malware&reversing
Joined June 2009
- Tweets 1,571
- Following 689
- Followers 735
- Likes 1,168
52 Photos and videos
Emanuele Cozzi retweeted
13 Oct 2025
🚨 New research from EURECOM & Univ. of Milan!
[1/3] “Unveiling BYOVD Threats: Malware’s Use and Abuse of Kernel Drivers” (to appear at NDSS’26) reveals how malware exploits signed drivers to gain kernel privileges. This work led to the discovery of 7 unknown weaponized drivers💣
1
13
24
6,807
Emanuele Cozzi retweeted
23 Oct 2024
Heya! Our new research on client-side game cheating & anti-cheat systems is out: birmingham.ac.uk/news/2024/w…
Joint work with Sam Collins, Alex Poulopoulos, and @TomChothia.
Full paper: cs.bham.ac.uk/~tpc/Papers/An…
1
28
72
7,879
Emanuele Cozzi retweeted
3 Sep 2024
We are very excited to share our last research work: 𝐄𝐔𝐂𝐋𝐄𝐀𝐊, authored by Thomas Roche.
An electromagnetic Side-Channel Vulnerability in the ECDSA implementation of all Infineon security microcontrollers, notably impacting all YubiKey 5 Series.
ninjalab.io/eucleak/
12
114
271
84,261
Emanuele Cozzi retweeted
3 Jul 2024
In a few minutes I will present our work on Android evasive malware to @ASIACCS2024 [1].
What better occasion to reveal that DroidDungeon, the sandbox developed for this work, has evolved into a commercial product?
Join the beta -> tnemesis.com/
1
3
16
1,618
Emanuele Cozzi retweeted
13 Jun 2024
Excited to share (albeit with a little delay) that our @binarly_io talk about #LogoFAIL at BlackHat EU is available! Check it out to see the vulnerabilities we found in UEFI image parsing and their security implications:
youtube.com/watch?v=ch0t2_yj…
1
14
41
3,432
Emanuele Cozzi retweeted
22 Apr 2024
We are setting up a user study to measure the impact of LLMs during the Reverse Engineering process.
If you have ever used LLMs for reversing, click here to start the survey (5 mins) 👉 forms.gle/tKBdNjAKE5oyPqet7
You can leave your email address for the second phase-with prizes💰
12
11
2,301
Emanuele Cozzi retweeted
30 Mar 2024
The xz situation is absolutely insane and almost certainly state sponsored.
This is an excellent example of a widely used software being maintained by basically one person.
Read this web article and then frown and become sad.
boehs.org/node/everything-i-…
55
857
5,345
770,153
🚀 BIG ANNOUNCEMENT! 🚀
The full rev.ng decompiler pipeline is now fully open source!
Also, we'll soon start to invite people to participate in the UI closed beta.
Check out our latest blog post: rev.ng/blog/open-sourcing-re…
1
93
340
32,712
Emanuele Cozzi retweeted
9 Feb 2024
Fuzzing is hard, evaluating fuzzing is harder 🔥
For our new @IEEESSP paper, we studied 150 fuzzing evals and found issues such as lackluster documentation, bad experiment setups, or questionable CVEs
📄 Paper mschloegel.me/paper/schloege…
🔧 Help us fix this github.com/fuzz-evaluator/gu…
3
48
182
23,369
Emanuele Cozzi retweeted
5 Feb 2024
I'm about 50% done integrating SAILR into angr master: github.com/angr/angr/issues/… 🎉
P.S.: You can also use angr's decompiler more easily now. Try this out:
```
pip3 install angr && \
angr decompile /bin/true --functions main
```
19
59
8,105
Emanuele Cozzi retweeted
elfconv: AOT compiler for translating Linux/aarch64 ELF → LLVM bitcode → WASM
By my colleague @ming_rrr
medium.com/nttlabs/elfconv-a…
3
24
74
14,291
Emanuele Cozzi retweeted
3 Jan 2024
Sono lieto di annunciare la disponibilità del primo corso di malware analysis in italiano: "Introduzione alla malware analysis: Un approccio pratico"
Oltre 9 ore di corso: t.ly/WPhap (utilizzate questo link, non cercate il corso su udemy ^^)
condivisione gradita :)
28
26
4,980
Emanuele Cozzi retweeted
3 Jan 2024
2024 is the year of the decompiler! Start your year off right by reading a post on the last 30 years of decompilation and one of its hardest problems: structuring! mahaloz.re/dec-history-pt1
Part 2 to be released next week.
8
96
269
24,683
Emanuele Cozzi retweeted
28 Dec 2023
I just published the code and hardware for Tamarin-C, the iPhone 15 USB-C exploration tool I presented at #37c3.
github.com/stacksmashing/tam…
5
219
1,098
94,058
Emanuele Cozzi retweeted
22 Dec 2023
As WOOT becomes a more formal Conference, we want to keep receiving industry submissions! WOOT experiments a new model: in addition to the academic submissions, there is a practitioner's track. Submit a draft early, inerract with reviewers to get this written as a paper.
The USENIX WOOT '24 conference(!) draft CfP is out: usenix.org/conference/woot24…. March 12 is the ⏰ for your offensive security papers! Or think academics should know about your work, but no experience writing formal papers? Submit a draft to the new practitioner track by Feb 20!
1
31
52
14,103
Emanuele Cozzi retweeted
6 Dec 2023
They HACKED A TRAIN. For real. Train operators asked for this to see why their trains didn't run after servicing. Turns out that vendor/producer implemented a geofence lock for trains serviced somewhere else. Amazing story, one of the best hacks in 2023. social.hackerspace.pl/@q3k/1…
28
832
3,379
311,829
Check it out, it's tmp.0ut Volume 3!
tmpout.sh/3/
ALT screenshot of the tmp.0ut Vol 3 table of contents
19
403
1,045
176,542
Emanuele Cozzi retweeted
14 Nov 2023
New write-up on an Intel Ice Lake CPU vulnerability, we can effectively corrupt the RoB with redundant prefixes! 🔥 An updated microcode is available today for all affected products, cloud providers should patch ASAP.
lock.cmpxchg8b.com/reptar.ht…
12
339
1,066
413,226
Emanuele Cozzi retweeted
26 Oct 2023
I'm excited to announce a new decompilation control flow structuring algorithm, SAILR, which is the first to precisely revert compiler optimizations in decompilation. Find out how in our USENIX 2024 paper: zionbasque.com/files/publica…. Code, info, and links in the 🧵
11
84
313
39,906
Earlier this year @AmnestyTech and @_clem1 from Google TAG found an in-the-wild iPhone zero day full chain. Today I’m publishing my analysis of the Safari sandbox escape component, the first in-the-wild sample to break into the new Safari GPU process.
5
110
394
92,045