Home
Platform
Platform
Features
Packages
Customers
REsearch
REsearch
Advisories
All REsearch
PKfail
Lighttpd
XZ Backdoor
LogoFAIL
Learn
Learn
All Resources
Product Blog
Videos
Free Detection Tools
Reports
Company
Company
About Binarly
News
Press
Free scan
Book a demo
Free scan
Book a demo
All Research
Take a deep dive into the latest developments, emerging threats and approaches to remediation
Nov 29, 2024, Binarly REsearch
LogoFAIL Exploited to Deploy Bootkitty, the first UEFI bootkit for Linux
Binarly researchers find a direct connection between the newly discovered Bootkitty Linux bootkit and exploitation of the LogoFAIL image parsing vulnerabilities reported more than a year ago.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Article Filters
Clear Filters
AMD
AMi
ARM
AVAR
Acrobator
Advanced Threats
Attack Vector
AttackSurface
Awards
BMC
BRLY-2021-046
BRLY-2021-047
BRLY-2022-003
BRLY-2022-009
BRLY-2022-010
BRLY-2022-011
BRLY-2022-012
BRLY-2022-013
BRLY-2022-014
BRLY-2022-015
BRLY-2022-016
BRLY-2022-017
BRLY-2022-018
BRLY-2022-022
BRLY-2022-023
BRLY-2022-024
BRLY-2022-025
BRLY-2022-026
BRLY-2022-027
BRLY-2023-021
BRLY-2024-002
BRLY-2024-003
BRLY-2024-004
Binarly
Binarly Platform
Black Hat
BlackLotus
BlackTech
Boot Guard
CERT CC
CERT/CC
CVE-2017-5715
CVE-2020-24486
CVE-2021-21555
CVE-2021-21556
CVE-2023-1018
CVE-2024-3094
CVE‑2021‑0144
CWE-125
Cisco
DKOM
DSA-2021-103
DVA
DXE
Dell
EDK2
EFIXPLORER
ETW
Embedded Controller
Firmware
Firmware Implants
Firmware Integrity
Firmware Leak
FirmwareBleed
Forensics
FwHunt
HP
Hex-Rays
IDA
INTEL-SA-00463
INTEL-SA-00525
IPMI
IR
Implant
Implants
Insyde
Intel
Intel BIOS Guard
Intel BSSA DFT
Intel Boot Guard
Investors
LABScon
LVFS
Lenovo
LogoFAIL
MSI
MoonBounce
NVRAM
OSFC
OpenBMC
OpenSSL
PEI
PKfail
PPAM
Phoenix
Pre-EFI
Product
Qualcomm
Repeatable Failures
Responsible Disclosure
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
November 29, 2024
,
Binarly REsearch
LogoFAIL Exploited to Deploy Bootkitty, the first UEFI bootkit for Linux
Binarly researchers find a direct connection between the newly discovered Bootkitty Linux bootkit and exploitation of the LogoFAIL image parsing vulnerabilities reported more than a year ago
October 8, 2024
,
Alex Matrosov
Meet Binary Risk Hunt: A Free Vulnerability Scanner With SBOM Generation
Binarly releases Binary Risk Hunt, a free vulnerability scanner with software bill of material generator.
September 26, 2024
,
Binarly Research Team
CVE-2024-36435 Deep-Dive: The Year’s Most Critical BMC Security Flaw
This vulnerability got our attention for many reasons: firstly, the vendor agreed on the critical impact; and secondly, the nature of the vulnerability where an unauthenticated user can remotely trigger the code flow with a simple post request and cause the arbitrary code execution over classical stack overflow (CWE-121).
September 19, 2024
,
Binarly REsearch
Repeatable Failures: Test Keys Used to Sign Production Software…Again?
After discovering PKFail, the Binarly REsearch team went on the hunt for other instances of non-production test keys being used in firmware binaries. In this case, non-production test keys were originally generated by reference implementation vendors sitting at the top of the supply chain and then propagated to downstream vendors which often failed to replace them.
September 16, 2024
,
Fabio Pagani
PKfail Two Months Later: Reflecting on the Impact
In this blog, we dive deeper into newly discovered data points gathered from our free detection service pk.fail and major vendor acknowledgements and developments since the initial disclosure of PKfail in July.
