7 Hardware & Firmware Hacks Highlighted at Black Hat 2017

Researchers will hammer home potentially devastating attacks, and demo a range of vulnerabilities, techniques and tools.
Taking DMA Attacks To The Next Level: How To Do Arbitrary Memory Reads/Writes In A Live And Unmodified System Using A Rogue M
Breaking The x86 Instruction Set
Fractured Backbone: Breaking Modern OS Defenses With Firmware Attacks
Hacking Hardware With A $10 SD Card Reader
Firmware Is The New Black - Analyzing Past Three Years Of BIOS/UEFI Security Vulnerabilities
Betraying The BIOS: Where The Guardians Of The BIOS Are Failing
Evilsploit – A Universal Hardware Hacking Toolkit

When enterprises build their security models based on implied trust at the hardware and firmware level, they're building them on a foundation of sand. Security researchers are going to repeatedly hammer that lesson home at Black Hat this week as they demonstrate a range of vulnerabilities, attack techniques and tools designed to get as close to the bare metal of systems as possible.

"Researchers have started really challenging the assumptions that we have about the security of platforms and digging into that," says Stefano Zanero, a researcher and associate professor at Politecnico di Milano, as well as a Black Hat review board member. "These are the very basic hardware-related features of our computers — they are things that a very, very limited amount of people have been looking into for decades, but they are growing in importance right now."

It's a dangerous category of flaws as they tend to render protections higher up the platform stack completely moot. Exploiting low-level vulnerabilities in hardware, firmware and instruction sets makes it possible for attackers to quietly and persistently take full control over even the most well-patched and defended devices.

Here are the talks most likely to make waves this week.

Next slide
Recommended Reading: