• ABOUT
  • CVE DATABASE
  • CONTACT
  • VISIT SENTINELONE.COM
Back
  • ABOUT
  • CVE DATABASE
  • CONTACT
  • VISIT SENTINELONE.COM

Assaf Carlsbad

Assaf Carlsbad is a security researcher and a member of the Innovation team at SentinelOne. Previously, he spent nearly six years at Unit 8200, where he took part in various R&D projects. His current interests include reverse engineering, Windows kernel security and digging into UEFI firmwares.
Security Research

Another Brick in the Wall: Uncovering SMM Vulnerabilities in HP Firmware

Assaf Carlsbad / March 10, 2022

How we used Brick to discover six different vulnerabilities affecting HP laptops' firmware

Read More
Security Research

Zen and the Art of SMM Bug Hunting | Finding, Mitigating and Detecting UEFI Vulnerabilities

Assaf Carlsbad / March 3, 2022

In Part 5 of our ongoing series on UEFI security research, we dive into the fascinating world of hunting and exploiting SMM vulnerabilities.

Read More
Security Research

Adventures From UEFI Land: the Hunt For the S3 Boot Script

Assaf Carlsbad / April 8, 2021

In Part 4 of our UEFI Internals and Exploitation series, we abandon VMs and dive into UEFI on a physical machine. The quest: recovery of the S3 Boot Script.

Read More
Security Research

Moving From Dynamic Emulation of UEFI Modules To Coverage-Guided Fuzzing of UEFI Firmware

Assaf Carlsbad / November 2, 2020

In Part 3 of our series on emulating, debugging and fuzzing UEFI modules, we provide a step-by-step guide to making a coverage-guided fuzzer for UEFI code.

Read More
Security Research

Moving From Manual Reverse Engineering of UEFI Modules To Dynamic Emulation of UEFI Firmware

Assaf Carlsbad / October 8, 2020

Learn how to emulate, trace, debug, and Reverse Engineer UEFI modules in part 2 of our new blog series on Firmware Security

Read More
Security Research

Moving From Common-Sense Knowledge About UEFI To Actually Dumping UEFI Firmware

Assaf Carlsbad / August 5, 2020

The first in a series of posts for researchers on how to emulate, debug and fuzz UEFI modules, we begin with a refresher on how to dump SPI flash memory.

Read More

SentinelLabs

In the era of interconnectivity, when markets, geographies, and jurisdictions merge in the melting pot of the digital domain, the perils of the threat ecosystem become unparalleled. Crimeware families achieve an unparalleled level of technical sophistication, APT groups are competing in fully-fledged cyber warfare, while once decentralized and scattered threat actors are forming adamant alliances of operating as elite corporate espionage teams.

Latest Tweet

  • New from SentinelLabs! A new #typosquatting attack against the #PyPI repository targets enterprise Macs with a dis… https://t.co/YIKUYfqSDf38 days ago
  • We just released a research on a supply-chain attack against the Rust development community. We referred to it as… https://t.co/T6T3Cp5cWa44 days ago
  • The Centre for Cybersecurity Belgium (CCB) kindly invites you to its online CCB Share & Connect event – previousl… https://t.co/7yoL03kHyp61 days ago
  • New on #SentinelLabs! We have disclosed 10.0 CVSS vulnerabilities on Microsoft’s Azure Defender for IoT allowing u… https://t.co/cEnYqccXrV95 days ago

Recent Posts

  • Aoqin Dragon | Newly-Discovered Chinese-linked APT Has Been Quietly Spying On Organizations For 10 Years
    Aoqin Dragon | Newly-Discovered Chinese-linked APT Has Been Quietly Spying On Organizations For 10 Years
    June 9, 2022
  • Use of Obfuscated Beacons in ‘pymafka’ Supply Chain Attack Signals a New Trend in macOS Attack TTPs
    Use of Obfuscated Beacons in ‘pymafka’ Supply Chain Attack Signals a New Trend in macOS Attack TTPs
    May 25, 2022
  • CrateDepression | Rust Supply-Chain Attack Infects Cloud CI Pipelines with Go Malware
    CrateDepression | Rust Supply-Chain Attack Infects Cloud CI Pipelines with Go Malware
    May 19, 2022

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

  • Twitter
  • LinkedIn
©2022 SentinelOne, All Rights Reserved.