Sitel Amin of ARM has a new blog post about ARM-based mobile security technologies:

We are in the middle of a security arms race on devices. It is a never-ending cycle where hackers will think of new ways to find vulnerabilities and where we in the industry constantly try to stay one step ahead with innovations that lead to better and stronger security. […]

https://community.arm.com/developer/ip-products/security/b/security-ip-blog/posts/security-on-devices

Some BlackHat presentations are starting to become available to the public:

Our slides got published https://t.co/niAlnF2sq8 #Blackhat2019 #BHUSA #csme @hasarfaty https://t.co/9rb7Vvb1PF

— Yanai Moyal (@yanaimoyal) August 9, 2019

Slides for my talk with @BenBlaxill "PicoDMA: DMA Attacks at Your Fingertips" are up on speakerdeck (and should be on BH site as well): https://t.co/baoilBMWdV
Thanks to all that attended and @UlfFrisk and @securelyfitz for inspirational research in this space

— PartyTime.EXE (@PartyTimeDotEXE) August 8, 2019

Slides for our #BHUSA2019 talk "Breaking Through Another Side: Bypassing Firmware Security Boundaries from Embedded Controller" by Alex Gazet and @matrosov at https://t.co/jEvZ1afwAt

— Airbus Security Lab (@AirbusSecLab) August 8, 2019

Reading Inside The Apple T2 by @sirus & @jlericks …https://t.co/6Ena8aGSad [PDF] pic.twitter.com/1DRxsxZNwH

— Yuriy Bulygin (@c7zero) August 10, 2019

This is the white paper of my BH topic. It contains the details of the six bugs we mentioned. https://t.co/gC8qXI9MjP

— lilang wu (@Lilang_Wu) August 9, 2019

The perfect work about Apple T2 by @sirus and @jlericks: https://t.co/u2ekBQwz3u

— Maxim Goryachy (@h0t_max) August 10, 2019

Looking for Briefings Slides and White Papers? Presentation materials provided by speakers will be made available at the end of each day on the Black Hat website. Presentations can be downloaded here: https://t.co/zPkU6TaNIS

— Black Hat (@BlackHatEvents) August 8, 2019

https://www.blackhat.com/us-19/briefings/schedule/

Not yet on: https://www.blackhat.com/html/archives.html

Just updated my https://t.co/8PsbvKroeD repository 🙂 Now it adds AVBv2 recovery support for systemless-root (as there is no more ramdisk in boot)

— Bjoern Kerler (@viperbjk) August 9, 2019

Boot to root 🙂 Converts stock boot images and adds hidden root (accessible via netcat session), patches selinux and adds adb. Tested with Android 4.x – 9.x.

https://github.com/bkerler/android_universal

oreboot: coreboot without the C (written in @rustlang) https://t.co/0nVkM8weUR

— Tony "Abolish ICE" Arcieri 🦀🌹 (@bascule) August 9, 2019

https://github.com/oreboot/oreboot

oreboot is a downstream fork of coreboot, i.e. oreboot is coreboot without ‘c’. oreboot will only target truly open systems requiring no binary blobs. oreboot is mostly written in Rust, with assembly where needed. oreboot currently only plans to support LinuxBoot payloads.

LLDBFuzzer: Debugging and Fuzzing the Apple Kernel with LLDB Script https://t.co/bDizCkWZan

— Nicolas Krassas (@Dinosn) August 9, 2019

Hmm, I can’t find the source code, just a blog and a PDF. Maybe I missed it…

[…] To help security researchers, we have developed LLDBFuzzer, which is based on the LLVM Project’s next-generation debugger called Low Level Debugger (LLDB). We tested LLDBFuzzer on a MacPro’s AMD graphic drivers. These drivers are used to accelerate and optimize 2D, 3D and video rendering, and they contain many interfaces that the user space can access; these features make them a good target for LLDBFuzzer. LLDB is not suitable for debugging low-level kernel components, but it can debug almost all the kernel extensions and XNU codes after the required hardware is operational. Based on these features, this is the novel fuzzing architecture of LLDBFuzzer […]

https://blog.trendmicro.com/trendlabs-security-intelligence/lldbfuzzer-debugging-and-fuzzing-the-apple-kernel-with-lldb-script/

pciutils.efi is a UDK/EDK2 porting of the GNU’s pciutils for the handy PCI tools: lspci and setpci[…]

https://github.com/timotheuslin/pciutils.efi

Requires PUG to build: https://github.com/timotheuslin/PugPkg

See-also: https://github.com/pciutils/pciutils

Plato has written a new tool to his collection of BIOS Utilities:

https://github.com/platomav/BIOSUtilities

I have written a new utility called Dell PFS BIOS Extractor. Basically a python version of @NikolajSchlej PFSExtractor-RS with a few extra features & blink. You can find it at my Various BIOS Utilities for Modding/Research repository, BSD licensed. https://t.co/8CSPFyyoBG pic.twitter.com/WddjxCFXLv

