LegbaCore training announcement

The 2-day agenda:
    Introduction to BIOS concepts
        General system configuration responsibilities
        Security-specific configuration responsibilities
    Hardware architecture
        SPI flash chip
    Usage of PCI for x86 system internals
    Talking to hardware through the PCI configuration space
    PCI Option ROMs (and their use in attack)
    BIOS access control mechanisms
        How they fail
        Tools to detect their failure
    System Management Mode (SMM)
        Why SMM is basically the best place for an attacker to live on an x86 system
        Discussion of how the BIOS instantiates SMM from flash chip contents
        Discussion of how attackers can break into SMM even without persisting on the flash chip
    Introduction to UEFI BIOS
        The UEFI phases and security parameters specific to UEFI
        UEFI Firmware Filesystem
    Reverse engineering UEFI modules
        Applying UEFI structure definitions in IDA Pro
    How Secure Boot & Measured Boot work
        Attacks against Secure Boot
        Attacks against Measured Boot
    Specific tools useful for performing further firmware security research


LegbaCore Summer Tour announced

LegbaCore, one of the main BIOS security research firms around, has updated their web site to include calendar information about their upcoming presentations and training for the Summer and early Fall.

They will be at HITB Singaport giving BIOS training in October. They’ll be speaking at BlackHat/DEFCON on Mac firmware attacks. They’ll be giving “Understanding x86-64 Assembly for Reverse Engineering and Exploits” training at BlackHat USA. They’ll be talking at SummerCon, entitled “How Many Million BIOSes Would You Like to Infect?”. “This talk will detail the result of our 1 month effort to infect the BIOS of every business class system we could get our hands on.”

They’ve also updated their Training resources. They now have *SIX* full days of BIOS/UEFI training!

More Information: