Apple SEAR is hiring offensive security researchers!

We’re looking for talented researchers across multiple areas of security.

Check out the job description here:
https://jobs.apple.com/en-us/details/200623813-2911/offensive-security-researcher?team=SFTWR

If you’re interested in low level systems like RTOS, firmware, coprocessors, embedded components, or microkernels, my team would especially like to hear from you.

Feel free to reach out if you have any questions.

#infosec

"Challenges and Pitfalls while Emulating Six Current Icelandic Household Routers"

Evaluation of different tools for routers firmware emulation
(FACT, QEMU, EMUX, Qiling, Firmadyne, FAT, FirmAE, Pandawan, and EMBA)

https://skemman.is/bitstream/1946/50456/1/Challenges_and_Pitfalls_while_Emulating_Six_Current_Icelandic_Household_Routers.pdf

#cybersecurity #embedded

"My Emulation Goes to the Moon... Until False Flag" by Retooling

Exploring the re-implementation of APT41 Scatterbrain's obfuscation

https://retooling.io/blog/my-emulation-goes-to-the-moon-until-false-flag

#malware #cybersecurity

"Compromise of Fuse Encryption Key for Intel Security Fuses"

https://swarm.ptsecurity.com/last-barrier-destroyed-or-compromise-of-fuse-encryption-key-for-intel-security-fuses/

#infosec #intel

Beginners introduction to Fault Injection (voltage glitching) attacks (esp32)

https://security.humanativaspa.it/fault-injection-down-the-rabbit-hole/

#hardware #cybersecurity

Exploiting uc-httpd to achieve RCE

https://modzero.com/en/blog/roping-our-way-to-rce/

#infosec

"CTF" challenge introducing Linux kernel exploitation

https://gum3t.xyz/posts/a-gau-hack-from-euskalhack/

#infosec #Linux

Bypass Linux kernel isolation technique using BPF infrastructure

https://cs.brown.edu/~vpk/papers/epf.atc23.pdf

#Linux #cybersecurity

Bypassing UART protection in TL-WR841N home router

https://iotsrg.org/blog/unlocking-full-shell-functionality-uart-rx-mitigation-bypass-on-tl-wr841n

#iot #infosec

KernelSnitch: Generic software side-channel attack targeting Linux kernel data structures

https://lukasmaar.github.io/papers/ndss25-kernelsnitch.pdf

#infosec #Linux

PUMAKIT malware analysis (dropper, memory-resident executables, LKM rootkit module and a shared object userland rootkit)

https://www.elastic.co/security-labs/declawing-pumakit

#infosec #malware

Analysis of capabilities and communication channels used by IOCONTROL IoT/OT malware

https://claroty.com/team82/research/inside-a-new-ot-iot-cyber-weapon-iocontrol

#cybsersecurity

Bypass Linux kernel isolation technique by abusing the BPF infrastructure

https://cs.brown.edu/~vpk/papers/epf.atc23.pdf

#Linux #cybersecurity

Collection of write-ups, blog posts and papers related to cybersecurity, reverse engineering and exploitation

https://github.com/0xor0ne/awesome-list/blob/main/topics/cybersec.md

#infosec #cybersecurity

Creating Ghidra data types from header files

Part 1: https://medium.com/@clearbluejar/everyday-ghidra-ghidra-data-types-when-to-create-custom-gdts-part-1-143fe45777eb

Part 2: https://medium.com/@clearbluejar/everyday-ghidra-ghidra-data-types-creating-custom-gdts-from-windows-headers-part-2-39b8121e1d82

#ghidra #infosec

Exploiting Linux kernel io_uring subsystem (2022)

https://www.starlabs.sg/blog/2022/06-io_uring-new-code-new-bugs-and-a-new-exploit-technique/#unlinking-attack

#infosec #Linux

Great series on Linux privilege escalations

https://tbhaxor.com/linux-privilege-escalation/

#infosec #Linux

GreatiIntroduction to Adversarial Machine Learning Attacks

https://boschko.ca/adversarial-ml/

#infosec #machinelearning

Introduction to process injection in Linux

https://www.akamai.com/blog/security-research/the-definitive-guide-to-linux-process-injection

Credits Ori David

#infosec #linux

UART RX Mitigation Bypass on home routers (TL-WR841N)

https://www.iotsrg.org/blog/unlocking-full-shell-functionality-uart-rx-mitigation-bypass-on-tl-wr841n

#embedded #infosec