Learn

The all-new Binarly Transparency Platform v2.8 represents a pivotal leap forward in our engineering and product development processes as we shift to a more agile, monthly release cadence. This latest release introduces advanced image diffing, refined role-based access control (RBAC), and enhanced vulnerability detection capabilities, marking a significant step forward in the cybersecurity landscape.

In this blog post, the Binarly REsearch team introduces a novel methodology for detecting UEFI bootkits by analyzing their unique code behaviors. By starting from an in-depth analysis of known bootkits, we identify features that can be used for generically detecting bootkits and build rules that we used for hunting new unknown bootkits. Then, we show how these rules can be even further improved, by leveraging advanced static analysis techniques, semantic detection and ML-based clustering.

Microcode has always been a crucial component in platform security for the x86 ecosystem. Any vulnerability in microcode leads to significant issues and long-standing side effects across the entire industry. Last week, we witnessed a rare instance of such a vulnerability highlighting potential gaps in AMD’s product security practices, prompting industry-wide discussion on the security implications for confidential computing.

Binarly releases Binary Risk Hunt, a free vulnerability scanner with software bill of material generator.

This vulnerability got our attention for many reasons: firstly, the vendor agreed on the critical impact; and secondly, the nature of the vulnerability where an unauthenticated user can remotely trigger the code flow with a simple post request and cause the arbitrary code execution over classical stack overflow (CWE-121).