![weber_daniel's tweet photo. We're [1] disclosing StackWarp, a CPU vulnerability allowing complete AMD SEV VM takeovers!
The project was lead by @Rayiizzz, who is also on the academic job market, so hit him up if u want research like this on your campus!
[1] @Rayiizzz, T. Hornetz, me, @fth0mas, @misc0110 https://t.co/d4YjswcdOi](https://pbs.twimg.com/media/G-ui-U8aQAAMWeL.jpg)
Olivia
Online
Daniel Weber
@weber_daniel
Microarchitectural Security | PhD Student @cispa | Stealing Flags for @saarsec
Joined November 2018
365 Following
512 Followers
167 Posts
Pinned Tweet
After an embargo of 256 days, I'm happy to reveal our newest work: we present TREVEX, a black-box CPU fuzzer that detects transient execution vulnerabilities in an automated manner. Running TREVEX on AMD, Intel, and Zhaoxin CPUs discovered multiple new CPU vulnerabilities!
Blog post about FP-DSS: https://t.co/rhONFaFSdG
Tool and code: https://t.co/IivTx5sE5d
TREVEX paper: https://t.co/qiDda4YvrN
AMD advisory (FP-DSS): https://t.co/VZ7KdvHeMz
AMD advisory (FPVI variant): https://t.co/coiqk4F4QJ
After an embargo of 256 days, I'm happy to reveal our newest work: we present TREVEX, a black-box CPU fuzzer that detects transient execution vulnerabilities in an automated manner. Running TREVEX on AMD, Intel, and Zhaoxin CPUs discovered multiple new CPU vulnerabilities!
I'm very happy how this project together with @fth0mas , @LTrampert , @Rayiizzz, and @misc0110 turned out!
Who to follow
Gururaj Saileshwar
@gururajS92
Assistant Professor at University of Toronto.
Research in Computer Architecture and Security.
Andreas Kogler
@0xhilbert
Security Researcher | Informatics PhD | Alumni @tugraz | Pwnie Award 2022 | BlackHat Speaker | Power Analysis | Fault Attacks | μ-Architectural Attacks
Soheil Khodayari
@Soheil__K
Security Researcher @CrowdStrike, Web, Program Analysis | Past: CISPA @IMDEA_Software.
More Info + Exploits: https://t.co/dl3aMYFthJ
AMD's Fix: https://t.co/4azlSV1iXB
For more details on the discovery process and our findings, we refer to our research paper, which is published at USENIX Security 2026.
paper: https://t.co/Z8ozxKUqIv
github: https://t.co/9guHTl8lDu
\cc Tristan Hornetz, @weber_daniel, @fth0mas, @misc0110
Today we reveal StackWarp: a new CPU vulnerability exploiting a synchronization bug in AMD’s stack engine across Zen 1–5 CPUs. It enables deterministic manipulation of Confidential VM's stack pointer, allowing RCE and privilege escalation via both control- and data-flow hijacking
@LTrampert @jovanbulck @misc0110 Using Athena, you can create PoC attacks without needing to care about your target's implementation or memory layout!
Paper: https://t.co/RXilMbSnWk
Code: https://t.co/do4PZTpAoR
PS: I'm available for hire soon, so ping me if you're at USENIX and know exciting opportunities!
Thrilled to present our (Lukas G., @LTrampert ,Youheng L, @jovanbulck ,@misc0110) newest paper ("SCASE: Automated Secret Recovery via Side-Channel-Assisted Symbolic Execution") at #USENIX Security this week!
1/n
@LTrampert @jovanbulck @misc0110 Automation is the key to further bridge the gap between academic research and practical side-channel attacks! Thus, we automate side-channel attacks by leveraging a symbolic execution engine.
@LTrampert and I just gave a talk at Black Hat Asia showing how CSS can be abused to deanonymize you when opening an email!
cc: @BlackHatEvents #BHASIA25
Heading to Black Hat Asia now! @LTrampert and I will give a briefing about deanonymizing users not only on the web but also in their email clients! #BHASIA
Here comes another fantastic talk—get ready!
"Beauty at a Cost: Privacy Implications of CSS on the Web and in Emails.“ by @LTrampert and @weber_daniel.
🌐 #RuhrSec Website
https://t.co/JmInxVVm6o
📖 RuhrSec Program
https://t.co/9WEuzGwD0q
#itsecurity #itsicherheit
https://t.co/JE68XbHamM
Our newest research project is finally public! We can load malicious microcode on Zen1-Zen4 CPUs!
@____salmon____ @jan__reineke @misc0110 @CISPA In "No Leakage Without State Change", we propose to shift away from monitoring entire systems for malicious processes towards enabling high-profile processes to monitor their own behavior to detect the influences of microarchitectural attacks.
Details: https://t.co/HYlfOdDwSn
Super excited to present our (L. Niemann, @____salmon____, @jan__reineke, @misc0110) newest paper at #ACSAC2024! We show how modern CPU hardware can be leveraged to stop side-channel attacks almost instantly (~200 CPU cycles)!
Code/Paper: https://t.co/EEBfQ3uFTC
The first #ACSAC2024 #PaperPreview today is by Weber et al., who show that HW features can be used to stop #SideChannel #attacks almost immediately by monitoring the victim: https://t.co/rlSGoFl6su
#cybersecurity
@weber_daniel @____salmon____ @jan__reineke @misc0110 @cispa
Last Seen Users on Sotwe
Arzular Şelale
Seen from Turkey
Yusif
crotdidalem
Seen from Malaysia
فحل زوجتك
Seen from Algeria
AdaniiYourDaddy😈👄
Seen from Malaysia
Basoka
Seen from Indonesia
肥肥肥海
Seen from Japan
آلُـِـِِـِِِـِِـِـڛـ,ـفُـ,ـآحـًـًًـًًًـًًـًـح
Seen from Switzerland
🔞Andrajosa🎪 Working on COMMS!✍️✨
Seen from Canada
MERTUA IDOLAKU
Seen from Singapore
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers