Christian Lindenmeier

We sent one of us to scout the grounds of this year's @1ns0mn1h4ck. From Android rollback attacks to AI-driven malware, here’s what stood out to us: eshard.com/posts/a-look-b…

🗓️ Exciting news! @0ddc0de & @_chli_ will be joining Insomni’hack 2025 to present "EL3XIR: Fuzzing COTS Secure Monitors". 🔍 Last days to secure your spot: insomnihack.ch/talks/el3xir-f… #INSO25 #Cybersecurity #EthicalHacking #Switzerland

We are excited to announce Mathias Payer as the Keynote Speaker for the first day of Talks at Insomni'hack 2025! 🎟️ Register now and secure your spot: insomnihack.ch/talks/advanced… #INSO25 #Cybersecurity #EthicalHacking #Switzerland

🗓️ Exciting news! @0ddc0de & @_chli_ will be joining Insomni’hack 2025 to present "EL3XIR: Fuzzing COTS Secure Monitors". Explore the lineup and secure your spot: insomnihack.ch/talks/el3xir-f… #INSO25 #Cybersecurity #EthicalHacking #Switzerland

🚨 The Insomni’hack 2025 Conferences Programme is LIVE! 📅 2 days, top experts, & cutting-edge cybersecurity talks. Get your tickets now: insomnihack.ch/talks-2025/?ut… #INSO25 #Cybersecurity #EthicalHacking #Switzerland

💡 ARM TrustZone-based TEEs secure devices like smartphones; drones, but they have critical vulnerabilities Join @0ddc0de at #hw_ioUSA2025 to analyze system designs, spot security flaws & explore isolation and confidentiality techniques 👉 hardwear.io/usa-2025/train… #TrustZoneTEE

🚨 At #hw_ioNL2024, Marcel Busch and @_chli_ introduced EL3XIR, a powerful framework designed to rehost and fuzz the secure monitor firmware layer of TrustZone-based TEEs. YouTube Link: youtu.be/x-VRC0WX5Bo?si… #fuzzing #securemonitor #EL3XIR

📢 SPEAKERS ANNOUNCEMENT 📢 On Wednesday Nov. 6th, Marcel Busch @0ddc0de and Philippe Mao 🙋‍♂️, Postdoc and PhD at @EPFL HexHive lab, will propose a fascinating talk 🔥 GlobalConfusion: Trustzone Trusted Application 0-Days by Design 🔥 Abstract 👉 #02" target="_blank" rel="nofollow noopener">blackalps.ch/ba-24/talks.ph…

🥁🥁🥁...Uncovering Security Vulnerabilities at #hw_ioNL2024! Marcel; @_chli_ reported 34 bugs in secure monitors, with 17 classified as security critical. Affected vendors confirmed 14, leading to 6 CVEs for EL3XIR 👉 hardwear.io/netherlands-20… #fuzzing #EL#XIR #monitorsecurity

🔒 ARM TrustZone is the backbone of mobile devices 📱, and EL3XIR provides an effective framework for rehosting and fuzzing the secure monitor firmware of proprietary TrustZone-based TEEs Join Marcel & @_chli_ at #hw_ioNL2024 👉 hardwear.io/netherlands-20… #fuzzing #mobilesecurity

Coming up at @USENIXSecurity, we have three exciting papers on Android security across all layers of the stack. Learn about fuzzing trusted components, type confusion in trusted APIs and a study on how trusted apps are updated. @EPFL_en @ICepfl actu.epfl.ch/news/finding-s…

Downgrading trusted apps allows attackers to use N-days for attacking the trusted world. Sadly, @0ddc0de @USENIXSecurity discovered that rollback prevention is lacking on Android. Paper: nebelwelt.net/files/24SEC.pdf

Do you want 0days in Android Trusted Applications using the Global Platform API? Use @0ddc0de's binary static analysis @USENIXSecurity to find type confusions resulting in arbitrary writes. Paper: nebelwelt.net/files/24SEC4.p…

As it turns out, the secure monitor, Android's most trusted component is full of bugs. @_chli_ and @0ddc0de discovered lots of serious issues @USENIXSecurity though fuzzing. Paper: nebelwelt.net/files/24SEC2.p…