BINARLY🔬
@binarly_io
Followers
3,694
Following
366
Media
180
Statuses
1,318
⛓️Binarly is the world’s most advanced automated software supply chain security platform.
Santa Monica, CA
Joined May 2019
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
Butler
• 795154 Tweets
الهلال
• 654264 Tweets
#KadınaVeÇocuğaDokunma
• 305740 Tweets
#WWEBadBlood
• 203544 Tweets
Drew
• 99617 Tweets
#precure
• 88103 Tweets
Punk
• 75972 Tweets
Vandy
• 72743 Tweets
Carvajal
• 70580 Tweets
Phillies
• 67757 Tweets
Yankees
• 52703 Tweets
Bama
• 51122 Tweets
Vanderbilt
• 47799 Tweets
Dark MAGA
• 37397 Tweets
プリキュア
• 31863 Tweets
#UFC307
• 30808 Tweets
#仮面ライダーガヴ
• 30792 Tweets
Wheeler
• 25690 Tweets
Rhea
• 25580 Tweets
Saban
• 23592 Tweets
Goldberg
• 23227 Tweets
Finn
• 23098 Tweets
ワンダフル
• 19655 Tweets
Nashville
• 15157 Tweets
Hell in a Cell
• 15100 Tweets
Gunther
• 14862 Tweets
Ryan Williams
• 11774 Tweets
いろはちゃん
• 11104 Tweets
Ashton Jeanty
• 10707 Tweets
Last Seen Profiles
Pinned Tweet
🚨New! "PKFail: Untrusted Platform Keys Undermine Secure Boot on UEFI Ecosystem."
#PKfail
is a supply-chain issue affecting x86/ARM devices around the globe.
Blog:
Full report:
A free scanning tool:
4
67
92
🏆Our REsearch team is proud to have stepped onto the
@LABScon_io
keynote stage for the third year!
🔐Huge shoutout to our speakers,
@pagabuc
and
@matrosov
, who presented “
#PKFAIL
: Supply-Chain Failures in Secure Boot Key Management.”
🔥slides:
0
6
10
BINARLY🔬 Retweeted
Traditional static analysis tools will not help beyond simple SDLC cases. The CodeQL datalog approach is cool, but only a few people can develop valuable rules on it. Semgrep isn't very helpful beyond simple cases with its taint analysis limitations on C/C++ & performance issues.
2
5
10
BINARLY🔬 Retweeted
IDAlib is the first idiomatic Rust bindings library for
@HexRaysSA
IDA SDK, helping go beyond C/C++ or Python in RE automation. Huge thanks to
@xorpse
for making it happen! Binarly team ❤️ Rust 🙌
🛠️use idalib::idb::*;
🦀
1
19
60
Our REsearch team is thrilled about the new IDA v9.0!
#efiXplorer
is fully compatible with v9.0 and still supports IDA v8.4🚀
🔬
We are thrilled to announce IDAlib — idiomatic Rust bindings for the IDA SDK 🎉 Kudos to
@xorpse
!
⚙️
0
13
59
🔐Update on
#PKfail
! Our detection service has scanned over 10,336 unique firmware images and detected 869 impacted instances — that’s 8.4%!
All detected unique keys are now showcased on the service👇
0
6
10
BINARLY🔬 Retweeted
Good example of why your OOB management network that these BMC and IPMI interfaces are attached to is extremely security sensitive
3
11
30
BINARLY🔬 Retweeted
💥PoC is now public!
target = "
https://{ip_address}/cgi/login.cgi"
command = "touch /tmp/BRLY"
libc = 0x76283000 # we try to guess
gadget1 = 0x000D8874 # pop {r0, r1, r2, r3, fp, pc};
gadget2 = 0x001026D4 # mov r0, sp; blx r3;
system = 0x0003C4D4
2
86
248
🚨New! "CVE-2024-36435 Deep-Dive: The Year’s Most Critical BMC Security Flaw."
🔥Classic buffer overflow vulnerabilities resurface in BMCs, remotely opening the gates from the castle.
🏆Kudos to
@AlexTereshkin
for the initial discovery and disclosure!
1
36
90
BINARLY🔬 Retweeted
We're always on the hunt for innovative startups with game-changing solutions.
Check out the companies w/cutting-edge tech, making sure
@Cisco
customers have the best tools to stay ahead and discover new business opportunities.👇
🔗
#CiscoInvests
0
3
8
BINARLY🔬 Retweeted
Don’t miss your chance to be a part of such an amazing event focused on program analysis 🔬
0
7
17
BINARLY🔬 Retweeted
⛓️
@binarly_io
's
@matrosov
and
@pagabuc
unveiled PKFAIL, a critical firmware supply-chain issue affecting hundreds of devices due to vendors shipping default test keys.
#LABScon24
📄 Read more about their research in a blog post published the same day:
1
5
12
BINARLY🔬 Retweeted
NEW! Repeatable Failures: Test Keys Used to Sign Production Software…Again?
🔥Full details:
0
18
23
BINARLY🔬 Retweeted
Binarly researchers Alex Matrosov and Fabio Pagani with some fresh details on the PKfail supply chain exposure
@binarly_io
@matrosov
@pagabuc
0
8
30
NEW! Repeatable Failures: Test Keys Used to Sign Production Software…Again?
🔥Full details:
0
18
23
BINARLY🔬 Retweeted
We believe in giving back to the research community that drives progress! We are proud to support OpenSecurityTraining2 in advancing security education and knowledge sharing.
0
10
28
BINARLY🔬 Retweeted
🚨NEW: "PKfail Two Months Later: Reflecting on the Impact." by
@pagabuc
Based on data 📈
🖥️10,095 unique firmware images uploaded
🔥791 of which contained an untrusted PK
🛟9304 is safe
💥8.5% vulnerable rate
🔬Full report:
1
8
16