Not only is DEF CON happening (maybe):
but Black Hat Briefings is also happening:
https://www.blackhat.com/us-15/briefings.html
There are numerous talks related to firmware security. Here’s the initial list of events that caught my eye, and I’m sure I missed a few gems. The Thunderstrike talk sounds very interesting, as does the talk on firmware attacks to hypervisors! I’m looking forward to trying Unicorn and Angr. The problem with big conferences is there’s too many good talks to attend, and I haven’t cloned myself yet.
* Advanced IC Reverse Engineering Techniques: In Depth Analysis of a Modern Smart Card, Olivier Thomas
* Using Static Binary Analysis to Find Vulnerabilities and Backdoors in Firmware, Christopher Kruegel, Yan Shoshitaishvili
* Attacking Hypervisors Using Firmware and Hardware, Yuriy Bulygin, Alexander Matrosov, Mikhail Gorobets, Oleksandr Bazhaniuk
* Attacking Your Trusted Core: Exploiting Trustzone on Android, Di Shen
* Cloning 3G/4G SIM Cards with a PC and an Oscilloscope: Lessons Learned in Physical Security, Yu Yu
* Exploiting the DRAM Rowhammer Bug to Gain Kernel Privileges, Mark Seaborn, Halvar Flake
* Fuzzing Android System Services by Binder Call to Escalate Privilege, Guang Gong
* The Memory Sinkhole – Unleashing an x86 Design Flaw Allowing Universal Privilege Escalation, Christopher Domas
* These are Not Your Grand Daddys CPU Performance Counters – CPU Hardware Performance Counters for Security, Nishad Herath, Anders Fogh
* ThunderStrike 2: Sith Strike, Trammell Hudson, Xeno Kovah, Corey Kallenberg
* Unicorn: Next Generation CPU Emulator Framework, Nguyen Anh Quynh, Hoang-Vu Dang
Firmware Security 