Re-posting important Lectures and preserving them
While the intention is to cover a wide array of topics eventually.
For now, this channel is mostly dedicated to a more unknown and misunderstood category of exploiting computer systems: Device and Hardware Exploites. Mostly affiliated with state actors and nothing you should be worried about from a risk analyses and mitigation strategy. Whether you agree or not, the same mechanisms and vulnerability types have been exploited for decades.
Overall “company transparency”, “public disclosures” aren't made often for this class of exploits. Neither do the researchers like or allowed to fully share their findings. The rare news headlines and small articles by the related press mostly fail to deliver any useful details or info related to this category. But sometimes something comes out. And you see the same patterns and methods over and over again.
Here I try to shine a (boring) light on the exploits and try to provide you with publicly available info for you to analyse, test and (ab)use on your hardware(of course), to learn what might be going on.
General topics covered are.
- Hardware and firmware related vulnerabilities (Intel, AMD, Arm)
- UEFI and Firmware Exploits
- Rootkits, supply chain attacks (hardware and software or both), Pwning secure bootloaders, exfiltrating or leaking kernel data.
- Government, company and lazy programming caused backdoors.
- Other interesting stuff
I may also cover different topics I find intriguing.