Olivia
Online
Alexander Ermolov
@flothrone
Security researcher, team lead & speaker. Low-level design, firmware and system software. Fuzzing & testing automation for CI/CD pipelines.
Joined July 2017
130 Following
1.3K Followers
617 Posts
Bug count != exploitable bug. Finding != chaining.
LLMs are exceptional at pattern recognition on known bug classes. They are not reasoning about novel failure modes in complex multi-component systems.
The hard bugs still require humans. https://t.co/RISinVDT3d
New blog post: exploring NVIDIA’s open-source GPU drivers.
Kernel modules, IOCTL attack surface, mmap primitives, UVM internals, and CPU↔GPU interactions (pushbuffers → firmware).
Not just graphics: a large, exposed kernel surface.
https://t.co/2LO5vVXdM0
Don't want to cry wolf just yet, but this magenta-boxed part of LOTS of Insyde H2O-based UEFI FWs is highly suspicious, even if they are currently empty.
Neither BootGuard nor FlashDeviceMap covers those volumes, and presence of PEI deps section suggests they are processed.
Intel SGX has fallen! Its most important key is in our hands: we extracted the Global Wrapping Key from an instance of the Intel Gemini Lake platform
Who to follow
Mark Ermolov
@_markel___
I research security of Intel platforms. I don't work for Intel
Julien Vanegue
@jvanegue
CTO Office / Head of Infra & Security Research @Bloomberg. Interested in mathematical techniques for software, systems, and network analysis at world scale.
Alex Matrosov 
@matrosov
Security REsearch @Anthropicai · Breaking & Fixing AI Failure Modes | Founder @binarly_io · @SBOM_Tools · @REhints | Author “Rootkits & Bootkits" (https://t.co/1wd2dfYHY6)
Slides and demos for our @REverseConf talk by @francesco_ev and @xorpse are up! If you missed the conference, now's you're opportunity to take a look at the talk content and demos.
Slides & demos: https://t.co/B97vstMQEZ
VulHunt framework: https://t.co/L6vwhyR9kH
We @binarly_io just open-sourced our VulHunt framework at @REverseConf!
GitHub: https://t.co/G7bRkP81Gu
Documentation: https://t.co/LSNxpHXGNj
Slack: https://t.co/RMFggNV9sM
https://t.co/recuxjHJZh
I'm pleased to announce a new release of the Rust bindings for @HexRaysSA IDA SDK! This release includes v9.3 compatibility.
Code: https://t.co/4wnfZvRXIH
Docs: https://t.co/nrIyNLv0Kg
Thank you to @yeggorv who contributed to this release, and to @HexRaysSA for their support.
Published my OFFZONE 2025 presentation slides (in Russian) on GitHub: https://t.co/xoPNdCgKv8
Had a great time at the conf, kudos to https://t.co/JH7qp0fcCW and other sponsors and crew members for organizing and running it.
🔍 Full paper:
📄 https://t.co/DqAeEiBzhr
💻 https://t.co/wvliSHIDvx (coming soon)
📢 USENIX Security 2025
Authors: @hdtuanss , @ohtaekk_ , @cheoljun_p, @insu_yun , @yongdaek
#LLFuzz #BasebandSecurity #Fuzzing #CyberSecurity #USENIXSecurity
ZeroNights CFP is open 🔥
Long time no see. ZN will take place on Nov 26, 2025 https://t.co/eU1fKt0H0V
The program committee is accepting talks in Offensive and SecOps tracks, rewarding exclusive in-person presentations
Submit https://t.co/jsjBKJ1wJI
@cfptime
Published the third part of my blog series about Hydroph0bia (CVE-2025-4275) vulnerability, this one is about the fix as Insyde applied it, and my thoughts on improvements for it.
https://t.co/vEIkUNH3Ey
Preliminary analysis shows that Insyde fixed Hydroph0bia (CVE-2025-4275) by forcefully removing the NVRAM vars that lead to exploitation during SecureFlashDxe driver startup, and setting a restrictive variable policy for them, so such vars can't be set from the OS anymore.
Published, go check it out, it is a fun ride indeed:
https://t.co/nkk0WkIzFt
Part 3 will be done when I see how Insyde fixed the vulnerability and if we could do something about that fix.
🚨Binarly is documenting the discovery of CVE-2025-3052, a memory-corruption flaw in a Microsoft-signed UEFI module that lets attackers bypass Secure Boot and run unsigned code before the OS starts.
🔗 Full details: https://t.co/mFUeMjEhhr
🛡️ Advisory: https://t.co/dMpzoYgyIr
The embargo (12:00 UTC 2025-06-10) is over, let's start a thread on Hydroph0bia (CVE-2025-4275), a trivial SecureBoot and FW updater signature bypass in almost any Insyde H2O-based UEFI firmware used since 2012 and still in use today.
English writeup: https://t.co/DYLj3oBDkg
Together with @AlexTereshkin we managed to summarize NVIDIA Offensive Security Research (OSR) work on breaking BMC (reference to our DefCon talk https://t.co/4VBhcLhcUa). This blog post also includes a link to the full paper.
We're are happy to announce a new release of our #Rust bindings for @HexRaysSA idalib.
What's new:
- New APIs for working with IDBs, segments, and more
- Rust 2024 support
- New homepage: https://t.co/m3dJuKWdfr
H/T to our contributors @yeggorv & @0xdea
https://t.co/BVvdGP1L7X
Gave a talk on external fuzzing of Linux kernel USB drivers with syzkaller at SAFACon by @SAFATeamGmbH.
Includes a demonstration of how to rediscover CVE-2024-53104, an out-of-bounds bug in the USB Video Class driver.
Slides: https://t.co/ca479wDoRV
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers