Alex Matrosov
@matrosov.bsky.social
Reposted by Alex Matrosov
It's awesome to see companies like @binarly.bsky.social helping support OST2 so it can keep bringing free training to the world! (This could/should be your company too! :))
We are happy to announce that @binarly.bsky.social has renewed their 🥇Gold-level sponsorship of #OST2!
Learn more about what they do in firmware & supply chain security here: ost2.fyi/Sponsor_Bina...
Learn more about what they do in firmware & supply chain security here: ost2.fyi/Sponsor_Bina...
November 3, 2025 at 11:59 AM
It's awesome to see companies like @binarly.bsky.social helping support OST2 so it can keep bringing free training to the world! (This could/should be your company too! :))
This research demonstrates how easily full persistence can be achieved on Supermicro BMC, allowing complete takeover of the server.
- CVE-2025-7937: bypassed “fix” for CVE-2024-10237.
- CVE-2025-6198: Supermicro RoT bypass.
www.binarly.io/blog/broken-...
- CVE-2025-7937: bypassed “fix” for CVE-2024-10237.
- CVE-2025-6198: Supermicro RoT bypass.
www.binarly.io/blog/broken-...
September 24, 2025 at 9:23 PM
This research demonstrates how easily full persistence can be achieved on Supermicro BMC, allowing complete takeover of the server.
- CVE-2025-7937: bypassed “fix” for CVE-2024-10237.
- CVE-2025-6198: Supermicro RoT bypass.
www.binarly.io/blog/broken-...
- CVE-2025-7937: bypassed “fix” for CVE-2024-10237.
- CVE-2025-6198: Supermicro RoT bypass.
www.binarly.io/blog/broken-...
Reposted by Alex Matrosov
Another Crack in the Chain of Trust: Uncovering (Yet Another) #secureboot Bypass
https://www.binarly.io/blog/another-crack-in-the-chain-of-trust
https://www.binarly.io/blog/another-crack-in-the-chain-of-trust
Another Crack in the Chain of Trust: Uncovering (Yet Another) Secure Boot Bypass
Comments
www.binarly.io
June 11, 2025 at 5:13 AM
Another Crack in the Chain of Trust: Uncovering (Yet Another) #secureboot Bypass
https://www.binarly.io/blog/another-crack-in-the-chain-of-trust
https://www.binarly.io/blog/another-crack-in-the-chain-of-trust
Reposted by Alex Matrosov
#hydroph0bia (CVE-2025-4275) - a trivial #secureboot bypass for UEFI-compatible firmware based on Insyde #h2o, part 1
https://coderush.me/hydroph0bia-part1/
https://coderush.me/hydroph0bia-part1/
Hydroph0bia (CVE-2025-4275) - a trivial SecureBoot bypass for UEFI-compatible firmware based on Insyde H2O, part 1
coderush.me
June 11, 2025 at 5:53 AM
#hydroph0bia (CVE-2025-4275) - a trivial #secureboot bypass for UEFI-compatible firmware based on Insyde #h2o, part 1
https://coderush.me/hydroph0bia-part1/
https://coderush.me/hydroph0bia-part1/
Reposted by Alex Matrosov
We're are happy to announce a new release of our #Rust bindings for idalib.
What's new:
- New APIs for working with IDBs, segments, and more
- Rust 2024 support
- New homepage: idalib.rs
H/T to our contributors @yeggor.bsky.social & @raptor.infosec.exchange.ap.brid.gy
github.com/binarly-io/i...
What's new:
- New APIs for working with IDBs, segments, and more
- Rust 2024 support
- New homepage: idalib.rs
H/T to our contributors @yeggor.bsky.social & @raptor.infosec.exchange.ap.brid.gy
github.com/binarly-io/i...
GitHub - binarly-io/idalib: Idiomatic Rust bindings for the IDA SDK, enabling the development of standalone analysis tools using IDA v9.x’s idalib
Idiomatic Rust bindings for the IDA SDK, enabling the development of standalone analysis tools using IDA v9.x’s idalib - binarly-io/idalib
github.com
May 21, 2025 at 10:28 PM
We're are happy to announce a new release of our #Rust bindings for idalib.
What's new:
- New APIs for working with IDBs, segments, and more
- Rust 2024 support
- New homepage: idalib.rs
H/T to our contributors @yeggor.bsky.social & @raptor.infosec.exchange.ap.brid.gy
github.com/binarly-io/i...
What's new:
- New APIs for working with IDBs, segments, and more
- Rust 2024 support
- New homepage: idalib.rs
H/T to our contributors @yeggor.bsky.social & @raptor.infosec.exchange.ap.brid.gy
github.com/binarly-io/i...
Reposted by Alex Matrosov
April 29, 2025 at 5:28 PM
Reposted by Alex Matrosov
In case you missed it from #LABScon24: BINARLY’s @matrosov.bsky.social and @pagabuc.bsky.social reveal their research into a firmware supply-chain security issue that affected major device vendors and hundreds of models, PKfail.
📺 Watch the full video: s1.ai/PKfail
📺 Watch the full video: s1.ai/PKfail
December 13, 2024 at 9:48 PM
In case you missed it from #LABScon24: BINARLY’s @matrosov.bsky.social and @pagabuc.bsky.social reveal their research into a firmware supply-chain security issue that affected major device vendors and hundreds of models, PKfail.
📺 Watch the full video: s1.ai/PKfail
📺 Watch the full video: s1.ai/PKfail