North Korean Hackers Target Cybersecurity Researchers with Trojanized IDA Pro

Lazarus, the North Korea-affiliated state-sponsored group, is attempting to once again target security researchers with backdoors and remote access trojans using a trojanized pirated version of the popular IDA Pro reverse engineering software. The findings were reported by ESET security researche...

Hacking the Sony Playstation 5

I just dont think its possible to create a hack-proof computer system, especially when the system is physically in the hands of the hackers. The Sony Playstation 5 is the latest example: Hackers may have just made some big strides towards possibly jailbreaking the PlayStation 5 over the weekend,...

Boston Scientific ZOOM LATITUDE Programmer/Recorder/Monitor (PRM) Model 3120 Encryption Error Vulnerability

The Boston Scientific ZOOM LATITUDE Programmer/Recorder/Monitor PRM Model 3120 is a portable cardiac rhythm management Crm programming system from Boston Scientific, Inc. The Boston Scientific ZOOM LATITUDE Programmer/Recorder/Monitor PRM Model 3120 is vulnerable to an encryption error that could...

Extracting type information from Go binaries

During the 2021 edition of the SAS conference, I had the pleasure of delivering a workshop focused on reverse-engineering Go binaries. The goal of the workshop was to share basic knowledge that would allow analysts to immediately start looking into malware written in Go. A YouTube version of the...

nightmare

This is a course on binary exploitation and reverse engineering, specifically targeting Linux systems. The course is designed to be a comprehensive guide to learning binary exploitation and reverse engineering, with a focus on hands-on exercises and real-world examples. The course covers a range ...

Hardcoded credentials

An attacker with physical access to Boston Scientific Zoom Latitude Model 3120 can remove the hard disk drive or create a specially crafted USB to extract the password hash for brute force reverse engineering of the system password...

CVE-2021-38400 Use of Password Hash with Insufficient Computational Effort for Boston Scientific Zoom Latitude

An attacker with physical access to Boston Scientific Zoom Latitude Model 3120 can remove the hard disk drive or create a specially crafted USB to extract the password hash for brute force reverse engineering of the system password...

CVE-2021-38400

CVE-2021-38400 affects Boston Scientific ZOOM LATITUDE Programmer/Recorder/Monitor (PRM) Model 3120. Vulnerability: password hash stored/used with insufficient computational effort, allowing a physically proximate attacker with access to remove the device’s hard drive or craft a USB to extract th...

CVE-2021-38394 Missing Protection against Hardware Reverse Engineering Using Integrated Circuit Imaging Techniques for Boston Scientific Zoom Latitude

An attacker with physical access to the device can extract the binary that checks for the hardware key and reverse engineer it, which could be used to create a physical duplicate of a valid hardware key. The hardware key allows access to special settings when inserted...

CVE-2021-38394

CVE-2021-38394 pertains to Boston Scientific ZOOM LATITUDE Programmer/Recorder/Monitor Model 3120. The EUVD/CNNVD and ICS-CISA sources in the connected set describe a vulnerability: missing protection against hardware reverse engineering using IC imaging techniques, enabling an attacker with phys...

efiXplorer - IDA Plugin For UEFI Firmware Analysis And Reverse Engineering Automation

efiXplorer - IDA plugin for UEFI firmware analysis and reverse engineering automation Supported versions of Hex-Rays products: everytime we focus on last versions of IDA and Decompiler because we try to use most recent features from new SDK releases. That means we tested only on recent versions o...

Fedora: Security Advisory for radare2 (FEDORA-2021-d206891379)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for iaito (FEDORA-2021-d206891379)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for iaito (FEDORA-2021-c1a0dc39b4)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for iaito (FEDORA-2021-55198e6804)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Boston Scientific Zoom Latitude

1. EXECUTIVE SUMMARY CVSS v3 6.9 ATTENTION: Low attack complexity Vendor: Boston Scientific Equipment: ZOOM LATITUDE Programmer/Recorder/Monitor Model 3120 Vulnerabilities: Use of Password Hash with Insufficient Computational Effort, Missing Protection Against Hardware Reverse Engineering Using...

[SECURITY] Fedora 33 Update: iaito-5.3.1-3.fc33

iaito is a Qt and C++ GUI for radare2. It is the continuation of Cutter before the fork to keep radare2 as backend. Its goal is making an advanced, customizable and FOSS reverse-engineering platform while keeping the user experience at mind. The iaito is created by reverse engineers for reverse...

[SECURITY] Fedora 34 Update: iaito-5.3.1-3.fc34

iaito is a Qt and C++ GUI for radare2. It is the continuation of Cutter before the fork to keep radare2 as backend. Its goal is making an advanced, customizable and FOSS reverse-engineering platform while keeping the user experience at mind. The iaito is created by reverse engineers for reverse...

[SECURITY] Fedora 34 Update: radare2-5.4.0-1.fc34

The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...

ctf

It is an offensive tool for reverse engineering. The repository contains a binary decompiler for a "Magic Word" challenge, which appears to be a reverse engineering exercise. The code is written in C++ and utilizes the basicstring class from the C++ Standard Library. The decompiled main function ...