Xeno Kovah
@xenokovah.bsky.social
Interested in reverse engineering, firmware, bluetooth, trusted computing, and training. Founder of OpenSecurityTraining2 https://ost2.fyi
Someday I will go back and find out if my logic capabilities have improved yet or not (but I suspect not.) So I’ve always been keenly aware of how easy it is to spoof logic with just memorization…
November 11, 2025 at 11:31 AM
Someday I will go back and find out if my logic capabilities have improved yet or not (but I suspect not.) So I’ve always been keenly aware of how easy it is to spoof logic with just memorization…
This is it for now, but make sure to check out the other talks on the timeline, and LMK if there’s stuff missing (there most likely will be due to my long time between updates)
November 10, 2025 at 11:28 AM
This is it for now, but make sure to check out the other talks on the timeline, and LMK if there’s stuff missing (there most likely will be due to my long time between updates)
A misc observation: Beyond the recent 3x “we can interpose on RAM and break confidential compute TEEs” (Wiretap, BatteringRAM, and TEE.fail), I also noticed a pattern of researchers finding more signed UEFI shell problems (so I added a new tag for it)
November 10, 2025 at 11:28 AM
A misc observation: Beyond the recent 3x “we can interpose on RAM and break confidential compute TEEs” (Wiretap, BatteringRAM, and TEE.fail), I also noticed a pattern of researchers finding more signed UEFI shell problems (so I added a new tag for it)
2025-10-29
"TEE.fail: Breaking Trusted Execution Environments via DDR5 Memory Bus Interposition"
By Jalen Chuang et al.
Added at darkmentor.com/timeline.htm...
"TEE.fail: Breaking Trusted Execution Environments via DDR5 Memory Bus Interposition"
By Jalen Chuang et al.
Added at darkmentor.com/timeline.htm...
Low Level PC/Server Attack & Defense Timeline — By @XenoKovah of @DarkMentorLLC
darkmentor.com
November 10, 2025 at 11:28 AM
2025-10-29
"TEE.fail: Breaking Trusted Execution Environments via DDR5 Memory Bus Interposition"
By Jalen Chuang et al.
Added at darkmentor.com/timeline.htm...
"TEE.fail: Breaking Trusted Execution Environments via DDR5 Memory Bus Interposition"
By Jalen Chuang et al.
Added at darkmentor.com/timeline.htm...
2025-10-17
"Missing Mitigations: Inside The Security Gap in UEFI Firmware"
By Binarly
Added at darkmentor.com/timeline.htm...
"Missing Mitigations: Inside The Security Gap in UEFI Firmware"
By Binarly
Added at darkmentor.com/timeline.htm...
Low Level PC/Server Attack & Defense Timeline — By @XenoKovah of @DarkMentorLLC
darkmentor.com
November 10, 2025 at 11:28 AM
2025-10-17
"Missing Mitigations: Inside The Security Gap in UEFI Firmware"
By Binarly
Added at darkmentor.com/timeline.htm...
"Missing Mitigations: Inside The Security Gap in UEFI Firmware"
By Binarly
Added at darkmentor.com/timeline.htm...
2025-10-14
"BombShell: The Signed Backdoor Hiding in Plain Sight on Framework Devices"
By Paul Asadoorian
Added at darkmentor.com/timeline.htm...
"BombShell: The Signed Backdoor Hiding in Plain Sight on Framework Devices"
By Paul Asadoorian
Added at darkmentor.com/timeline.htm...
Low Level PC/Server Attack & Defense Timeline — By @XenoKovah of @DarkMentorLLC
darkmentor.com
November 10, 2025 at 11:28 AM
2025-10-14
"BombShell: The Signed Backdoor Hiding in Plain Sight on Framework Devices"
By Paul Asadoorian
Added at darkmentor.com/timeline.htm...
"BombShell: The Signed Backdoor Hiding in Plain Sight on Framework Devices"
By Paul Asadoorian
Added at darkmentor.com/timeline.htm...
2025-10-01
"WireTap: Breaking Server SGX via DRAM Bus Interposition"
By Alex Seto et al.
Added at darkmentor.com/timeline.htm...
"WireTap: Breaking Server SGX via DRAM Bus Interposition"
By Alex Seto et al.
Added at darkmentor.com/timeline.htm...
Low Level PC/Server Attack & Defense Timeline — By @XenoKovah of @DarkMentorLLC
darkmentor.com
November 10, 2025 at 11:28 AM
2025-10-01
"WireTap: Breaking Server SGX via DRAM Bus Interposition"
By Alex Seto et al.
Added at darkmentor.com/timeline.htm...
"WireTap: Breaking Server SGX via DRAM Bus Interposition"
By Alex Seto et al.
