Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

6/10/2013
02:31 PM
50%
50%

Black Hat USA 2013 Showcases NAND, Windows 8 Secure Boot Hacking Talks

Organizers confirm another trio of Briefings from the show

[NOTE: Black Hat and Dark Reading are both part of UBM Tech. As the key July 27th-August 1st information security event in Las Vegas approaches, we'll be sharing information about the show directly from its creators here on Dark Reading.]

As July's Black Hat US in Las Vegas nears, organizers have confirmed another trio of highlighted Briefings from the show, which all focus, in some way or other, on getting under the skin of key systems. Here's the official rundown:

Click here for more of Dark Reading's Black Hat articles.

-- Technologies don't get much more ubiquitous than NAND memory, which is used in just about every gadget going. But ubiquity rarely equals safety, as Josh "m0nk" Thomas will demonstrate in "Hiding @ Depth: Exploring, Subverting, and Breaking NAND Flash Memory." Thomas will show how NAND hardware can be subverted to hide persisting files, opening the door to everything from basic malwares to full-on device bricking. He'll release two open-source Android tools to both hide and reveal these hidden files, and explore the security implications of NAND's striking vulnerabilities. Think there's an easy fix? Unlikely. Come to the session for the full appraisal.

-- Windows 8's Secure Boot, based on UEFI 2.3.1's Secure Boot, marks a needed, long-in-coming step toward securing boot sequences against malware. But as ever, the devil is in the minute details, and it turns out that platform vendors are making certain mistakes that can completely undermine Secure Boot's intended protections. Join Intel's Yuriy Bulygin for "A Tale of One Software Bypass of Windows 8 Secure Boot," in which he'll demo a full software bypass of Windows 8 Secure Boot and explain how these breaches could HAve been avoided had the hardware vendors done things differently.

-- Cracking crypto is fun, but the high cost of relevant hardware can be a discouraging barrier to entry; not everyone can afford the fancy oscilloscopes used by researchers. But never fear. In "Power Analysis Attacks for Cheapskates," Colin Flynn will show you how to create surprisingly advanced crypto-cracking systems that cost a few hundred dollars instead of a few thousand and, as a bonus, can fit in your pocket. Flynn deploys open-source technologies, from the capture board to the Python tools, so attendees will walk away with all the knowledge needed to put together their own low-cost power analysis labs.

More information about Black Hat USA 2013, which has a rapidly growing set of Briefings talks, as well as a comprehensive set of two- and four-day trainings, is available now -- and online registration, at a reduced rate from onsite, is open until July 24th.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Zero Trust doesn't have to break your budget!
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-34202
PUBLISHED: 2021-06-16
There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640) 1.01B04. Ordinary permissions can be elevated to administrator permissions, resulting in local arbitrary code execution. An attacker can combine other vulnerabilities to further achieve the purpose of remot...
CVE-2021-32659
PUBLISHED: 2021-06-16
Matrix-appservice-bridge is the bridging service for the Matrix communication program's application services. In versions 2.6.0 and earlier, if a bridge has room upgrade handling turned on in the configuration (the `roomUpgradeOpts` key when instantiating a new `Bridge` instance.), any `m.room.tombs...
CVE-2020-25755
PUBLISHED: 2021-06-16
An issue was discovered on Enphase Envoy R3.x and D4.x (and other current) devices. The upgrade_start function in /installer/upgrade_start allows remote authenticated users to execute arbitrary commands via the force parameter.
CVE-2020-25754
PUBLISHED: 2021-06-16
An issue was discovered on Enphase Envoy R3.x and D4.x devices. There is a custom PAM module for user authentication that circumvents traditional user authentication. This module uses a password derived from the MD5 hash of the username and serial number. The serial number can be retrieved by an una...
CVE-2020-25753
PUBLISHED: 2021-06-16
An issue was discovered on Enphase Envoy R3.x and D4.x devices with v3 software. The default admin password is set to the last 6 digits of the serial number. The serial number can be retrieved by an unauthenticated user at /info.xml.