all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

HITB Phuket 2023 – Exploiting the Lexmark PostScript Stack

Add to bookmarks
Aug. 31, 2023, 9:23 a.m. | Aaron Adams

NCC Group Research Blog research.nccgroup.com

Aaron Adams presented this talk at HITB Phuket on the 24th August 2023. The talk detailed how NCC Exploit Development Group (EDG) in Pwn2Own 2022 Toronto was able to exploit two different PostScript vulnerabilities in Lexmark printers. The presentation is a good primer for those interested in further researching the Lexmark PostScript stack, and also […]

aaron august conferences development exploit exploit development exploiting good hardware & embedded systems hitb lexmark ncc postscript presentation presentations printers pwn2own stack study guide the talk toronto tutorial vulnerabilities vulnerability research

Visit resource

More from research.nccgroup.com / NCC Group Research Blog

Sifting through the spines: identifying (potential) Cactus ransomware victims 2 days, 6 hours ago | research.nccgroup.com
access blog cactus cactus ransomware +17
Public Report – Confidential Mode for Hyperdisk – DEK Protection Analysis 2 weeks ago | research.nccgroup.com
analysis architecture confidential data +19
Non-Deterministic Nature of Prompt Injection 2 weeks ago | research.nccgroup.com
attack easy explained exploiting +10
Technical Advisory – Ollama DNS Rebinding Attack (CVE-2024-28224) 2 weeks, 4 days ago | research.nccgroup.com
access advisory api attack +24
Public Report – Google Privacy Sandbox Aggregation Service and Coordinator 4 weeks, 1 day ago | research.nccgroup.com
aggregation companies google google privacy sandbox +16
Android Malware Vultur Expands Its Wingspan 4 weeks, 2 days ago | research.nccgroup.com
android android banking malware android malware authors +18
LTair: The LTE Air Interface Tool 1 month, 1 week ago | research.nccgroup.com
air attacks blog blog post +14
The Development of a Telco Attack Testing Tool 1 month, 1 week ago | research.nccgroup.com
attack blog challenges development +13
Public Report – AWS Nitro System API & Security Claims Italian 1 month, 3 weeks ago | research.nccgroup.com
amazon amazon web services api apis +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Director, Cybersecurity - Governance, Risk and Compliance (GRC)

@ Stanley Black & Decker | New Britain CT USA - 1000 Stanley Dr
View on infosec-jobs.com

Information Security Risk Metrics Lead

@ Live Nation Entertainment | Work At Home-Connecticut
View on infosec-jobs.com

IT Product Owner - Enterprise DevSec Platform (d/f/m)

@ Airbus | Hamburg - Finkenwerder
View on infosec-jobs.com

Senior Information Security Specialist

@ Arthur Grand Technologies Inc | Arlington, VA, United States
View on infosec-jobs.com

Information Security Controls SME

@ Sword | Aberdeen, Scotland, United Kingdom
View on infosec-jobs.com
View more jobs