https://blog.eclypsium.com/2018/09/05/eclypsium-beta-now-available/
Author: hucktech
Eclypsium research on SuperMicro BMC/Redfish vulnerability
Ulf on Total Meltdown at SEC-T
If you aren’t in Sweden, it appears there may be live streaming of the presentation! There are multiple other firmware presentations as well!
https://www.sec-t.org/schedule/
Hypervisor From Scratch – Part 2: Entering VMX Operation
The second part of this tutorial series has been publsihed.
UEFI Firmware Parser updated
Teddy Reed has updated his UEFI Firmware Parser project. The first update this year!
BIOSUtilities: Various BIOS Utilities for Modding/Research
Howard Oakley on Booting the Mac
Howard Oakley has yet another new blog post on how Apple EFI works:
Booting the Mac: Will my Mac boot from this disk? A visual guide
There have been multiple recent blog posts on Apple EFI from this author! Eg:
ProxyLoaderPkg: UEFI loader protocol proxy
This UEFI application calls an entry point provided by a proxy loader protocol installed on the image handle.
Ph0wn: a Capture The Flag (CTF) dedicated to smart devices
Kees Cook: Making C Less Dangerous [for the Linux kernel]
Facebook releases Bowler, Python refactoring tool
ZeroNights CFP open
HITB-GSEC presentations online
HITB-GSEC is happening, slides are uploaded in near real-time, day 1 presentations are up:
https://twitter.com/HITBGSEC/status/1034984965308440576
Genode 18.08 released
The latest release of the Genode OS has changes to microcode updates, as well as other firmware-related interface changes.
https://genode.org/documentation/release-notes/18.08#New_Intel_Microcode_update_mechanism
DarkRISCV, an open source RISC-V core for FPGAs
Booting the Mac: bless, and what makes a volume bootable
The last piece in the puzzle that is the booting of a Mac is understanding how any given volume is made bootable, and how it can be made the next startup volume.[…]
c-efi – UEFI Reference Specification Protocol Constants and Definitions
The c-efi project provides the protocol constants and definitions of the UEFI Reference Specification as native C11 code. The scope of this project is limited to those protocol definitions. The protocols are not actually implemented. As such, this project serves as base for any UEFI application that needs to interact with UEFI, or implement (parts of) the UEFI specification. Additionally to providing a C library, this project also serves as documentation base for UEFI programming in C. It provides target-triples for UEFI, bootstrap helpers, and a bunch of documentation how to get started.
https://github.com/c-util/c-efi
Heardwear.io 2018 schedule posted
Multiple sources of firmware security training!
AArch64-UEFI-LLVM-HelloWorld: uses GNU-EFI and CLang on ARM
https://github.com/tnishinaga/aarch64-uefi-llvm_helloworld
UEFI HelloWorld application with clang + lld + gnu-efi(header only)
This is a nonstandard build environment for UEFI, using GNU-EFI with clang (not efi-clang) on ARM not Intel. Last time I looked, GNU-EFI was Intel-centric and GCC-centric, so this is impressive.
Tianocore UEFI hackathon
https://github.com/tianocore/tianocore.github.io/wiki/2018-EDK-II-Capsule-Hack-a-thon
“This is the first time Intel has staged a public TianoCore hack-a-thon event.”
Firmware Security 
You must be logged in to post a comment.