Matthias Deeg

@deeg
108 Followers
53 Following
86 Posts
Interested in IT and likes to see whether security assumptions in soft-, firm-, or hardware hold true when taking a closer look.
Websitehttps://deeg.xyz
Books Websitehttps://books.deeg.xyz
Twitterhttps://twitter.com/matthiasdeeg
Matthias DeegMar 3
Matthias KesenheimerMar 3
Hacking a Keyboard for Fun and Profit - Can It Run #Doom? https://blog.syss.com/posts/rog-azoth-will-it-run-doom/
Hacking a Keyboard for Fun and Profit - Can It Run Doom?

The Asus ROG Azoth is a high-end gaming keyboard built to be a bit smarter than normal keyboards. Solid tactile switches, fully customizable RGB lighting, and a crisp built-in OLED display put it a step above the usual. That little screen isn’t just for looks: It can show system stats, adjust lighting profiles, tweak volume, and act as a quick access hub for keyboard settings without touching your OS.

SySS Tech Blog
Matthias DeegMar 3

A new blog article titled "Hacking a Keyboard for Fun and Profit - Can It Run Doom?" by @mkesenheimer was published today.

If you want to read about some Asus ROG Azoth keyboard hacking, follow this link.

https://blog.syss.com/posts/rog-azoth-will-it-run-doom/

#hardware #hacking #keyboard

Hacking a Keyboard for Fun and Profit - Can It Run Doom?

The Asus ROG Azoth is a high-end gaming keyboard built to be a bit smarter than normal keyboards. Solid tactile switches, fully customizable RGB lighting, and a crisp built-in OLED display put it a step above the usual. That little screen isn’t just for looks: It can show system stats, adjust lighting profiles, tweak volume, and act as a quick access hub for keyboard settings without touching your OS.

SySS Tech Blog
Matthias DeegFeb 24

A short blog article titled "Why Regular Employees Should Not Boot Their Computers From External Media" by Micha Borrmann explains why boot restrictions for regular employees is a good idea.

https://blog.syss.com/posts/no-boot/

#cybersecurity #infosec

Why Regular Employees Should Not Boot Their Computers From External Media

In this blog article, we want to explain why regular employees should not be able to boot their work computers from external media, even if their devices are encrypted.

SySS Tech Blog
Matthias DeegFeb 24

Today, I've pulished a new proof of concept video on YouTube demonstrating how the UEFI boot password feature can be bypassed.

This security issue concerning Dell and HP computers was already published at the end of 2025 by my colleague Micha Borrmann in the two security advisories SYSS-2025-059 and SYSS-2025-060.

https://www.youtube.com/watch?v=oN1UZOanWEg

#infosec #cybersecurity

UEFI Boot Password Bypass

YouTube
Matthias DeegFeb 12

There is also a YouTube short demonstrating an attack against a vulnerable Linksys MX4200 router.

https://www.youtube.com/shorts/03DivoLmsTU

#cybersecurity #infosec #video

Hacking a Linksys Router Over the Internet

YouTube
Matthias DeegFeb 12

Today, a tech blog article by my colleague Christian Zäske titled "MeshHacks: Exploiting Linksys Intelligent Mesh from the Internet" concerning six security vulnerabilities in different Linksys routers was published.

https://blog.syss.com/posts/meshhacks/

#infosec #cybersecurity #hacking

MeshHacks: Exploiting Linksys Intelligent Mesh from the Internet

In this blog post, we describe multiple vulnerabilities we found in Linksys Wi-Fi routers, especially exploiting the “Intelligent Mesh™” functionality, which can be used to wirelessly link routers to act as a Wi-Fi mesh.

SySS Tech Blog
Matthias DeegFeb 8
jiska 🦄Feb 7

In this video, I'm analyzing a really confusing dialog on macOS. Let's dig a bit deeper into what it should do and what it's actually doing. #reverseengineering

https://youtu.be/P7hYg2GpsTk

Matthias DeegJan 28

Today, I have published a new video about browser swapping attacks, demonstrating and explaining a security issue in OAuth 2.0 that my colleague Jonas Primbs found.

https://www.youtube.com/watch?v=hDrfwKSUlvo

#infosec #cybersecurity #hacking #webdev

OAuth 2.0 Browser Swapping Attacks

YouTube
Matthias DeegJan 26
Gerhard KlostermeierJan 25

Had been some time since I did some work on #MifareClassicTool. Finally released a new version. You can now increase values of Value Blocks which only have decrement/transfer/restore permissions.

https://github.com/ikarus23/MifareClassicTool/releases/tag/v4.3.0

Release Version 4.3.0 · ikarus23/MifareClassicTool

This release will not be available via Google Play Google Play requires to target SDK 35+ (this version uses 34). The next version (4.3.1) will address this issue and be released soon. Changelog: ...

GitHub
Matthias DeegJan 25
Matthias KesenheimerJan 24

The Pico Glitcher is back in stock!
https://www.tindie.com/products/faulty-hardware/picoglitcher-v3/

Now featuring the Raspberry Pi Pico 2 with a higher clock rate, a better power supply and improved trigger inputs.

PicoGlitcher v3 by Faulty Hardware on Tindie

A device to carry out voltage glitching attacks against microcontrollers with a Raspberry Pi Pico

Tindie