🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

The first ever end-to-end cross-process Spectre exploit? I worked on this during an internship with grsecurity! An in-depth write-up here: grsecurity.net/cross_process_…

After a long hiatus, it looks like I can finally hire a summer intern. While I have a couple of problems in mind, I always try to stay open to new ideas. (1/4)

💡 Michele Marazzi found that existing studies could contain errors as high as 175x 😲 estimating the impact of the proposed changes in #DRAM design, highlighting a critical gap in understanding 👉 hardwear.io/netherlands-20… #hw_ioNL2024

hardwear.io With the help of great collaborators! Please check the full project at comsec.ethz.ch/research/dram/…

In less significant news, we have an open PhD position in COMSEC at ETH. We like low-level hw/sw with a security twist (think CPU/DRAM/RTL/browser/kernel). If you enjoy collaboration and want to see how deep the rabbit hole goes, send us your application! jobs.ethz.ch/job/view/JOPG_…

amd.com/en/resources/p…

1996: "Smashing The Stack For Fun And Profit" was published in the hacker zine, Phrack. The article by Elias Levy (aka Aleph One) introduced many to stack buffer overflow vulnerabilities and how to exploit them.

Got some negative or unrealistic threat model results that still bring interesting insights? A side channel that requires root to leak something from the kernel? Reproducing prior work? Somewhat related to microarchitecture? Here's your venue: uasc.cc

welp, it looks like an OEM leaked the patch for "AMD Microcode Signature Verification Vulnerability" 🔥 The patch is not in linux-firmware, so this is the only patch available😡

github.com/google/securit… Our newest research project is finally public! We can load malicious microcode on Zen1-Zen4 CPUs!

Here are the details about the AMD Signature verification vulnerability we worked on, Enjoy! bughunters.google.com/blog/542484235…

🔨 Posthammer (USENIX Sec '25) brings Rowhammer back in the browser! What if visiting a website was enough to trigger a Rowhammer attack? Posthammer shows how to bring non-uniform Rowhammer patterns into the browser. More information: 📄comsec.ethz.ch/posthammer

Spectre v2 is back again! Disclosing "Training Solo": 3 new self-training attack classes, 2 end-to-end exploits, and 2 new hardware issues that break domain isolation even when implemented perfectly. Joint work by Sander Wiebing Cristiano Giuffrida: vusec.net/projects/train…

long embargo, but there is a demo with good music at least: youtu.be/jrsOvaN7PaA

Happy to announce that the paper about IBPB problems that included the first real cross-process Spectre exploit just got a distinguished paper award at IEEE S&P! Dr. johannes now has two of these awards in his thesis. What will he do next?!

The recording of our OffensiveCon presentation about EntrySign is live! youtu.be/sUFDKTaCQEk Slides at entrysign.top Eduardo Vela spq

I am chairing the second edition of the microarchitecture security conference (uASC'26). Paper deadline for the first cycle is July 15. Please spread the word, submit, and/or join us in charming Leuven in February 2026! More info: uasc.cc

🚨 New Rowhammer paper 🔨 Our latest work McSee reveals that Intel & AMD CPUs don't use DDR5's RFM cmds 🚫 and Intel uses pTRR on client CPUs 💥 Meet McSee, our oscilloscope-based platform that exposes hidden DDR4/5 behaviors 🧐 👉 comsec.ethz.ch/mcsee #Rowhammer #Security

Join the Graz Security Week from Sep 1 to 5! with Sahar Abdelnabi 🕊 (on 🦋), Jo Van Bulck, Maria Eichlseder, Georg Fuchsbauer, David Oswald, Fabio Pierazzi, Kav, Christian Rossow (@[email protected]), Yang Zhang on topics system security, side channels, AI Security, and Cryptography: securityweek.at