Olivia
Online
John Loucaides
@JohnLoucaides
SVP of Strategy at Eclypsium. Device security. Researcher. Borg. Views expressed here are my own.
Joined October 2016
343 Following
342 Followers
1K Posts
This one was instrumental for getting me interested in the space as well. Lots of stuff happened after this...
I'm trying to start a positive security trend of #ResearchRespect wherein we give shoutouts to researchers whose work we really respect and describe why. I'll go first (in no particular order) with "Attacking Intel BIOS" by Rafal Wojtczuk and @AlexTereshkin at BlackHat 2009
I'm trying to start a positive security trend of #ResearchRespect wherein we give shoutouts to researchers whose work we really respect and describe why. I'll go first (in no particular order) with "Attacking Intel BIOS" by Rafal Wojtczuk and @AlexTereshkin at BlackHat 2009
I’m glad this mentioned explicitly that it’s for the threat model of “Harvest Now, Decrypt Later”. Because until all the SecureBoot infrastructure is also post-quantum, the “attacker can sign arbitrary code for bootloader” attack assumption would still allow realtime coms capture
Lots of noise about `CVE-2024-21626 runc container escape`. As long as you have SELinux enabled, the container processes are blocked from reading sensitive data and writing all data. Podman enables SELinux by default and defaults to rootless mode.
Who to follow
Eclypsium
@eclypsium
A supply chain security platform that builds trust in every device.
Xeno Kovah
@XenoKovah
Interested in reverse engineering, firmware, bluetooth, trusted computing, and training. Founder of OpenSecurityTraining2 https://t.co/slK2fsMRwU
Mickey 
@HackingThings
Low hanging fruit maven. Cluster Head. Tweets are my own. https://t.co/NsUyMzcogk
If any random UEFI vendor wants to learn something from #LogoFAIL other than demanding 300+ days of embargoe that then gets broken by the very same vendor, let it be "we need to invest in exploitation prevention and hardening, because securing 10M+ LOC of C and ASL is impossible"
@dragosr @ryanaraine Standardization of system firmware has made attack reuse easier. (To be fair it made patching easier too) There are complications, sure, but for attackers, I would argue that system firmware attacks are actuality easier than many common attacks on browsers, OS components, etc.
@dragosr @ryanaraine We have definitely completed coordinated disclosure with patch and publication in 90 days for uefi. It's possible. Depending on how much the dependencies cascade, that can become too aggressive.
In my experience, 180 days is usually enough for these. 300 seems excessive.
We're excited to announce our collaboration w/@Intel to provide enhanced visibility into supply chains by integrating key supply chain & vulnerability insights from Intel’s Endpoint Cloud Services into Eclypsium's Infrastructure #SupplyChainSecurity suite! https://t.co/jLiyCOtsQk
.@JohnLoucaides, SVP Strategy at Eclypsium, joins us on the show to discuss protecting the federal supply chain! #vulnerability #DoDs #firmware
https://t.co/apsosAWoqz
How does this make you feel?
Like BIOSdisconnect before it, this allows attack code to download and run from the unmodified, legitimate updater. With so many update apps doing different things, it's very hard to be sure what to trust. Are you more secure updating frequently or tightly controlling updates?
This malware appears to target dell machines and hide with the dell update app (command).
🚨 Experts expose a year-long cyber operation targeting an East Asian IT firm, deploying custom #malware called RDStealer to compromise data and steal credentials.
Learn more: https://t.co/PJg0IUupxi
#cyberattack #hacking #cybersecurity #infosec
@eclypsium (and many others) has published about a lot of attacks targeting update apps. The recent issue with gigabyte is a different variation, though. This update app is installed by firmware and fails to secure what it downloads and runs.
I talked with @securityweekly recently about firmware security and #OST2. Thankfully Paul asked questions about how OST2 helps teach fwsec, when I went off into the weeds on fwsec, since it's something I like talking about
https://t.co/TcVjz9pf9f
@JohnLoucaides @guido_bertoni @KirkBrannock @securityweekly @eclypsium Good reference to learn more about Intel debug technology: https://t.co/kAIzGkLxo2
@guido_bertoni @jerry_Intel @KirkBrannock @securityweekly @eclypsium Reading tianocore and coreboot code also help, but not for everyone... ;-)
This is an extremely important fact relative to the recent breach and leak at MSI.
To be clear, Intel Boot Guard signing keys are generated/managed by each OEM independently.
@guido_bertoni Yeah. This is hard to piece together. This paper is a good start: https://t.co/GoKRsKPnHr
@jerry_Intel or @KirkBrannock may have other ideas.
@securityweekly has some episodes on it and @eclypsium will be publishing more about it too.
Last Seen Users on Sotwe
Gizliii
Seen from Turkey
Belén y Ezequiel 🇦🇷
Seen from Argentina
Erotizm ve estetik hastasıyım.
Seen from Turkey
الدلوعه
Seen from Egypt
قمر اليمن
𝙎𝙖𝙧𝙚𝙚 𝘼𝙚𝙨𝙩𝙝𝙚𝙩𝙞𝙘𝙨
Seen from Saudi Arabia
evana maria
Seen from Brazil
°🎀 ⋆ 𝑀𝒾𝓈𝓈 𝐸𝓁𝒾𝓍𝒾𝓇 ⋆🎀°
small dick
Seen from United States
Türbanlı sevenler
Seen from Turkey
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.5M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.7M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers