Analyst20718h ago

BitLocker Zero-Day Exposes Windows Drives to Unauthorized Access

A security researcher, Chaotic Eclipse, has dropped a bombshell by releasing proof-of-concept code for two unpatched Windows vulnerabilities, citing frustration with Microsoft's handling of previous bug reports. This move exposes Windows drives to unauthorized access, even with TPM+PIN protection in place.

https://osintsights.com/bitlocker-zero-day-exposes-windows-drives-to-unauthorized-access?utm_source=mastodon&utm_medium=social

#Bitlocker #ZeroDay #Windows #Tpm #MfaBypass

BitLocker Zero-Day Exposes Windows Drives to Unauthorized Access

Learn how a BitLocker zero-day vulnerability exposes Windows drives to unauthorized access and find out what you can do to protect yourself now effectively.

OSINTSights
๐Ÿ•ฏ๏ธCurious Magpie ๐Ÿ•ฏ๏ธ2d ago
TPMโ€™s own Hunter Walker has won a 2026 New York Press Club award for his seven-part investigative series delving into the impact of President Trumpโ€™s mass deportation agenda in New York, the U.S. city with the greatest population of immigrants, and which has seen the highest number of violent courthouse detentions.
#immigration #IndependentMedia #TPM
https://talkingpointsmemo.com/edblog/tpm-wins-2026-new-york-press-club-award-for-undocumented-underground-series
TPM Wins 2026 New York Press Club Award for Undocumented Underground Series

TPMโ€™s own Hunter Walker has won a 2026 New York Press Club...

TPM - Talking Points Memo
sayzard4d ago

LUKSbox: Encrypted vaults that survive the next decade

LUKSbox๋Š” ํด๋ผ์šฐ๋“œ๋‚˜ ๊ณต์œ  ์ €์žฅ์†Œ์— ์ €์žฅํ•˜๋Š” ๋ฏผ๊ฐํ•œ ํŒŒ์ผ์„ ์‚ฌ์šฉ์ž์˜ ํ‚ค๋กœ ๋กœ์ปฌ์—์„œ ์•”ํ˜ธํ™”ํ•˜์—ฌ ์ €์žฅํ•˜๋Š” ์˜คํ”ˆ์†Œ์Šค ์•”ํ˜ธํ™” ๋ณผํŠธ ์†”๋ฃจ์…˜์ž…๋‹ˆ๋‹ค. FIDO2, TPM 2.0 ํ•˜๋“œ์›จ์–ด ์ธ์ฆ๊ณผ ํฌ์ŠคํŠธ ์–‘์ž์•”ํ˜ธ(ML-KEM)๋ฅผ ์ง€์›ํ•ด ๋ฒ•์  ๊ฐ•์ œ๋ ฅ์—๋„ ๋ฐ์ดํ„ฐ ๋…ธ์ถœ์„ ๋ฐฉ์ง€ํ•˜๋ฉฐ, ๋ฌด๊ฒฐ์„ฑ ๊ฒ€์ฆ๊ณผ ๋กค๋ฐฑ ๋ฐฉ์ง€ ๊ธฐ๋Šฅ๋„ ๊ฐ–์ถ”๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. AES-256-GCM-SIV, Argon2id, HMAC-SHA256 ๋“ฑ ๊ฒ€์ฆ๋œ ์•”ํ˜ธํ™” ๊ธฐ๋ฒ•์„ ์‚ฌ์šฉํ•˜๋ฉฐ, ๋‹ค์–‘ํ•œ ํ”Œ๋žซํผ์—์„œ CLI, TUI, GUI ์ธํ„ฐํŽ˜์ด์Šค๋ฅผ ์ œ๊ณตํ•ฉ๋‹ˆ๋‹ค. ํ˜„์žฌ 1.0 ์ด์ „ ๋ฒ„์ „์œผ๋กœ ๋‚ด๋ถ€ ๊ฐ์‚ฌ๋ฅผ ์—ฌ๋Ÿฌ ์ฐจ๋ก€ ๊ฑฐ์ณค์œผ๋ฉฐ, ์™ธ๋ถ€ ๊ฐ์‚ฌ์™€ ์‹ค์‚ฌ์šฉ ๋ฐฐํฌ๊ฐ€ ์˜ˆ์ •๋˜์–ด ์žˆ์Šต๋‹ˆ๋‹ค.

https://github.com/PentHertz/LUKSbox

#encryption #fido2 #tpm #postquantum #cloudsecurity

MarekMay 5

"Trusted Platform Module (TPM)" lรผgt doch schon beim Namen - wie soll ich etwas vertrauen, was propritรคr ist und keinerlei Einsichtnahme in die Funktionsweise erlaubt?

Ich finde "Untrusted Platform Module (UPM)" oder "Please believe me I am a good Module (PBMIAGM)" wรคre besser.

#TPM

Morten LinderudMay 4

Did a new release of ssh-tpm-agent.

https://github.com/Foxboron/ssh-tpm-agent/releases/tag/v0.9.0

`ssh-tpm-add` now supports `-c` for confirmation dialogs before key usage, along with a nice process chain. Thanks to @mic92

#TPM #Security #OpenSSH #SSH

Release v0.9.0 ยท Foxboron/ssh-tpm-agent

The release is signed with C100 3466 7663 4E80 C940 FB9E 9C02 FF41 9FEC BE16. Packaging change ssh-tpm-agent releases now has a tarball with an accompanying signature. Please use this tarball inst...

GitHub
Paul MeyerMay 2

Physical security has become an important aspect of protecting confidential computing workloads. Physical access is typically excluded from hardware vendors' CVM attack models, leaving physical and relay attacks largely unaddressed.
Flashbots and Intel have each been working independently on solutions to help bridge this physical-access gap: https://writings.flashbots.net/mind-the-gap-tee-poc

#ConfidentialComputing #CloudSecurity #TPM

Mind the Gap - Where TEE Attestations Fall Short and Why Do TEEs Need Proof of Cloud | Flashbots Writings

Covering Proof of Cloud and motivating why it is needed and where it falls short and requires future extensions.

nikolMay 1

TPM Live: Gerrymandering and White Nationalism at the Supreme Court With Kate Riga and John Light - TPM โ€“ Talking Points Memo

https://talkingpointsmemo.com/edblog/supreme-court-vra-substack-live

#TPM #RobertsCourt #VRA #journalism #democracy

TPM Live

Kate Riga and I will discuss todayโ€™s Supreme Court ruling, the ominous...

TPM - Talking Points Memo
AskUbuntuApr 30

Ubuntu 26.04 installation experience #systeminstallation #activedirectory #tpm

https://askubuntu.com/q/1566284/612

Ubuntu 26.04 installation experience

I tried installation of both server and desktop installations today, both as VMs on Hyper-V. The experience couldnยดt be more different. I suspect it is because the installation is also a live exper...

Ask Ubuntu
Linux Renaissance PeerTubeApr 30

TPM Can Type Your Linux LUKS Password For You

https://watch.linuxrenaissance.com/w/bSaGD5RrZ8eHuaPEpeN1zD

TPM Can Type Your Linux LUKS Password For You

PeerTube
Linux Renaissance PeerTubeApr 30

Encrypt Silverblue Fedora With TPM-Powered LUKS

https://watch.linuxrenaissance.com/w/gMA1GUJbH5xdAxrsTUn8bW

Encrypt Silverblue Fedora With TPM-Powered LUKS

PeerTube