— Plato Mavropoulos (@platomaniac) August 7, 2019

https://github.com/platomav/BIOSUtilities/tree/master/Dell%20PFS%20BIOS%20Extractor

Inspired from https://github.com/LongSoft/PFSExtractor-RS by Nikolaj Schlej

Re: https://firmwaresecurity.com/2019/03/27/automating-firmware-security-with-fwanalyzer/

We also release the code today at https://t.co/iYwlZdFVjc #BHUSA2019 https://t.co/CBP1TfO7V0

— Collin Mulliner (@collinrm) August 7, 2019

The main idea of FwAnalyzer is to provide a tool for rapid analysis of filesystem images as part of a firmware security Q&A check suite. FwAnalyzer takes a configuration file that defines various rules for files and directories and runs the configured checks against a given filesystem image. The output of FwAnalyzer is a report, which contains the list of files that violate any of the rules specified in the configuration. The report further contains meta information about the filesystem image and, if configured, information extracted from files within the analyzed filesystem. The report is formatted using JSON so it can be easily integrated as a step in a larger analysis.

https://github.com/cruise-automation/fwanalyzer

https://www.fwanalyzer.io/

AMD updated: “AMD64 Architecture Programmer’s Manual Volume 2: System Programming” in July 2019. The last update was back in September 2018. Changes:
3.31 Added CLWB and WBNOINVD details.
Clarified FP error pointer save/restore behavior.
Corrected description of APIC Software Enable functionality.
Clarified canonical address checking behavior.
Clarified fault generation for instructions that cross page or segment boundaries.

Click to access 24593.pdf

How to Start IoT device Firmware Reverse Engineering? https://t.co/uuyJoidznV

— Nicolas Krassas (@Dinosn) August 5, 2019

IoT device Firmware Reverse Engineering is a process to understand the device architecture, functionality and vulnerabilities present in the device incorporating different methods. Firmware is a piece of code written for specific hardware to perform different operations and control the device. In this blog, we will learn how to access the file system of a TP-Link Router TL-WR841N.[…]

How to Start IoT device Firmware Reverse Engineering?

w0w, uniFuzzer combines LibFuzzer with Unicorn to fuzz closed source binaries, including Arm & Mips code! #UnicornInsidehttps://t.co/u4jF9dhJ22

— Unicorn Engine (@unicorn_engine) August 1, 2019

[…]uniFuzzer is a fuzzing tool for closed-source binaries based on Unicorn and LibFuzzer. Currently it supports fuzzing 32-bits LSB ELF files on ARM/MIPS, which are usually seen in IoT devices.[…]

https://github.com/rk700/uniFuzzer

http://galaxylab.com.cn/%e5%9f%ba%e4%ba%8eunicorn%e5%92%8clibfuzzer%e7%9a%84%e6%a8%a1%e6%8b%9f%e6%89%a7%e8%a1%8cfuzzing/

Just released version 3.0 in time for #BHUSA. Major changes include
– addition of PDF reports
– new extraction concept that also works standalone
– Plugins can now also be run on single fileshttps://t.co/GzGLqrBe6u

— FACT_core (@FAandCTool) July 31, 2019

https://github.com/fkie-cad/FACT_core/releases/tag/3.0

https://github.com/fkie-cad/FACT_core

https://www.blackhat.com/us-19/arsenal/schedule/index.html#fact–firmware-analysis-and-comparison-tool-15216

VirtualBox 6.0.10 has improved UEFI Secure Boot support:

Linux hosts: support UEFI secure boot driver signing on Ubuntu and Debian hosts (bug #11577)

https://www.virtualbox.org/ticket/11577

A cool basic BIOS emulator: Unicorn-Bios. #UnicornInsidehttps://t.co/Fx5dffkVjI pic.twitter.com/jZERqW44Af

— Unicorn Engine (@unicorn_engine) July 30, 2019

https://github.com/macmade/unicorn-bios

By Oscar Toledo Gutierrez

A crash course into 8086/8088 assembler programming, in an easy way with practice at each step. You will learn how to use the registers, move data, do arithmetic, and handle text and graphics. You can run these programs on any PC machine and no program exceeds 512 bytes of executable code! The example programs include:

• Guess the number.
• Tic-Tac-Toe game.
• Text graphics.
• Mandelbrot set.
• F-Bird game.
• Invaders game.
• Pillman game.
• Toledo Atomchess.
• bootBASIC language.

http://www.lulu.com/shop/oscar-toledo-gutierrez/programming-boot-sector-games/paperback/product-24188564.html

[…]Does driver, BIOS/UEFI and firmware updates[…]

https://github.com/jantari/LSUClient

The slides and video of this webinar are now available.

Click to access UEFI%20Forum%20Redfish%20Webinar_Presentation%20Slides.pdf