Added at darkmentor.com/timeline.htm...
2025-09-30
"Battering RAM: Low-Cost Interposer Attacks on Confidential Computing"
By Jesse De Meulemeester et al.
Added at darkmentor.com/timeline.htm...
"Battering RAM: Low-Cost Interposer Attacks on Confidential Computing"
By Jesse De Meulemeester et al.
Added at darkmentor.com/timeline.htm...
Low Level PC/Server Attack & Defense Timeline — By @XenoKovah of @DarkMentorLLC
darkmentor.com
November 10, 2025 at 11:28 AM
2025-09-30
"Battering RAM: Low-Cost Interposer Attacks on Confidential Computing"
By Jesse De Meulemeester et al.
Added at darkmentor.com/timeline.htm...
"Battering RAM: Low-Cost Interposer Attacks on Confidential Computing"
By Jesse De Meulemeester et al.
Added at darkmentor.com/timeline.htm...
2025-09-24
"Broken Trust: Fixed Supermicro BMC Bug Gains a New Life in Two New Vulnerabilities"
By Anton Ivanov
Added at darkmentor.com/timeline.htm...
"Broken Trust: Fixed Supermicro BMC Bug Gains a New Life in Two New Vulnerabilities"
By Anton Ivanov
Added at darkmentor.com/timeline.htm...
Low Level PC/Server Attack & Defense Timeline — By @XenoKovah of @DarkMentorLLC
darkmentor.com
November 10, 2025 at 11:28 AM
2025-09-24
"Broken Trust: Fixed Supermicro BMC Bug Gains a New Life in Two New Vulnerabilities"
By Anton Ivanov
Added at darkmentor.com/timeline.htm...
"Broken Trust: Fixed Supermicro BMC Bug Gains a New Life in Two New Vulnerabilities"
By Anton Ivanov
Added at darkmentor.com/timeline.htm...
2025-09-12
"Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass"
By Martin Smolar
Added at darkmentor.com/timeline.htm...
"Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass"
By Martin Smolar
Added at darkmentor.com/timeline.htm...
Low Level PC/Server Attack & Defense Timeline — By @XenoKovah of @DarkMentorLLC
darkmentor.com
November 10, 2025 at 11:28 AM
2025-09-12
"Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass"
By Martin Smolar
Added at darkmentor.com/timeline.htm...
"Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass"
By Martin Smolar
Added at darkmentor.com/timeline.htm...
2025-09-10
"Signed and Dangerous: BYOVD Attacks on Secure Boot"
By Fabio Pagani & Yegor Vasilenko
Added at darkmentor.com/timeline.htm...
"Signed and Dangerous: BYOVD Attacks on Secure Boot"
By Fabio Pagani & Yegor Vasilenko
Added at darkmentor.com/timeline.htm...
Low Level PC/Server Attack & Defense Timeline — By @XenoKovah of @DarkMentorLLC
darkmentor.com
November 10, 2025 at 11:28 AM
2025-09-10
"Signed and Dangerous: BYOVD Attacks on Secure Boot"
By Fabio Pagani & Yegor Vasilenko
Added at darkmentor.com/timeline.htm...
"Signed and Dangerous: BYOVD Attacks on Secure Boot"
By Fabio Pagani & Yegor Vasilenko
Added at darkmentor.com/timeline.htm...
2025-08-20
"Why'd You Only Call Me When You're in SMM? Exploiting UEFI SMM Vulnerabilities for Persistent Firmware Implants"
By Nika Korchok Wakulich
Added at darkmentor.com/timeline.htm...
"Why'd You Only Call Me When You're in SMM? Exploiting UEFI SMM Vulnerabilities for Persistent Firmware Implants"
By Nika Korchok Wakulich
Added at darkmentor.com/timeline.htm...
Low Level PC/Server Attack & Defense Timeline — By @XenoKovah of @DarkMentorLLC
darkmentor.com
November 10, 2025 at 11:28 AM
2025-08-20
"Why'd You Only Call Me When You're in SMM? Exploiting UEFI SMM Vulnerabilities for Persistent Firmware Implants"
By Nika Korchok Wakulich
Added at darkmentor.com/timeline.htm...
"Why'd You Only Call Me When You're in SMM? Exploiting UEFI SMM Vulnerabilities for Persistent Firmware Implants"
By Nika Korchok Wakulich
Added at darkmentor.com/timeline.htm...
2025-08-15
"GPUHammer: Rowhammer Attacks on GPU Memories are Practical"
By Chris (Shaopeng) Lin et al.
Added at darkmentor.com/timeline.htm...
"GPUHammer: Rowhammer Attacks on GPU Memories are Practical"
By Chris (Shaopeng) Lin et al.
Added at darkmentor.com/timeline.htm...
Low Level PC/Server Attack & Defense Timeline — By @XenoKovah of @DarkMentorLLC
darkmentor.com
November 10, 2025 at 11:28 AM
2025-08-15
"GPUHammer: Rowhammer Attacks on GPU Memories are Practical"
By Chris (Shaopeng) Lin et al.
Added at darkmentor.com/timeline.htm...
"GPUHammer: Rowhammer Attacks on GPU Memories are Practical"
By Chris (Shaopeng) Lin et al.
Added at darkmentor.com/timeline.htm...
2025-08-09
"Direct Memory, Access Everywhere"
By Joe FitzPatrick & Grace Parrish
Added at darkmentor.com/timeline.htm...
"Direct Memory, Access Everywhere"
By Joe FitzPatrick & Grace Parrish
Added at darkmentor.com/timeline.htm...
Low Level PC/Server Attack & Defense Timeline — By @XenoKovah of @DarkMentorLLC
darkmentor.com
November 10, 2025 at 11:28 AM
2025-08-09
"Direct Memory, Access Everywhere"
By Joe FitzPatrick & Grace Parrish
Added at darkmentor.com/timeline.htm...
"Direct Memory, Access Everywhere"
By Joe FitzPatrick & Grace Parrish
Added at darkmentor.com/timeline.htm...
2025-08-08
"Infecting the Boot to Own the Kernel"
By Alejandro Vazquez & Maria San Jose
Added at: darkmentor.com/timeline.htm...
"Infecting the Boot to Own the Kernel"
By Alejandro Vazquez & Maria San Jose
Added at: darkmentor.com/timeline.htm...
Low Level PC/Server Attack & Defense Timeline — By @XenoKovah of @DarkMentorLLC
darkmentor.com
November 10, 2025 at 11:28 AM
2025-08-08
"Infecting the Boot to Own the Kernel"
By Alejandro Vazquez & Maria San Jose
Added at: darkmentor.com/timeline.htm...
"Infecting the Boot to Own the Kernel"
By Alejandro Vazquez & Maria San Jose
Added at: darkmentor.com/timeline.htm...
2025-08-06
"Booting into Breaches: Hunting Windows SecureBoot's Remote Attack Surfaces"
By Jietao Yang
Added at darkmentor.com/timeline.htm...
"Booting into Breaches: Hunting Windows SecureBoot's Remote Attack Surfaces"
By Jietao Yang
Added at darkmentor.com/timeline.htm...
Low Level PC/Server Attack & Defense Timeline — By @XenoKovah of @DarkMentorLLC
darkmentor.com
November 10, 2025 at 11:28 AM
2025-08-06
"Booting into Breaches: Hunting Windows SecureBoot's Remote Attack Surfaces"
By Jietao Yang
Added at darkmentor.com/timeline.htm...
"Booting into Breaches: Hunting Windows SecureBoot's Remote Attack Surfaces"
By Jietao Yang
Added at darkmentor.com/timeline.htm...
2025-08-06
"Shade BIOS: Unleashing the Full Stealth of UEFI Malware"
By Kazuki Matsuo
Added at darkmentor.com/timeline.htm...
"Shade BIOS: Unleashing the Full Stealth of UEFI Malware"
By Kazuki Matsuo
Added at darkmentor.com/timeline.htm...
Low Level PC/Server Attack & Defense Timeline — By @XenoKovah of @DarkMentorLLC
darkmentor.com
November 10, 2025 at 11:28 AM
2025-08-06
"Shade BIOS: Unleashing the Full Stealth of UEFI Malware"
By Kazuki Matsuo
Added at darkmentor.com/timeline.htm...
"Shade BIOS: Unleashing the Full Stealth of UEFI Malware"
By Kazuki Matsuo
Added at darkmentor.com/timeline.htm...
2025-08-06
"BitUnlocker: Leveraging Windows Recovery to Extract BitLocker Secrets"
By Alon Leviev et al.
Added at darkmentor.com/timeline.htm...
"BitUnlocker: Leveraging Windows Recovery to Extract BitLocker Secrets"
By Alon Leviev et al.
Added at darkmentor.com/timeline.htm...
Low Level PC/Server Attack & Defense Timeline — By @XenoKovah of @DarkMentorLLC
darkmentor.com
November 10, 2025 at 11:28 AM
2025-08-06
"BitUnlocker: Leveraging Windows Recovery to Extract BitLocker Secrets"
By Alon Leviev et al.
Added at darkmentor.com/timeline.htm...
"BitUnlocker: Leveraging Windows Recovery to Extract BitLocker Secrets"
By Alon Leviev et al.
Added at darkmentor.com/timeline.htm...