Check out our newly released Attack Surface Analyzer 2.0 – a great new version of our tool to identify potential security risks when installing new software. Now cross platform and on Github! https://t.co/kW9XVukdGI

— Tom Burt (@TomBurt45) May 16, 2019

https://www.microsoft.com/security/blog/2019/05/15/announcing-new-attack-surface-analyzer-2-0/

https://github.com/Microsoft/AttackSurfaceAnalyzer

[…]Attack Surface Analyzer 2.0 now runs on Windows, Linux, and macOS and is available as an open source project on GitHub. Attack Surface Analyzer 2.0 can help you identify potential security risks introduced by changes to an operating system’s security configuration by identifying changes in key areas, including: File System, User Accounts, System Services, Network Ports (listeners), System Certificate Stores, Windows Registry[…]

ATTENTION: I finally decide to share with all of you my last publication presented in #HITBAMS2019 y #HITBHaxpo. This new guide is called "The hacker's hardware toolkit" and I am fully sure you'll love it!https://t.co/pIHhoOzeiK pic.twitter.com/O7sKSBtVjW

— Yago Hansen (@yadox) May 16, 2019

“The best hacker’s gadgets for Red Team pentesters and security researchers.”

https://github.com/yadox666/The-Hackers-Hardware-Toolkit

A new Redfish tool:

This project provides a daemon that can be used to retrieve events from a Redfish Event Service. The DMTF Redfish standard defines a service that a client can post subscription requests to. Such request would outline what type of events the client is interested in. In the Fishminder project we only subscribe to events of the type Alert. The client would also need to tell the Event Service where to send the events. The Event Service sends events to the clients through a RESTful POST operation. Therefore the Fishminder daemon is hosting a REST server that can accept such events and places them in a Sqlite database (the table name is “events”).

https://github.com/fishminder/fishminder

There’s another Linux ext2 file system for UEFI being worked on:

Uefi-Ext2-Reader: This is a project for System Software subject for my study in Gdansk University of Technology. UEFI supports only Windows FAT file system. I implemented a protocol that allows to read files from Linux Ext2 partition in UEFI. I used VisualUEFI (https://github.com/ionescu007/VisualUefi.git) for compiling process.

https://github.com/RutEK46/Uefi-Ext2-Reader

Nate DeSimone announced the availability of the FSP 2.1 spec.

We are pleased to announce that the FSP External Architecture Specification v2.1 has been posted to https://www.intel.com/fsp!

AmberLakeFspBinPkg has been released on https://github.com/IntelFsp/FSP, which provides the first implementation of FSP 2.1. This FSP is backward compatible with Kaby Lake, so there should be a good amount of existing hardware available for those who are interested in trying FSP 2.1. Looking forward, our upcoming Ice Lake and Comet Lake platforms will have FSP 2.1 binaries once they are released.

MinPlatform and FSP 2.1 provide a complete and native UEFI firmware implementation and together they are Intel’s preferred method of implementing open source UEFI firmware today. We will be pushing patches to the mailing list that add FSP 2.1 dispatch mode support to KabyLakeOpenBoardPkg in edk2-platforms soon!

For more info, see the full post on the edk2.groups.io mailing list archives.

https://edk2.groups.io/g/announce/message/18

Re: https://firmwaresecurity.com/2017/11/21/new-acpi-ids-for-november-nexstgo-and-insyde/ and https://firmwaresecurity.com/2017/05/31/new-acpi-registry-updates-for-2017/

Here are the new ACPI entries for 2019 (so far):
1) Amazon Corporation, AMZN, 02/06/2019, https://www.amazon.com/
2) ASEM S.p.A., ASEM, 04/29/2019, http://www.asem.it/
3) Guizhou Huaxintong Semiconductor Technology Co., Ltd, HXTS, 01/18/2019, http://www.hxt-semitech.com/

