HITB-GSEC presentations online

HITB-GSEC is happening, slides are uploaded in near real-time, day 1 presentations are up:


Whitepaper from Legbacore on Thunderstrike

At GSEC HITB Singapore 2015, Legbacore gave pre-conference training. As well, they gave a presentation on Thunderstrike. Beyond the presentation slides, the whitepaper is now available!


Click to access D2%20-%20Xeno%20Kovah%20-%20Thunderstrike%202%20-%20Sith%20Strike.pdf

Click to access Xeno%20Kovah%20-%20Thunderstrike%202%20-%20Sith%20Strike.pdf

LegbaCore Summer Tour announced

LegbaCore, one of the main BIOS security research firms around, has updated their web site to include calendar information about their upcoming presentations and training for the Summer and early Fall.

They will be at HITB Singaport giving BIOS training in October. They’ll be speaking at BlackHat/DEFCON on Mac firmware attacks. They’ll be giving “Understanding x86-64 Assembly for Reverse Engineering and Exploits” training at BlackHat USA. They’ll be talking at SummerCon, entitled “How Many Million BIOSes Would You Like to Infect?”. “This talk will detail the result of our 1 month effort to infect the BIOS of every business class system we could get our hands on.”

They’ve also updated their Training resources. They now have *SIX* full days of BIOS/UEFI training!

More Information:



Upcoming UEFI/BIOS security training

Here are two upcoming UEFI/BIOS security related training events being taught by industry experts (listed by date):

Security of BIOS/UEFI System Firmware from Attacker’s and Defender’s Perspective
When: Jun 16-18 2015
What: Recon
Where: Hyatt Regency Montreal
Instructors: Yuriy Bulygin, Oleksandr Bazhaniuk, Andrew Furtak and John Loucaides

Introductory BIOS & SMM Attack & Defense
When: Oct 12-16, 2015
What: HITB GSEC Singapore
Where: Sheraton Towers Singapore
Instructors: Xeno Kovah, Corey Kallenberg