Olivia
Online
Vijay Sarvepalli
@vijaycert
Keep life chaotic.
Arlington, VA
Joined July 2013
81 Following
118 Followers
423 Posts
@gunsnrosesgirl3 probably mole carbs - also known as sand crabs
@MasterChiefEng It is a different Vijay Sarvepalli.. not me. perhaps - https://t.co/05wCRTH4bI ?
The SEI's CERT Division has released a new vulnerability note: Multiple deserialization vulnerabilities in PyTorch Lightning 2.4.0 and earlier versions. Learn more ➡️
https://t.co/xryQcnUELt
Here is another #UEFI vulnerability that takes months to coordinate. UEFI blocking DBX updates are still trickling in - most Linux and Windows users, trusting SecureBoot, are currently vulnerable. Digitally signing supply-chain is another major gap in our UEFI 5 recommendations
#ESETresearch discovered and reported to @certcc a vulnerability that allows bypassing UEFI Secure Boot on most UEFI-based systems. This vulnerability, #CVE-2024-7344, was found in a UEFI app signed by Microsoft’s 3rd-party UEFI certificate. @smolar_m https://t.co/9P3HZ8JvgC 1/4
In the upcoming #UEFIForum webinar “Coordinating #UEFI Vulnerabilities as CERT/CC,” @CarnegieMellon will provide practical steps when coordinating UEFI vulnerabilities. Join us for the webinar on Nov. 21 at 8 a.m. PT: https://t.co/CFbzuWwkcw
@evilsocket This is so broken disclosure. I don't think @evilsocket knows anything about responsible disclosure. https://t.co/wpbRQol9wk https://t.co/KidxQD3ee1
@evilsocket Have you tried CERT/CC https://t.co/hNHwwiMbdH ?
@binitamshah Is there a RCE POC? the POC is all crash so far. May be you are able to write one?
Trying to find #pkfail in our servers -found one!
vijay@thinkserver-TS$ efi-readvar -v PK
Variable PK, length 862
PK: List 0, type X509
Signature 0, size 834, owner 26dc4851-195f-4ae1-9a19-fbf883bbb35e
Subject:
CN=DO NOT TRUST - AMI Test PK
Issuer:
CN=DO NOT TRUST - AMI Test PK
🚨New! "PKFail: Untrusted Platform Keys Undermine Secure Boot on UEFI Ecosystem."
#PKfail is a supply-chain issue affecting x86/ARM devices around the globe.
Blog:
https://t.co/X3RaVzDWGk
Full report:
https://t.co/BrzDzd5D4L
A free scanning tool: https://t.co/fSqeVlxxT7
@NikolajSchlej Thanks for your work in FWSEC and your love/care for your parents! Safe travels..
"we are repeating the same mistakes that we did in the past, We decided at some point it is super convenient to mix code and data... we are mixing code and data that we send to these AI systems.... that are under the control of the user." Dr. Daniel Gruss https://t.co/J60kKeFBLx
Intel Hardware Shield deep dive: part 2 is SMM security policy reporting (ISSR, aka PPAM) and interaction with Windows' Secure Launch.
https://t.co/tnMMtdtdH1
Another fascinating piece of technology! I have wanted to review this for a while and am glad I have spent time for it.
Here #UEFI SHIM related story has started. What happens when there is a bootloader vulnerability that is part of shim. https://t.co/TSkXXQ1MWU
#UEFI security updates tricking in.. https://t.co/mfmIlrfyL7 "or later"...
@trailofbits Quality work by @trailofbits - thanks for their responsible disclosure and working with a number of Vendors.
@quarkslab published their years worth of hard research work https://t.co/tJ89SWPbqU #UEFI reference implementation vulnerabilities.
This is some smoking good quality research on the zero-click adventures against iPhone.
This iMessage exploit is crazy. TrueType vulnerability that has existed since the 90s, 2 kernel exploits, a browser exploit, and an undocumented hardware feature that was not used in shipped software:
https://t.co/YJdY6alLbV
@albinowax Congrats James!
Last Seen Users on Sotwe
Naked handyman Nottingham 🇬🇧 ✂️
Seen from Mexico
adam305
Seen from United States
SUKA_IBU-IBU_STW_GENDUT_U40
Seen from Indonesia
Sen ben
Seen from Turkey
ชอบเย็ดรุ่นป้า รุ่นแม่ รุ่นเจ๊ 30+40+50+
Seen from Thailand
秀人网模特汇
Seen from Japan
An Tam Nguy
Seen from Vietnam
Office Slut
Seen from Turkey
👑 الفيصل 💚 
Seen from Netherlands
CuM DocToR
Seen from Turkey
Most Popular Users
Elon Musk
@elonmusk
240.4M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.4M followers
Taylor Swift
@taylorswift13
81.2M followers
Lady Gaga
@ladygaga
72.7M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.4M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.1M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.5M followers