New ACPI entries for 2018:
1) Ampere Computing, AMPC, 03/29/2018, https://amperecomputing.com/
2) COMHEAR, INC., CMHR, 08/02/2018, https://www.comhear.com/
3) DMIST RESEARCH LTD, DMST, 07/09/2018, http://www.dmist.com/
4) G2touch Co., LTD, GTCH, 12/04/2018, http://www.g2touch.co.kr/
5) IDEMIA, IDEM, 06/26/2018, https://www.idemia.com/
6) Sensel, Inc., SNSL, 08/20/2018, https://sensel.com/
7) Vishay Intertechnology, Inc., VSHY, 07/09/2018, https://www.vishay.com/

More info:
https://uefi.org/acpi_id_list
https://uefi.org/acpi
https://uefi.org/PNP_ACPI_Registry
https://uefi.org/uefi-acpi-export

By Minh Tran | May 14, 2019

A FortiGuard Labs How-To Guide for Cybersecurity Threat Researchers

Unified Extensible Firmware Interface (UEFI) is a specification that defines an interface between platform firmware and an OS. In a nutshell, UEFI replaces the BIOS in previous systems. Since UEFI is required for Secure Boot (ever since the Windows 8 operating system released in 2012), virtually all modern PCs come with UEFI firmware. Naturally, with the growing popularity of UEFI systems, and the fact that UEFI firmwares have even higher privilege than the OS/ hypervisor, adversaries are starting to focus on exploiting this new attack surface. This is evidenced by the UEFI rootkit found recently from the Sednit group.Consequently, there is a pressing need for security researchers to be able to handle this novel threat. In this blog post, we will show you how.

https://www.fortinet.com/blog/threat-research/how-to-cost-effectively-dynamically-analyze-uefi-malware.html

Busy day for news…

Verify whether your system is vulnerable to the new MDS CPU attacks with these tools from the RIDL team!

Windows: https://t.co/CSDJA8zn02
Linux: https://t.co/AyOk56Oz5A
GitHub: https://t.co/wYQojHJami

— Ian Coldwater 📦💥 (@IanColdwater) May 14, 2019

I don’t think this is a regular Tuesday: CVE-2018-12126 MSBDS, CVE-2018-12127 MLPDS, CVE-2018-12130 ZombieLoad, CVE-2019-11091 MDSUM, CVE-2018-0708 RDP, CVE-2019-3568 WhatsApp, CVE-2019-8605 iOS, CVE-2019-1649 Cisco

— Adrian Rueegsegger (@Kensan42) May 14, 2019

So many independently reported the new Intel issues! (those I found on Twitter: @lavados @misc0110 @mlqxyz @danielmgmi @jovanbulck @themadstephan @noopwafel @sirmc @pit_frg @gimaisura @kavehrazavi @herbertbos @c_giuffrida @bsdaemon @epakskape @yuvalyarom) https://t.co/VGIgZ27FYY

— Adrian Rueegsegger (@Kensan42) May 14, 2019

https://twitter.com/kennwhite/status/1128363475925909504

Something we've been working for past year.
We named them uArch Data sampling.
Zombie load attack is also good name.
Here is s/w guidance – https://t.co/LnpRfl7vsS
Here is a deep dive – https://t.co/6LJy4ke74a

— debug (@0xdbug) May 14, 2019

https://software.intel.com/security-software-guidance/insights/deep-dive-intel-analysis-microarchitectural-data-sampling

https://mdsattacks.com/

https://cpu.fail/

https://zombieloadattack.com/

The MDS stuff will get all the press, but there are UEFI, ME, AMT and other advisories…

INTEL-SA-00252
Intel® Driver & Support Assistant Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html

INTEL-SA-00251
Intel® NUC Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html

INTEL-SA-00249
Intel® i915 Graphics for Linux Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html

INTEL-SA-00245
Intel Unite® Client for Android* Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html

INTEL-SA-00244
Intel® Quartus® Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html

INTEL-SA-00234
Intel® SCS Discovery Utility and Intel® ACU Wizard Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html

INTEL-SA-00233
Microarchitectural Data Sampling Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html

INTEL-SA-00228
Intel Unite® Client Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html

INTEL-SA-00223
2019.1 QSR UEFI Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html

