Mickey

LABScon25 Replay 📺 Joe Fitzpatrick: Please Connect to the Foreign Entity to Enhance Your User Experience (@securelyfitz) sentinelone.com/labs/labscon25…

Hardware Hacking and AI* all using LLMs*: I've been teaching courses about *Attacking *IoT at Black Hat for over a decade - often using tools that include *Logic *Level *MOSFETs. Here's my take on some of the hardware courses and what pairs well for different skill levels:

Finally releasing some work with @LennertWo! cfp.recon.cx/recon-2026/tal…

Reverse Engineering a Ledger Nano X Hardware Implant (@_TROPICON) slides are up! grandideastudio.com/portfolio/secu…

AMD is shipping a vulnerable kernel driver in the Razer Blade 16 BIOS updater. its sitting in the same folder as ANOTHER vulnerable driver that's been publicly known and documented as dangerous for years both are signed. both can be weaponized by malware to bypass your antivirus, take complete control of your computer from the inside, read anything stored in memory including passwords and crypto wallet keys, and load ransomware /Malware without your PC putting up a fight this is exactly what ransomware / malware operators and state backed groups hunt for every single day

GPU-Z is on basically every gaming PC on earth. TechPowerUp makes it. they also make Sapphire TRIXX. What I found is insane... both ship TRIXX.sys. IOCTL 0x800060C4 calls HalSetBusDataByOffset with user-controlled bus, device, function, and offset. any local process. no admin. reprogram any PCI BAR to any physical address. map it. arbitrary physical memory R/W from ring 3. a GPU info tool with the keys to your entire system. EV cert. valid through April 2028.

Signed to Kill: Reverse Engineering a 0-Day Used to Disable #CrowdStrike EDR The article presents a reverse-engineering analysis of a kernel driver used in a BYOVD (Bring Your Own Vulnerable Driver) attack to disable security software, including @CrowdStrike Falcon EDR. The researcher discovered multiple variants of a Microsoft-signed driver that expose a dangerous IOCTL interface capable of terminating arbitrary processes. core-jmp.org/2026/04/signed…

github.com/magicsword-io/… found a 25KB WHQL signed driver from driverscloud.com. its a french hardware inventory tool people install to check what GPU they have. 7 IOCTLs, zero validation. no security descriptor on the device. FILE_ANY_ACCESS on every IOCTL. any user can open it. no admin needed. no UAC. unrestricted wrmsr. no whitelist. write IA32_LSTAR and every syscall on the system hits your code. the instruction takes single digit nanoseconds. arb physmem read up to 2MB per call, MSR read/write, port I/O, PCI config R/W. It wasn't on loldrivers. not on hvci blocklist. no CVE. 0/68 on VT

Russia hid spy hardware in the walls of TechEx, an Ukraine defense company that builds drones. They don’t really explain what it is beyond “wire tap”, so let’s do a quick analysis on the hardware to configure out what it does! 🧵1

We found 9 vulnerabilities across 4 low-cost IP-KVM vendors. These $30 devices give attackers the equivalent of physical access to everything they connect to. Below the OS, EDR, and pretty much every security control you've deployed.

Everyone today is a hacker in a sense but there are very few OG hackers on which shoulders we stand Oh dude, Felix “FX” Lindner you were so much a hackers hacker and you will be missed RIP my friend and thank you

Thank you for everything FX, you will be missed 😞

I'll be teaching a practical, introductory workshop on reverse engineering a mask ROM from a photo of a microchip at @BlueHatIL in Tel Aviv. If you're interested and in town, please join on either 10 or 11 March. You'll start with a microscope photo, end with disassembly code.

I've got a brand new class in the works! Applied Physical Defenses: Secure Boot and Encrypted Firmware The first time I offer this class will be @BlackHatEvents in Singapore on April 21-22, more offerings coming soon. #applied-hardware-defences-secure-boot-and-encrypted-firmware-49814" target="_blank" rel="nofollow noopener">blackhat.com/asia-26/traini…

YubiKey Nano

Squeee so excited 😍😍😍 @Blackhoodie_RE will be at @DistrictCon next year, on January 23rd @SynapticRewrite and I will teach a day of Reverse Engineering for Vulnerability Discovery, registration is now open blackhoodie.re/DistrictCon202…

Doom on a webcam😂