ec @MatheHertogh @c_giuffrida @herbertbos @__L4w__ @JinBlackx