Olivia
Online
BlackCat
@B1ack3at
Research: Hardware - Kernel |
Interests: Malware, Browser, Pentest |
Current Study: UEFI, Linux, Embedded |
Joined May 2016
83 Following
82 Followers
38 Posts
Pinned Tweet
It's my first paper, and it contains my research on BOOTKITTY.
I’ll be presenting on August 12.
See you at USENIX!
https://t.co/yix4flj7HY
Single-stepping attack on TrustZone-M via interrupt-latency leakage (Usenix paper)
https://t.co/Y1e8PRK18s
#infosec
🔓 Heracles @acm_ccs'25: Breaking AMD’s Confidential Computing!
We show that the hypervisor can read and move hardware-encrypted memory on AMD SEV-SNP.
We build a chosen-plaintext oracle to leak kernel memory, auth keys, and cookies from "confidential" VMs
https://t.co/upHXpLqSeA
🚨Breaking AMD’s Confidential Computing (again!) — Meet RMPocalypse 🚨
Thrilled to share our 2nd paper at @acm_ccs 🎉
We break AMD SEV-SNP’s guarantees—with just one write!
Forge attestation & enable debug, with 100% success
👥Work with @BenedictSchluet
📄https://t.co/YhKS2jVQIi
First attack on the interconnect that breaks confidential computing: Fabricked.
A malicious hypervisor misconfigures the Infinity Fabric to gain arbitrary read/write access to AMD SEV-SNP CVMs. 100% success. Software-only.
See https://t.co/bnvgrY7s5F
#ConfidentialComputing #AMD
A video of our research engineer Matsuo's presentation at Black Hat USA 2025 is now live!
Presentation: https://t.co/aKBVtIIq7J
PoC: https://t.co/nqzbHuy7PA
https://t.co/tREkSMRKGV
#ffri_research #BHUSA
Today we reveal StackWarp: a new CPU vulnerability exploiting a synchronization bug in AMD’s stack engine across Zen 1–5 CPUs. It enables deterministic manipulation of Confidential VM's stack pointer, allowing RCE and privilege escalation via both control- and data-flow hijacking
https://t.co/tZ78SLEwOX
@pppp46497 I really enjoyed talking with you! Let's meet again sometime! ともだち 👊
I really enjoyed the two days at CODE BLUE 2025!
イ・ジュノ氏+ソ・ヒョナ氏
『BOOTKITTY: ブートキットからルートキットまでのマルチOS信頼チェーンの侵害』
https://t.co/P2mRqSNoxF
#codeblue_jp #codeblue2025
Exploiting Retbleed CPU vulnerability by @_MatteoRizzo and @theflow0
https://t.co/ENe7uXA4Ta
#infosec
We have an exciting piece of vulnerability research 🕵️♂️ to share, conducted in collaboration with external researchers from VU Amsterdam. Find out more about the L1TF vulnerability, a CPU vulnerability on some Intel CPUs (Skylake and older).
https://t.co/n6X5FoRJCR
Phoenix: Rowhammer Attacks on DDR5 with Self-Correcting Synchronization
https://t.co/tvwsu1FIwQ
#cybersecurity
I'm happy to present at CODE BLUE 2025!
It’ll cover the same topic as my USENIX WOOT talk(BOOTKITTY), but this time I’ll present deeper insights into the bootkit details I couldn’t share at WOOT.
See you at CODE BLUE!
https://t.co/fXGEu19Ew2
📢 📢 📢 Calling all vulnerability researchers interested in microcode!
Check out our blog post covering EntrySign, the AMD Zen microcode signature validation vulnerability recently discovered by the Google Security team.
https://t.co/gn4xvXwEsJ
Our latest post details how we exploited Retbleed (a CPU vulnerability) to compromise a machine from a sandboxed process and VM!
Curious? 👇
https://t.co/CSD8kdlBjD
#ESETresearch has discovered #HybridPetya ransomware on VirusTotal: a UEFI-compatible copycat of the infamous Petya/NotPetya malware. HybridPetya is capable of bypassing UEFI Secure Boot on outdated systems. @smolar_m https://t.co/UQAcC4O3Pu 1/8
Three part series on Insyde H2O SecureBoot bypass by @NikolajSchlej
Part 1: https://t.co/MoDNwdg3kK
Part 2: https://t.co/5u6D8J5wc5
Part 3: https://t.co/5u6D8J5wc5
#uefi #infosec
If you have any questions about BOOTKITTY, please feel free to contact me:
Discord: @b1ack3at
Email: [email protected]
I’m glad that my first academic conference presentation went well. It was truly a great experience.
Our team’s collective effort made it possible to submit our paper to WOOT ’25.
I would also like to thank Dr. JinHo Jung and Dr. HyungJun Koo for their guidance on the paper.
Last papers session "Exploit All the Things" (Chair: Cristine Hoepers)
- Soufian El Yadmani: SecurePoC—detecting malicious GitHub exploits
- Andrea Mambretti: SoK on kernel vuln discovery & auto exploit generation
- Junho Lee: BOOTKITTY—stealth bootkit-rootkit for modern OSes
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.3M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.8M followers
Lady Gaga
@ladygaga
72.4M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.9M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.5M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers