Monta Elkins
@montaelkins.bsky.social
Hardware Hacker
SANS Principal Instructor
Training Course Author "Hardware Hacking Essentials"
SANS Principal Instructor
Training Course Author "Hardware Hacking Essentials"
I hear there's a really good talk happening Tuesday night, live and online. :)
#HardwareHacking.
Sign up here:
www.sans.org/orlando-fall...
#HardwareHacking.
Sign up here:
www.sans.org/orlando-fall...
www.sans.org
October 27, 2025 at 10:01 PM
I hear there's a really good talk happening Tuesday night, live and online. :)
#HardwareHacking.
Sign up here:
www.sans.org/orlando-fall...
#HardwareHacking.
Sign up here:
www.sans.org/orlando-fall...
Hardware hacking always wins.
Hacking a casino card shuffling machine.
#HardwareHacking
www.wired.com/story/how-ha...
Hacking a casino card shuffling machine.
#HardwareHacking
www.wired.com/story/how-ha...
How Hacked Card Shufflers Allegedly Enabled a Mob-Fueled Poker Scam That Rocked the NBA
WIRED recently demonstrated how to cheat at poker by hacking the Deckmate 2 card shufflers used in casinos. The mob was allegedly using the same trick to fleece victims for millions.
www.wired.com
October 25, 2025 at 1:07 AM
Hardware hacking always wins.
Hacking a casino card shuffling machine.
#HardwareHacking
www.wired.com/story/how-ha...
Hacking a casino card shuffling machine.
#HardwareHacking
www.wired.com/story/how-ha...
:0
Jaguar Land Rover cyberattack cost $2.5 billion, says monitoring group therecord.media/jaguar-land-...
Jaguar Land Rover cyberattack cost $2.5 billion, says monitoring group
The nonprofit Cyber Monitoring Centre says the cyberattack on Jaguar Land Rover is “the most economically damaging cyber event” to ever impact the United Kingdom.
therecord.media
October 23, 2025 at 11:57 AM
:0
If you've been in my classes, we've talked about this.
--
Cache poisoning vulnerabilities found in 2 DNS resolving apps - Ars Technica share.google/61TQ9VlXy6iJ...
--
Cache poisoning vulnerabilities found in 2 DNS resolving apps - Ars Technica share.google/61TQ9VlXy6iJ...
Cache poisoning vulnerabilities found in 2 DNS resolving apps
At least one CVE could weaken defenses put in place following 2008 disclosure.
share.google
October 23, 2025 at 11:56 AM
If you've been in my classes, we've talked about this.
--
Cache poisoning vulnerabilities found in 2 DNS resolving apps - Ars Technica share.google/61TQ9VlXy6iJ...
--
Cache poisoning vulnerabilities found in 2 DNS resolving apps - Ars Technica share.google/61TQ9VlXy6iJ...
Electric sector critical infrastructure protection audit issues in 2025.
--
FERC 2025 CIP Audit Findings: AMPYX CYBER share.google/WY1HSRXdnBcP...
@ampyxcyber.com
--
FERC 2025 CIP Audit Findings: AMPYX CYBER share.google/WY1HSRXdnBcP...
@ampyxcyber.com
FERC 2025 CIP Audit Findings: DER Impact Ratings, Vendor Oversight Gaps, and Cloud Compliance Risk — AMPYX CYBER
FERC’s latest CIP audit lessons for 2025 highlight three rising compliance risks. Entities are undercounting DERs in GOP control center impact ratings, outsourcing compliance work without adequate ove...
share.google
October 23, 2025 at 11:52 AM
Electric sector critical infrastructure protection audit issues in 2025.
--
FERC 2025 CIP Audit Findings: AMPYX CYBER share.google/WY1HSRXdnBcP...
@ampyxcyber.com
--
FERC 2025 CIP Audit Findings: AMPYX CYBER share.google/WY1HSRXdnBcP...
@ampyxcyber.com
Repeat after me: switches are computers running software that may be vulnerable.
If you've ever been in one of my classes you already know this.
#HardwareHacking
Cisco Warns of Actively Exploited SNMP Vuln Allowing RCE or DoS in IOS Software
share.google/W7KPY69grqZ1...
If you've ever been in one of my classes you already know this.
#HardwareHacking
Cisco Warns of Actively Exploited SNMP Vuln Allowing RCE or DoS in IOS Software
share.google/W7KPY69grqZ1...
Cisco Warns of Actively Exploited SNMP Vulnerability Allowing RCE or DoS in IOS Software
Cisco fixes CVE-2025-20352 SNMP flaw exploited in the wild, risking remote code execution or DoS.
share.google
October 17, 2025 at 12:18 AM
Repeat after me: switches are computers running software that may be vulnerable.
If you've ever been in one of my classes you already know this.
#HardwareHacking
Cisco Warns of Actively Exploited SNMP Vuln Allowing RCE or DoS in IOS Software
share.google/W7KPY69grqZ1...
If you've ever been in one of my classes you already know this.
#HardwareHacking
Cisco Warns of Actively Exploited SNMP Vuln Allowing RCE or DoS in IOS Software
share.google/W7KPY69grqZ1...
Come join me at SANS Cyber Defense Initiative in Washington DC and learn about security controls for critical infrastructure.
We'll have a blast!
We'll have a blast!
October 10, 2025 at 10:19 AM
Come join me at SANS Cyber Defense Initiative in Washington DC and learn about security controls for critical infrastructure.
We'll have a blast!
We'll have a blast!
My UV glasses to harden my clear fingernail polish w/ UV light. The polish insulates and tacks down the small wires I soldered.
RP2040 with a 1.28" color LCD display.
No good place to grab 3.3V volts except directly on the voltage regulator output pin. :(
#HardwareHacking
RP2040 with a 1.28" color LCD display.
No good place to grab 3.3V volts except directly on the voltage regulator output pin. :(
#HardwareHacking
October 8, 2025 at 12:13 AM
My UV glasses to harden my clear fingernail polish w/ UV light. The polish insulates and tacks down the small wires I soldered.
RP2040 with a 1.28" color LCD display.
No good place to grab 3.3V volts except directly on the voltage regulator output pin. :(
#HardwareHacking
RP2040 with a 1.28" color LCD display.
No good place to grab 3.3V volts except directly on the voltage regulator output pin. :(
#HardwareHacking
Power failure:
If you don't work in critcal infrstructure you may not know that most large generators require power from the electric grid to start. Learn which power sources can "blackstart" if the grid is down.
youtu.be/22T9-oknmLM?...
If you don't work in critcal infrstructure you may not know that most large generators require power from the electric grid to start. Learn which power sources can "blackstart" if the grid is down.
youtu.be/22T9-oknmLM?...
How to Restart the Grid after total collapse
YouTube video by The Electric Brit
youtu.be
October 7, 2025 at 9:51 PM
Power failure:
If you don't work in critcal infrstructure you may not know that most large generators require power from the electric grid to start. Learn which power sources can "blackstart" if the grid is down.
youtu.be/22T9-oknmLM?...
If you don't work in critcal infrstructure you may not know that most large generators require power from the electric grid to start. Learn which power sources can "blackstart" if the grid is down.
youtu.be/22T9-oknmLM?...
New #HardwareHacking technique shows high performance mice can be used as microphones.
---
Mic-E-Mouse technique harnesses mouse sensors, converts acoustic vibrations into speech | Tom's Hardware share.google/6bnLg3D3xlAv...
---
Mic-E-Mouse technique harnesses mouse sensors, converts acoustic vibrations into speech | Tom's Hardware share.google/6bnLg3D3xlAv...
High-performance mice can be used as a microphone to spy on users thanks to AI — Mic-E-Mouse technique harnesses mouse sensors, converts acoustic vibrations into speech
This mouse has ears.
share.google
October 4, 2025 at 12:41 AM
New #HardwareHacking technique shows high performance mice can be used as microphones.
---
Mic-E-Mouse technique harnesses mouse sensors, converts acoustic vibrations into speech | Tom's Hardware share.google/6bnLg3D3xlAv...
---
Mic-E-Mouse technique harnesses mouse sensors, converts acoustic vibrations into speech | Tom's Hardware share.google/6bnLg3D3xlAv...
Timing side channel attack in OPENSSL
CVE-2025-9231, Moderate-severity affecting SM2 64-bit ARM. A timing side-channel that could allow recovery of private keys through precise timing measurements. Remote exploitation remains theoretical but possible
securityaffairs.com/182845/secur...
CVE-2025-9231, Moderate-severity affecting SM2 64-bit ARM. A timing side-channel that could allow recovery of private keys through precise timing measurements. Remote exploitation remains theoretical but possible
securityaffairs.com/182845/secur...
OpenSSL patches 3 vulnerabilities, urging immediate updates
OpenSSL updates addressed 3 flaws enabling key recovery, code execution, and DoS attacks. Users are urged to update asap.
securityaffairs.com
October 2, 2025 at 12:53 PM
Timing side channel attack in OPENSSL
CVE-2025-9231, Moderate-severity affecting SM2 64-bit ARM. A timing side-channel that could allow recovery of private keys through precise timing measurements. Remote exploitation remains theoretical but possible
securityaffairs.com/182845/secur...
CVE-2025-9231, Moderate-severity affecting SM2 64-bit ARM. A timing side-channel that could allow recovery of private keys through precise timing measurements. Remote exploitation remains theoretical but possible
securityaffairs.com/182845/secur...
Intel and AMD agree, in cybersecurity #HardwareHacking always wins.
------
Intel and AMD trusted enclaves, a foundation for network security, fall to physical attacks - Ars Technica share.google/8iN6bXswxIp1...
------
Intel and AMD trusted enclaves, a foundation for network security, fall to physical attacks - Ars Technica share.google/8iN6bXswxIp1...
Intel and AMD trusted enclaves, a foundation for network security, fall to physical attacks
The chipmakers say physical attacks aren’t in the threat model. Many users didn’t get the memo.
share.google
October 2, 2025 at 12:18 AM
Intel and AMD agree, in cybersecurity #HardwareHacking always wins.
------
Intel and AMD trusted enclaves, a foundation for network security, fall to physical attacks - Ars Technica share.google/8iN6bXswxIp1...
------
Intel and AMD trusted enclaves, a foundation for network security, fall to physical attacks - Ars Technica share.google/8iN6bXswxIp1...
"This security issue could allow potential attackers to gain complete and persistent control of both the BMC system and the main server OS,"
New Supermicro BMC flaws can create persistent backdoors
#HardwareHacking
share.google/xrqGNVc2W5S9...
New Supermicro BMC flaws can create persistent backdoors
#HardwareHacking
share.google/xrqGNVc2W5S9...
New Supermicro BMC flaws can create persistent backdoors
Two vulnerabilities affecting the firmware of Supermicro hardware, including Baseboard Management Controller (BMC) allow attackers to update systems with maliciously crafted images.
share.google
September 26, 2025 at 1:37 AM
"This security issue could allow potential attackers to gain complete and persistent control of both the BMC system and the main server OS,"
New Supermicro BMC flaws can create persistent backdoors
#HardwareHacking
share.google/xrqGNVc2W5S9...
New Supermicro BMC flaws can create persistent backdoors
#HardwareHacking
share.google/xrqGNVc2W5S9...
I be hopin’ all ye scallywags enjoyed Talk Like a Pirate Day, one o’ me most beloved holidays.
Fear not, fer next year the dread pirate Roberts may once again, set sail across the cyber-seas, an’ school the landlubbers in the art o’ industrial cybersecurity!
Yaarrrr!
Fear not, fer next year the dread pirate Roberts may once again, set sail across the cyber-seas, an’ school the landlubbers in the art o’ industrial cybersecurity!
Yaarrrr!
September 20, 2025 at 1:25 AM
I be hopin’ all ye scallywags enjoyed Talk Like a Pirate Day, one o’ me most beloved holidays.
Fear not, fer next year the dread pirate Roberts may once again, set sail across the cyber-seas, an’ school the landlubbers in the art o’ industrial cybersecurity!
Yaarrrr!
Fear not, fer next year the dread pirate Roberts may once again, set sail across the cyber-seas, an’ school the landlubbers in the art o’ industrial cybersecurity!
Yaarrrr!
Hardware hacking warnings
Exclusive: US warns hidden radios may be embedded in solar-powered highway infrastructure | Reuters
share.google/kXscXIl4eGqV...
Exclusive: US warns hidden radios may be embedded in solar-powered highway infrastructure | Reuters
share.google/kXscXIl4eGqV...
Exclusive: US warns hidden radios may be embedded in solar-powered highway infrastructure
U.S. officials say solar-powered highway infrastructure including chargers, roadside weather stations, and traffic cameras should be scanned for the presence of rogue devices – such as hidden radios – secreted inside batteries and inverters.
share.google
September 13, 2025 at 11:22 AM
Hardware hacking warnings
Exclusive: US warns hidden radios may be embedded in solar-powered highway infrastructure | Reuters
share.google/kXscXIl4eGqV...
Exclusive: US warns hidden radios may be embedded in solar-powered highway infrastructure | Reuters
share.google/kXscXIl4eGqV...
‘Unrestrained’ Chinese Cyberattackers May Have Stolen Data From Almost Every American - The New York Times share.google/K23WgUmY7smX...
‘Unrestrained’ Chinese Cyberattackers May Have Stolen Data From Almost Every American
Information collected during the yearslong Salt Typhoon attack could allow Beijing’s intelligence services to track targets from the United States and dozens of other countries.
share.google
September 5, 2025 at 12:34 AM
‘Unrestrained’ Chinese Cyberattackers May Have Stolen Data From Almost Every American - The New York Times share.google/K23WgUmY7smX...
Supply Chain Chipping Attacks: When Should I Worry?
YouTube video by S4 Events
youtu.be
August 19, 2025 at 8:14 PM
Industrial control system hacking
#ICShacking
Pro-Russian hackers blamed for water dam sabotage in Norway share.google/PC8tl4Zk9L7V...
#ICShacking
Pro-Russian hackers blamed for water dam sabotage in Norway share.google/PC8tl4Zk9L7V...
Pro-Russian hackers blamed for water dam sabotage in Norway
The Norwegian Police Security Service (PST) says that pro-Russian hackers took control of critical operation systems at a dam and opened outflow valves.
share.google
August 14, 2025 at 8:26 PM
Industrial control system hacking
#ICShacking
Pro-Russian hackers blamed for water dam sabotage in Norway share.google/PC8tl4Zk9L7V...
#ICShacking
Pro-Russian hackers blamed for water dam sabotage in Norway share.google/PC8tl4Zk9L7V...
An attacker with physical access to a user's laptop can pry it open and directly access the USH board over USB bypassing Windows login security.
#HardwareHacking
www.bleepingcomputer.com/news/securit...
#HardwareHacking
www.bleepingcomputer.com/news/securit...
ReVault flaws let hackers bypass Windows login on Dell laptops
ControlVault3 firmware vulnerabilities impacting over 100 Dell laptop models can allow attackers to bypass Windows login and install malware that persists across system reinstalls.
www.bleepingcomputer.com
August 7, 2025 at 1:53 PM
An attacker with physical access to a user's laptop can pry it open and directly access the USH board over USB bypassing Windows login security.
#HardwareHacking
www.bleepingcomputer.com/news/securit...
#HardwareHacking
www.bleepingcomputer.com/news/securit...
"Technical Challenges include firmware vulnerabilities. Ensuring the integrity and secure update of inverter based generation firmware, which could lead to grid instability if compromised."
-Ingrid Rayo
Innovative Resiliency
#NewNERCrequirements
#HardwareHacking
#EnergySec
-Ingrid Rayo
Innovative Resiliency
#NewNERCrequirements
#HardwareHacking
#EnergySec
July 28, 2025 at 4:21 PM
"Technical Challenges include firmware vulnerabilities. Ensuring the integrity and secure update of inverter based generation firmware, which could lead to grid instability if compromised."
-Ingrid Rayo
Innovative Resiliency
#NewNERCrequirements
#HardwareHacking
#EnergySec
-Ingrid Rayo
Innovative Resiliency
#NewNERCrequirements
#HardwareHacking
#EnergySec
Presenting at an Energy Security conference this week in Disneyland Anaheim CA. :)
#WorkingRemote
#ImaLuckyGuy
#EnergySec
#WorkingRemote
#ImaLuckyGuy
#EnergySec
July 27, 2025 at 7:19 PM
Presenting at an Energy Security conference this week in Disneyland Anaheim CA. :)
#WorkingRemote
#ImaLuckyGuy
#EnergySec
#WorkingRemote
#ImaLuckyGuy
#EnergySec
We learned a lot and had fun doing it in the SCADA security class in Washington D.C. So much so the class wanted a picture.
It was really nice teaching such an engaged group.
#ICSsecurity
It was really nice teaching such an engaged group.
#ICSsecurity
July 25, 2025 at 9:33 PM
We learned a lot and had fun doing it in the SCADA security class in Washington D.C. So much so the class wanted a picture.
It was really nice teaching such an engaged group.
#ICSsecurity
It was really nice teaching such an engaged group.
#ICSsecurity