REcon Brussels 2018 slides uploaded

February 22, 2018 ~ hucktech ~ Leave a comment

REcon BRX 2018 Slides are here !!https://t.co/qprK07Ivug

— REcon Brussels (@reconbrx) February 12, 2018

Starcraft: Emulating a buffer overflow for fun and profit – Elias Bachaalany
Subverting your server through its BMC: the HPE iLO4 case – Alexandre Gazet, Joffrey Czarny, Fabien Perigaud
Breaking state-of-the-art binary code obfuscation – Tim Blazytko, Moritz Contag
Decompiler internals: microcode – Ilfak Guilfanov
Mess with the best, die like the rest (mode) – Volodymyr Pikhur
Hacking Toshiba Laptops – Michał Kowalczyk, Serge Bazanski
Dissecting QNX – Ali Abbasi, Jos Wetzels
Robin Hood vs Cisco ASA AnyConnect – Cedric Halbronn
Linux Vulnerabilities, Windows Exploits: Escalating Privileges with WSL – Saar Amar
DIY ARM Debugger for Wi-Fi Chips- Matthias Schulz
Reversing IoT: Xiaomi ecosystem – Dennis Giese, Daniel Wegemer
Visiting The Snake Nest – Matthieu Faou, Jean-Ian Boutin
Reverse Engineering Windows Defender’s JavaScript Engine – Alexei Bulazel

https://recon.cx/2018/brussels/slides/

Slides for coreboot/UEFI talk from REcon available

February 22, 2017 ~ hucktech ~ Leave a comment

Slides from our "New vulnerabilities in Coreboot and UEFI based firmware" talk at @reconbrx : https://t.co/i4cmlqLNNt [pdf]

— Yuriy Bulygin (@c7zero) February 22, 2017

Our slides from #reconbrx "Baring the system" (analysis of BAR overlapping vuln.) at https://t.co/BKTogCYPch // @c7zero @reconbrx @reconmtl

— Alex Bazhaniuk (@ABazhaniuk) February 22, 2017

Click to access REConBrussels2017_BARing_the_system.pdf

http://www.intelsecurity.com/advanced-threat-research/index.html

Yuriy and Oleksandr at REcon

January 18, 2017 ~ hucktech ~ Leave a comment

"Baring the system: New vulnerabilities in SMM of Coreboot and UEFI based systems" @reconbrx by @ABazhaniuk & myself https://t.co/Yq1mO4fpl8

— Yuriy Bulygin (@c7zero) January 17, 2017

Baring the system: New vulnerabilities in SMM of Coreboot and UEFI based systems
By: Yuriy Bulygin, Oleksandr Bazhaniuk

Previously, we discovered a number of vulnerabilities in UEFI based firmware including software vulnerabilities in SMI handlers that could lead to SMM code execution, attacks on hypervisors like Xen, Hyper-V and bypassing modern security protections in Windows 10 such as Virtual Secure Mode with Credential and Device Guard. These issues led to changes in the way OS communicates with SMM on UEFI based systems and new Windows SMM Security Mitigations ACPI Table (WSMT). This research describes an entirely new class of vulnerabilities affecting SMI handlers on systems with Coreboot and UEFI based firmware. These issues are caused by incorrect trust assumptions between the firmware and underlying hardware which makes them applicable to any type of system firmware. We will describe impact and various mitigation techniques. We will also release a module for open source CHIPSEC framework to automatically detect this type of issues on a running system.

https://recon.cx/2017/brussels/talks/baring_the_system.html

Yuriy to speak at REcon Brussels

Yuriy to speak at REcon Brussels

January 5, 2017 ~ hucktech ~ Leave a comment

We'll talk about a class of new vulnerabilities affecting systems with both (U)EFI & Coreboot based firmware @reconbrx

— Yuriy Bulygin (@c7zero) January 4, 2017

If you follow system firmware security, you may like our "Baring the system" talk at RECon Brussels @reconbrx

— Yuriy Bulygin (@c7zero) January 4, 2017

Recon Brussels 2017 talks list has been released https://t.co/5n6vgC4PA7

— REcon Brussels (@reconbrx) December 27, 2016

https://recon.cx/2017/brussels/