Uncategorized

Black Hat: System Firmware Attack and Defense for the Enterprise

A variety of attacks targeting system firmware have been discussed publicly, drawing attention to interaction with system firmware components. This includes operating system loaders, secure boot mechanisms, runtime interfaces, and system management mode (SMM). This training will detail and organize objectives, attack vectors, vulnerabilities, and protection mechanisms in this fascinating environment. The training includes two parts.
1. Present a structured approach to system firmware security analysis and mitigations through lecture and hands-on exercises to test system firmware for vulnerabilities. After the training, students will have basic understanding of platform hardware components, system firmware components, attacks against system firmware, and available mitigations. Students can apply this knowledge to identify firmware vulnerabilities and perform forensic analysis.
2. Apply concepts to an enterprise environment. Using an understanding of security issues, students explore potential risks to operational environments including both supply chain and remote malware attacks. Students will perform assessments and basic forensic analysis of potential firmware attacks.

https://www.blackhat.com/us-18/training/schedule/index.html#system-firmware-attack-and-defense-for-the-enterprise-9792

 

Standard

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s