INTEL-SA-00218
Intel® Graphics Driver for Windows* 2019.1 QSR Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html

INTEL-SA-00213
Intel® CSME, Intel® SPS, Intel® TXE, Intel® DAL, and Intel® AMT 2019.1 QSR Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html

EFITools for CentOS

EFI Tools is a set of applications to manage UEFI Secure Boot under Linux.

https://github.com/freshautomations/efitools-centos

REMINDER: All #HITB2019AMS presentation materials are here: https://t.co/2281py1qzo (Please RT)

— HITBSecConf (@HITBSecConf) May 9, 2019

Don't forget! All conference slides and materials are available online at https://t.co/2281py1qzo

Recordings will be available in the upcoming weeks so keep an eye on Twitter for updates! #HITB2019AMS

— HITBSecConf (@HITBSecConf) May 10, 2019

The first post of a series about developing #BareMetal hypervisors is here! It introduces to #Intel's #VMX technology, describes interactions between a #virtualmachine and a #hypervisor as well as gives some insight on the control structures required. https://t.co/NVaIeZxFhZ pic.twitter.com/K99NBCrCY6

— 3mdeb (@3mdeb_com) May 10, 2019

This is the first post of a series about developing type-1 hypervisors, also known as native or bare-metal hypervisors. It introduces to Intel’s VMX technology, describes interactions between a virtual machine and a hypervisor as well as gives some insight on the control structures required. This post should give some theoretical knowledge base required for the next ones, in which we will implement a basic hypervisor using Bareflank. It assumes that you have some knowledge about IA-32 architecture. There will be more than 5 terms actually, but the most important are those in headers. The following posts will assume that the reader knows what they are for and what is their scope.

https://blog.3mdeb.com/2019/2019-04-30-5-terms-every-hypervisor-developer-should-know/

DMTF has a new Redfish tool on their Github site, Redfish-TackleBox.

Redfish Tacklebox contains a set of Python utilities to perform common management operations with a Redfish service. The utilities can be used as part of larger management applications, or be used as standalone command line tools.

https://github.com/DMTF/Redfish-Tacklebox

Here's a write up of some of the system hardening changes in Android Q. A lot of teams and people contributed to this. It's always cool to see it all listed together. https://t.co/LNVKyoRNsT

— Jeff Vander Stoep (@jeffvanderstoep) May 9, 2019

A KVM firmware in Rust, by Intel https://t.co/EBZoYlFOSr

— Frank ⚡ (@jedisct1) May 10, 2019

Linux-SecureBoot-Kit: Tool for complete hardening of Linux boot chain with UEFI Secure Boot

https://github.com/Snawoot/linux-secureboot-kit

Image manipulation tools for the Management Engine firmware https://t.co/Anq6yponAk #intelme #firmware

— Hardened-GNU/Linux (@hardenedlinux) May 10, 2019

I notice a new UEFI video on Youtube, from Def-Logix, showcasing some upcoming product of theirs, which appears to be funded by some SBIR grant

https://www.def-logix.com/shimmix/

https://www.sbir.gov/sbc/def-logix

Spoiler alert: patent involved. If you’re an engineer at a big company that discourages engineers from viewing patents of other companies, do not look at this:

https://patents.google.com/patent/US20150019850

DMTF Releases Security Protocol and Data Model (SPDM) Architecture as Work in Progress. Learn more: https://t.co/7Ipnp0AZDR

— DMTF (@DMTF) May 9, 2019

OpenVisla was invented 10 years ago, created almost 6 years ago and to be fair, it was very unlucky. Many people have forgotten about it, but it still can be very useful. It has a lot of potential for being used in security development. We are going to continue our research and maybe, maybe in some time, we will show what this small and relatively cheap board is capable of.

#OpenVizsla is a tool for developers working with USB and especially those who are using #USB in #embedded designs. We have tested its possible use cases and see that it has a lot of potential for further development. Read more on our #blog.
https://t.co/lXFmvVNo0k pic.twitter.com/YEC6RxXAVG

— 3mdeb (@3mdeb_com) May 8, 2019