September 4, 2024
,
Alex Matrosov
Introducing Binary Reachability Analysis [Binarly Transparency Platform v2.5]
Binarly Unveils Transparency Platform 2.5 with Advanced Reachability Analysis
July 25, 2024
,
The Binarly REsearch Team
PKfail: Untrusted Platform Keys Undermine Secure Boot on UEFI Ecosystem
PKfail is a zero day disclosure detected by the Binarly REsearch Team. PKfail is a firmware supply-chain issue affecting hundreds of device models in the UEFI ecosystem. The problem arises from the Secure Boot "master key," known as the Platform Key (PK) in UEFI terminology, which is untrusted because it is generated by Independent BIOS Vendors (IBVs) and shared among different vendors.
June 19, 2024
,
Alex Matrosov
Blind Trust and Broken Fixes: The Ongoing Battle with LogoFAIL Vulnerabilities
In this follow-up research 6 months after public disclosure of LogoFAIL, we dive deeper into the shallow waters of the firmware supply chain confusion and the blind trust in the reference code and firmware developers. The Binarly Transparency Platform detects unfixed devices daily.
May 8, 2024
,
Binarly REsearch
Framework + Binarly = Securing Sustainable Electronics
In this video, Kieran Levin, lead system architect at Framework describes how their partnership with Binarly allows them to audit and validate their firmware and software supply chain across ODM and IBV vendors.
April 23, 2024
,
Alex Matrosov
Next Gen Binary Risk Intelligence: Introducing Binarly Transparency Platform v2.0
We've incorporated a year of research and feedback into Binarly Transparency Platform v2
April 11, 2024
,
Binarly REsearch
How an old bug in Lighttpd gained new life in AMI BMC, including Lenovo and Intel products
Binarly Research Team shows crucial risks that affect security of BMC firmware supply chain ecosystem. We’ve assigned three Binarly identifiers BRLY-2024-002, BRLY-2024-003, BRLY-2024-004
April 1, 2024
,
Binarly Research Team
XZ Utils Supply Chain Puzzle: Binarly Ships Free Scanner for CVE-2024-3094 Backdoor
On March 29, right before Easter weekend, we received notifications about something unusual happening with the open-source project XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux.
March 26, 2024
,
Alex Matrosov
Software Supply Chain Security Leader Binarly Closes $10.5 Million Financing
From day one, we founded Binarly to truly solve the software supply chain security problem. It’s become quite clear that existing solutions and approaches aren’t working...
February 8, 2024
,
Binarly Research Team
The Dark Side of UEFI: A technical Deep-Dive into Cross-Silicon Exploitation
Uncover the UEFI's dark side with a groundbreaking study on Cross-Silicon Exploitation. Explore ARM's impact on UEFI security in this technical dive.
January 30, 2024
,
Binarly Research Team
Inside the LogoFAIL PoC: From Integer Overflow to Arbitrary Code Execution
BINARLY LogoFAIL: Learn how a firmware parser flaw can jeopardize device security.
January 24, 2024
,
Alex Matrosov
Protecting Software Supply Chains: Binarly’s 2023 in Review
Discover how BINARLY revolutionized software supply chain protection in 2023 with groundbreaking discoveries like LogoFAIL
December 14, 2023
,
Binarly Research Team
Old But Gold: The Underestimated Potency of Decades-Old Attacks on BMC Security
Uncover the underestimated potency of decades-old attacks on BMC Security. Learn how BINARLY exposes critical risks for remote server control.
December 6, 2023
,
Binarly Research Team
Finding LogoFAIL: The Dangers of Image Parsing During System Boot
LogoFAIL by BINARLY: Discover the impact of image parsing vulnerabilities on system boot. Learn about LogoFAIL risks across UEFI firmware systems. Stay informed!
November 29, 2023
,
Binarly Research Team
The Far-Reaching Consequences of LogoFAIL
LogoFAIL by BINARLY: Discover how vulnerable image parsing impacts device manufacturers in the UEFI firmware ecosystem. Learn about critical LogoFAIL consequences.
November 8, 2023
,
Binarly REsearch
Dissecting Intel’s Explanation of Key Usage in Integrated Firmware Images (IFWI)
Uncover insights into key misuse in integrated firmware images with BINARLY's analysis of Intel's explanation. Discover the impact on the software supply chain.
October 3, 2023
,
Binarly Research Team
Binarly REsearch Uncovers Major Vulnerabilities in Supermicro BMCs
Uncover Major Vulnerabilities in Supermicro BMCs. Dive into hidden attack surfaces and exploits found by BINARLY REsearch in Supermicro BMC IPMI firmware.
September 27, 2023
,
Alex Matrosov
A Silent Threat in Our Devices: The BlackTech Firmware Attacks
Protect Your Devices: Uncover the Stealthy BlackTech Firmware Threat - Latest findings from NSA, FBI, CISA & NISC. Stay informed & secure.
August 24, 2023
,
Binarly Research Team
A Fractured Ecosystem: Lingering Vulnerabilities in Reference Code is a Forever Problem
Uncover the challenges of lingering vulnerabilities in reference code within a fractured ecosystem. Learn how these issues impact supply chains.
July 20, 2023
,
Binarly efiXplorer Team
Leaked MSI source code with Intel OEM keys: How does this affect industry-wide software supply chain?
Uncover the impact of leaked MSI source code and Intel OEM keys on the software supply chain. Deep dive by BINARLY security experts. Implications revealed!
April 3, 2023
,
Binarly Team
Binarly Reports High-Severity AMD Vulnerabilities with Downstream Impact
Discover How BINARLY Reports High Severity AMD Vulnerabilities with Industry Impact | AMD Client Vulnerabilities Revealed - BINARLY Research Team's Findings.
March 22, 2023
,
Alex Matrosov
Scalable Vulnerability Analysis Requires Automation
Discover why scalable vulnerability analysis demands automation. Learn about critical firmware-specific vulnerabilities, like BatonDrop (CVE-2022-21894), affecting Microsoft Windows bootloaders.
March 3, 2023
,
Alex Matrosov
The Untold Story of the BlackLotus UEFI Bootkit
Uncover the secrets of the Black Lotus UEFI Bootkit. Explore the history and challenges of detecting and analyzing rootkits and bootkits. Dive into the world of advanced threat analysis.
December 20, 2022
,
Binarly efiXplorer Team
efiXplorer: Hunting UEFI Firmware NVRAM Vulnerabilities
Explore UEFI firmware vulnerabilities with efiXplorer v5.2 [Xmas Edition]. Enhance your code analysis and SMM call-out detection capabilities. Upgrade now!
December 8, 2022
,
Binarly Research Team
Firmware Patch Deep-Dive: Lenovo Patches Fail to Fix Underlying Vulnerabilities
Uncover the ongoing security risks in Lenovo's firmware patches. Explore why CVE-2022-3430 and CVE-2022-3431 remain unaddressed despite official disclosure.
November 17, 2022
,
Binarly Team
OpenSSL Usage in UEFI Firmware Exposes Weakness in SBOMs
Uncover vulnerabilities in UEFI firmware with insights on OpenSSL updates & SBOMs. Discover the impact on supply chain security. Stay informed.
November 9, 2022
,
Binarly Team
Leaked Intel Boot Guard keys: What happened? How does it affect the software supply chain?
Understand the repercussions of leaked Intel Boot Guard keys. Discover how it can impact the software supply chain. Stay informed with our insightful analysis.
October 13, 2022
,
Binarly Research Team
Binarly Expands Leadership Team With Veteran Cybersecurity Executives
Elevate enterprise firmware security with BINARLY's expert leadership team. Industry veterans from BlackBerry and Dragos join forces for enhanced protection.
October 5, 2022
,
Binarly Team
New Attacks to Disable and Bypass Windows Management Instrumentation [LABSCon Edition]
Discover new attacks to bypass and disable Windows Management Instrumentation in the LABSCon Edition. Learn about the 'one-bit change attack' and its impact on endpoint security solutions.
October 4, 2022
,
Binarly Research Team
LABScon 2022: Binarly Discloses High-Impact Firmware Vulnerabilities In Insyde-Based Devices
Discover high-impact firmware vulnerabilities in Insyde-based devices in the 2022 LABScon report. Learn more about these critical findings today.
September 30, 2022
,
Binarly Research Team
ARM-based Firmware Support in New efiXplorer v5.0 [LABScon Edition]
Explore ARM-Based Firmware Support in efiXplorer v5.0 LABScon Edition. Upgrade your UEFI analysis with BINARLY's latest tool for in-depth research.
September 12, 2022
,
Binarly Research Team
Binarly Discovers Multiple High-Severity Vulnerabilities in AMI-based Devices
Unlocking the Secrets: BINARLY Reveals High Severity Vulnerabilities in AMI Based Devices. Explore our eye-opening research findings now!
September 8, 2022
,
Binarly Research Team
Binarly Finds Six High Severity Firmware Vulnerabilities in HP Enterprise Devices
Discover how BINARLY uncovered 6 critical firmware vulnerabilities in HP Enterprise devices. Insights on the latest security findings await you.
September 7, 2022
,
Binarly Team
Using Symbolic Execution to Detect UEFI Firmware Vulnerabilities
Discover how symbolic execution uncovers UEFI firmware vulnerabilities with BINARLY's expert efiXplorer team. Elevate your bug detection game today!
August 23, 2022
,
Binarly Research Team
Black Hat 2022: Blasting Event-Driven Cornucopia - WMI edition
Uncover cutting-edge insights into firmware vulnerabilities and persistence methods at the Black Hat 2022 Blasting Event - WMI edition. Dive in now!
August 16, 2022
,
Binarly efiXplorer Team
Black Hat 2022: The Intel PPAM attack story
Discover the dark world of firmware vulnerabilities and persistent cyber threats with Black Hat 2022. Unveiling the Intel PPAM attack story and more!
July 18, 2022
,
Binarly Team
FirmwareBleed: The industry fails to adopt Return Stack Buffer mitigations in SMM
Discover why the industry lags in implementing Return Stack Buffer mitigations in SMM firmware. Learn how to enhance security measures effectively.
June 22, 2022
,
Binarly Team
Firmware Supply Chain Company Binarly Raises $3.6 Million from Westwave Capital, Acrobator Ventures
Empower your firmware security with BINARLY - Innovating the supply chain with cutting-edge binary code analysis. Learn how we're reshaping cybersecurity!
May 2, 2022
,
Binarly Team
FwHunt The Next Chapter: Firmware Threat Detection at Scale
Transform firmware threat detection with BINARLY's scalable solution. Discover advanced binary code inspection for effective threat hunting.
March 21, 2022
,
Binarly Research Team
Repeatable Failures: AMI UsbRt - Six years later, firmware attack vector still affect millions of enterprise devices
Discover how BINARLY's Research Team is boosting enterprise device security with coordinated disclosures. Stay informed on patching Dell BIOS vulnerabilities.
March 8, 2022
,
efiXplorer Team
Repeatable Firmware Security Failures: 16 High Impact Vulnerabilities Discovered in HP Devices
Discover 16 high-impact firmware vulnerabilities in HP devices. Learn how BINARLY's security lab uncovered critical UEFI flaws affecting HP products today.
February 1, 2022
,
Binarly Research Team
An In-Depth Look at the 23 High-Impact Vulnerabilities
Discover 23 High-Impact Vulnerabilities in Independent BIOS Developer Software. Explore the critical security flaws affecting multiple vendors.
January 21, 2022
,
Binarly Team
A deeper UEFI dive into MoonBounce
Unlock the depths of UEFI with Kaspersky Lab's new discovery, MoonBounce. Explore this intriguing UEFI firmware threat and the world of APT malware.
December 27, 2021
,
Binarly Research Team
The Firmware Supply-Chain Security is broken: Can we fix it?
Uncover how the firmware supply chain security is at risk and explore solutions with BINARLY CEO's insights. Dive into the evolving threats.
November 15, 2021
,
Binarly Research Team
Design issues of modern EDRs: bypassing ETW-based solutions
Enhance firmware security with insights on modern EDR design flaws bypassing ETW-based solutions. Learn more from BINARLY experts at Black Hat Europe 2021.
September 14, 2021
,
Binarly Team
Detecting Firmware vulnerabilities at scale: Intel BSSA DFT case study
Discover how Intel efficiently detects firmware vulnerabilities at scale in this insightful BSSA DFT case study. Uncover key findings and strategies.
September 10, 2021
,
Binarly Research Team
Attacking (pre)EFI Ecosystem
Uncover critical findings on UEFI ecosystem vulnerabilities from Black Hat USA 2021. Discover key insights and solutions in safeguarding firmware supply chains.
August 20, 2021
,
Binarly Team
Firmware Supply Chain is Hard(coded)
Safeguarding UEFI Ecosystem: Discover why the Firmware Supply Chain is Hard(coded)! Dive into high-severity vulnerabilities & key findings presented at Black Hat USA 2021.
August 4, 2021
,
Binarly Team
The list of highest-rated books for Malware Analysts features “Rootkits and Bootkits”
Discover the top-rated books for Malware Analysts focusing on Rootkits and Bootkits. Learn from the experts on modern malware threats today!
August 2, 2021
,
Binarly Team
Why Firmware Integrity is Insufficient for Effective Threat Detection and Hunting
Enhance threat detection with more than just firmware integrity. Learn why relying solely on integrity checking may not suffice for effective security measures.
July 14, 2021
,
Alex Matrosov
Breaking through another Side: Bypassing Firmware Security Boundaries
Unlock secrets of firmware security bypass with this BlackHat 2019 research on embedded controller vulnerabilities in Lenovo Thinkpad BIOS. Learn more!
July 12, 2021
,
Alex Matrosov
Who Watches BIOS Watchers?
Discover how BIOS Watchers safeguard against vulnerabilities in Intel Boot Guard implementation. Unveil key insights from recent research at Black Hat Vegas.