sharif456May 24

I built a universal silicon loader that runs on Apple A12+ DFU (no bootrom exploit exists), Qualcomm EDL, MediaTek BROM, and 8+ SoC families.

72KB. 20+ commands. USB4 80Gbps. ChaCha20/AES. Auto-watchdog disable. Auto-DFU boot.

Checkm8 died at A11. QSLCL works on A12-A18+ via RAM execution.

github.com/Sharif-bot-cmd/Quantum-Silicon-Core-Loader

19yo from Philippines. No team. Just code.

#infosec #reverseengineering #hardwaresecurity #jailbreak #dfu #exploitdevelopment #lowlevel #firmware #iossecurity #qualcomm #mediatek #applesecurity #cybersecurity #research

CyberNetsecIOApr 23

📰 UK's NCSC Launches 'SilentGlass' Hardware to Block HDMI-Based Cyber Espionage

🇬🇧 NCSC unveils 'SilentGlass', a new hardware device to stop cyber espionage via HDMI & DisplayPort cables. The plug-and-play tool acts as a data diode for video, blocking hidden data channels. 🛡️ #HardwareSecurity #NCSC #InfoSec

🔗 https://cyber.netsecops.io/articles/ncsc-unveils-silentglass-to-secure-hdmi-displayport-connections/?utm_source=mastodon&utm_medium=social&utm_campaign=twitter_auto

UK's NCSC Launches 'SilentGlass' Hardware to Block HDMI-Based Cyber Espionage

The UK's NCSC has developed 'SilentGlass,' a hardware security device that protects against cyberattacks through HDMI and DisplayPort connections by ensuring only video data is transmitted.

CyberNetSec.io
Stefan GastApr 14

Interesting work on AMD SEV-SNP by Benedict Schlüter, Christoph Wech and @Shweta: https://fabricked-attack.github.io/

By reconfiguring data fabric routing from the untrusted, hypervisor-controlled UEFI firmware, they redirect Platform Security Processor (PSP) memory accesses, compromising SEV-SNP initialization, particularly the Reverse Map Table (RMP).

#Fabricked #sevsnp #security #hardwaresecurity #confidentalcomputing

Fabricked: Misconfiguring Infinity Fabric to Break AMD SEV-SNP

Confidential computing allows cloud tenants to offload sensitive computations and data to remote resources without needing to trust the cloud service provider. Hardware-based trusted execution environments, like AMD SEV-SNP, achieve this by creating Confidential Virtual Machines (CVMs). With Fabricked, we present a novel software-based attack that manipulates memory routing to compromise AMD SEV-SNP. By redirecting memory transactions, a malicious hypervisor can deceive the secure co-processor (PSP) into improperly initializing SEV-SNP. This enables the attacker to perform arbitrary read and write access within the CVM address space, thus breaking SEV-SNP core security guarantees.

Fabricked
Analyst207Apr 13

Open-Source Silicon Initiative Aims to Bolster Hardware Trust

Imagine having a tiny chip inside your device that you can trust completely - one that's transparent, secure, and designed to put your mind at ease. The Baochip-1x, a groundbreaking open-source silicon project by Andrew Bunnie Huang, aims to provide just that, giving developers an affordable and security-focused solution…

https://osintsights.com/open-source-silicon-initiative-aims-to-bolster-hardware-trust?utm_source=mastodon&utm_medium=social

#OpensourceSilicon #HardwareSecurity #EmbeddedDevices #TrustedHardware #SupplyChain

Open-Source Silicon Initiative Aims to Bolster Hardware Trust

Learn how the Open-Source Silicon Initiative boosts hardware trust with secure, affordable chips, and discover the impact on device security, read more now.

OSINTSights
Hacker NewsApr 11

Investigating Split Locks on x86-64

https://chipsandcheese.com/p/investigating-split-locks-on-x86

#HackerNews #SplitLocks #x86_64 #CPUArchitecture #HardwareSecurity #TechInvestigation

Investigating Split Locks on x86-64

How bad are they, really? And how bad is the medicine?

Chips and Cheese
eShardMar 26

We're at SATC Conference in Houston, USA 🔬

#event #cybersecurity #hardwaresecurity

Subconscious ProxyMar 25

Critics call FCC router rule a ‘big swing’ that could create more supply chain uncertainty | CyberScoop
https://cyberscoop.com/fcc-bans-foreign-routers-critics-warn-about-supply-chain/

#Cybersecurity #InfoSec #FCC #SupplyChain #HardwareSecurity #NetSec #TechNews #NationalSecurity #MastodonAdmin

char (#4|2Mar 18

Caetra new release v1.2.0; added new shield that reacts when a webcam turns it on/off.

With this shield we are trying to avoid privacy leaks from you and others, among possible security visual breaches like harvesting information about your surroundings. Do not forget to cover your webcam with a nice cat sticker :3

https://github.com/carvilsi/caetra

#physicalSecurity #physicalAttacks #linuxhardening #hardwareSecurity #bpf #ebpF #bcc

GitHub - carvilsi/caetra: Linux Phisical Security based on eBPF

Linux Phisical Security based on eBPF. Contribute to carvilsi/caetra development by creating an account on GitHub.

GitHub
char (#4|2Mar 17

caetra new release v1.1.0; added new shield to react when the CD-DVD-ROM tray opens or closes.

https://github.com/carvilsi/caetra?tab=readme-ov-file#12-cd_dvd_rom

#physicalSecurity #physicalAttacks #linuxhardening #hardwareSecurity #bpf #ebpF #bcc

GitHub - carvilsi/caetra: Linux Phisical Security based on eBPF

Linux Phisical Security based on eBPF. Contribute to carvilsi/caetra development by creating an account on GitHub.

GitHub
Tobias ScheibleMar 16

Was für ein unbeschreibliches Gefühl! 📦📚

Nach über acht Monaten intensiver Arbeit, unzähligen Tassen Schwarztee und Club-Mate-Flaschen war es heute so weit: Der Postbote stand vor der Tür und überreichte mir die allerersten Autorenexemplare meines ersten eigenen englischsprachigen Buches!

„Hacking Hardware: The Practical Guide to Penetration Testing and Prevention” ist nun offiziell bei Rheinwerk Publishing in den USA erschienen. Es physisch in den Händen zu halten, durch die frisch gedruckten Seiten zu blättern und das eigene Cover zu sehen, ist ein absoluter Meilenstein für mich.

#HackingHardware #Pentesting #Cybersecurity #InfoSec #HardwareSecurity #RheinwerkPublishing #AuthorLife