Collaborate Disseminate
It is necessary to read the UEFI firmware data directly from the BIOS chip at the ring -1 level (software implementation is needed), how is this best done? After reading the UEFI firmware data, the function of calculating the checksum of t… Continue reading How to read the UEFI firmware data from the BIOS chip directly? [closed]
I had written an OS installation image to USB to be launched on untrusted PC. Can the untrusted PC modify USB’s installation image, for example Windows 10 image, so that when I plug in the same USB to another computer, it may rewrite the f… Continue reading Can USB installation stick rewrite any firmware inside my PC?
Is it possible for an attacker to trigger a firmware download to another device by sending a malicious network packet that initiates a malicious download of a file that contains attacker controlled code for the firmware?
[Jeremy Weatherford] clearly has a knack for explaining projects well enough for easy reproduction but goes way further than most and has created a four-part YouTube series detailing every step …read more Continue reading Zero To Custom MacroPad In 37 Easy Steps
These days, when something electronic breaks, most folks just throw it away and get a new one. But as hackers, we prefer to find out what the actual problem is …read more Continue reading MOTU Audio Interface Resurrected After Some Reverse Engineering
Keeping your SSD firmware up to date can be beneficial, as it offers bug fixes, performance improvements, enhanced reliability, and so on. In this post, we will show you how to update SSD firmware on Windows 11/10. How to update SSD firmware on Windows… Continue reading How to update SSD firmware on Windows 11
I have been a long-time supporter of the Coreboot Project (especially the Skulls variant).
I am currently in search of a new desktop and wanted to ask if these FLOSS BIOS solutions (such as Coreboot/SeaBios) are actually more secure than U… Continue reading Are proprietary BIOS/UEFI solutions less secure than libre/open frameworks? [closed]
Users of Zyxel network-attached storage (NAS) devices are urged to implement hotfixes addressing a critical and easily exploited command injection vulnerability (CVE-2024-6342). About CVE-2024-6342 Zyxel NAS devices are generally used by small to mediu… Continue reading Zyxel fixes critical command injection flaw in EOL NAS devices (CVE-2024-6342)
Google’s adoption of memory safe programming languages now includes the deployment of Rust in legacy low-level firmware codebases.
The post Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws appeared first on SecurityWeek.
Continue reading Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws
Damn Vulnerable UEFI (DVUEFI) is an open-source exploitation toolkit and learning platform for unveiling and fixing UEFI firmware vulnerabilities. Simulate real-world firmware attacks DVUEFI was created to assist ethical hackers, security researchers, … Continue reading Damn Vulnerable UEFI: Simulate real-world firmware attacks