Tag: ZeroNights
ZeroNights 2018: videos uploaded
ZeroNights: Turning your BMC into a revolving door
HPE iLOv5 Firmware Updates, Local Bypass of Security Restrictions
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03894en_us
[…]Release Date: 2018-10-30[…]
A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) prior to v1.37 could be locally exploited to bypass the security restrictions for firmware updates.[…]
ZeroNights 2018: NUClear explotion
Alexander Ermolov and Ruslan Zakirov will deliver their «NUClear explotion» talk. A major and most significant approach to UEFI BIOS security is preventing it from being illegitimately modified and the SPI flash memory from being overwritten. Modern vendors use a wide range of security mechanisms to ensure that (SMM BLE / SMM BWP / PRx / Intel BIOS Guard) and hardware-supported verification technologies (Intel Boot Guard). In other words, they do everything just not to let an attacker to place a rootkit into a system. Even the likelihood of execution in the most privileged mode of a processor – System Management Mode (can be achieved through vulnerable software SMI handlers) – is of no interest to adversaries since it does not guarantee they will be able to gain a foothold in a system. A single reboot and an attack must be started anew. However, there is a thing that can make all BIOS security mechanisms inefficient. And this thing is a vulnerable update mechanism implemented by a vendor. Moreover, quite often a legitimate updater adds lots and lots of critical security holes to a system. In this talk, we will speak about how vendors manage to throw all those security flaws together in one system using Intel NUC, a small home PC, as an example. Besides, we will demonstrate how an adversary can compromise BIOS from the userland.
https://2018.zeronights.ru/en/news/the-selection-of-zeronights-2018-talks-is-finished/
ZeroNights CFP open
Nikolaj’s ZeroNights UEFI video online
The video of Nikolaj Schlej from ZeroNights is now online!
https://www.youtube.com/watch?v=n2Tv48r1j3k
Sources and slides are here:
Hypervisor talk from ZeroNights available
Alex Matrosov’s presentations — one of which is on attacking hypervisors — from Zero Nights are now online!
https://github.com/REhints/Publications/tree/master/Conferences/Zeronights’2015
Nikolaj’s ZeroNights presentation available
Congratulations to Nikolaj on his first presentation! His presentation is now available!
The section on Protections is especially worth reading!
https://twitter.com/NikolajSchlej/status/669902996046761984
ZeroNights
ZeroNights is coming up this December in Moscow. There are multiple firmware security-related presentations at this event,
Not only will Nikolaj Schlej will be speaking on UEFI, perhaps his first conference presentation?
But there are at least two other firmware-related presentations:
They also have a Hardware Hacking Village. Looks like a fun conference.
http://2015.zeronights.org/agenda.html
http://2015.zeronights.org/workshops.html
Nikolaj Schlej to speak on UEFI at ZeroNights
Nikolaj Schlej, firmware security researcher and creator of UEFITool, will be speaking at ZeroNights 2015 in November 25-26 in Moscow, Russia, his first security conference presentation! His presentation is called “UEFI: Fix it yourself”, and he’s one of a handful of people that can accomplish that. 🙂
Firmware Security 