Reminder: OSFF ByteTalks Vol. 1 "Intel FSP Customization - Remove non mandatory components in the Intel FSP" is happening Thursday: 9.00am PT, 6pm CET, 10.30pm IST. Check out all the details here: osfw.foundation/events/bytetal…

vincent zimmer and Subrata Banik talking about "Intel FSP Customizations" live now on Open Source Firmware Foundation ByteTalks. Join in via osfw.foundation/events/bytetal… or watch the recording later on!

Today there will be a public OSFF call. If you like to join in, check out the details at osfw.foundation/events/public-… See you there!

Proud of the team! We deployed generic IFUNC implantation detection in less than 24 hours with close to zero false positives. This demo shows our binary code intelligence engine in action by detecting the implantation of a backdoor in the crc64_resolve() function. This

Two more days until Volume 2 of OSFF ByteTalks. This time we invited Daniel Maslowski aka CyReVolt 🐢, and he introduces us into the topic: "From Hardware Design to Rich OS with No Code". Mark it in your calendars, May 2nd, 09.00AM PT, 06.00PM CET, 10.30PM IST More infos: osfw.foundation/events/bytetal…

We had an incredible time at #RSAC with the @Binarly_io team! 🤙 This year's RSAC demonstrated how AI is swiftly adding layers of complexity to all existing software stacks, thrusting supply chain security into the spotlight. New types of threat actors who defy conventional TTPs

The state of the system firmware security requires a significant secure-by-design push. 🔥BRLY-DVA-2023-027: AMI SMM arbitrary code execution CVSS: High github.com/binarly-io/Vul… 🔥BRLY-DVA-2023-028: AMI SMM memory corruption vulnerability CVSS: High github.com/binarly-io/Vul…

#Scholarships available! #OSFC2024 💪 You still have time to apply for our scholarship program. Attendee Scholarship: bit.ly/OSFC24SCHOLARS… And in the #CFP application process you can find more information about the speaker scholarship program: talks.osfc.io/osfc-2024/

A few days left to submit your talk for #OSFC2024 talks.osfc.io

"PKFAIL: Supply-Chain Failures in Secure Boot Key Management" -- coming to @LABScon_io 🎉 👏Kudos to Binarly REsearch Team! /cc Fabio Pagani Alex Matrosov Something in the air, stay tuned🍿

🚨New! "PKFail: Untrusted Platform Keys Undermine Secure Boot on UEFI Ecosystem." #PKfail is a supply-chain issue affecting x86/ARM devices around the globe. Blog: binarly.io/blog/pkfail-un… Full report: …222483.fs1.hubspotusercontent-na1.net/hubfs/22222483… A free scanning tool: pk.fail

Try risk.binarly.io Risk scanner based on the same Binary Intelligence engine as our Transparency Platform.

It’s happening now, you have a chance to catch #PKfail and #LogoFAIL stickers 🤘

The question is whether this key is reused (like the Intel Boot Guard story) across the Intel ecosystem or rotates per CPU generation or product line🍿 Confidential computing? 🔥

🚨 #PKfail has been assigned CVE-2024-8105. Today, CERT/CC also published VU#455367: kb.cert.org/vuls/id/455367 Full story: binarly.io/pkfail Detection tool: risk.binarly.io youtube.com/watch?v=CveWt3…

We believe in giving back to the research community that drives progress! We are proud to support OpenSecurityTraining2 in advancing security education and knowledge sharing.

🎉 The all-new Binarly Transparency Platform v2.5 introduces Reachability Analysis to help security teams prioritize vulnerabilities by analyzing the potential reach and impact of exploitable code paths. A game-changer in software security! binarly.io/blog/introduci…

Vendors often emphasize their strong commitment to vulnerability resilience and a secure-by-design philosophy. However, achieving these goals is incredibly challenging when you don’t have control over the entire ecosystem and simply build on top of it.