Monday, 19 May 2025

The Bugs in Your Bootloaders: Embedded Device Secure Boot Fails and How to Fix Them

Many embedded devices use complex boot sequences to initiate their operating systems. These boot chains often implement security features that enforce the authenticity and integrity of each boot stage, forming a chain of trust. Often, a single vulnerability is enough to break and circumvent these chains of trust. We think that this, combined with a lack of basic hardware security features, is an industry-wide problem. In this presentation, we show how to easily break secure boot implementations by exploiting bootloader vulnerabilities using physical access or remote, root-equivalent access. One of our examples is a fully-patched network device that runs a fork of grub 0.97 (yes, the legacy one). We also show how it was possible to fully compromise the Dell iDRAC9 secure boot chain using a new vulnerability called "RootBlock". This class of vulnerabilities allows an attacker to achieve the highest possible level of compromise: Undetectable arbitrary code execution that can persist across all sorts of recovery or reset attempts. Unfortunately, vendors often need to resort to drastic measures to fix these vulnerabilities and in the worst cases these vulnerabilities remain unfixed until updated hardware is shipped. We briefly discuss our process of identifying, exploiting, reporting, and receiving fixes for these vulnerabilities and present a survey of popular bootloaders, in which we analyze their attack surface. Since bootloaders are often shared across many different types of devices and vendors, this is a great opportunity to help secure embedded devices across the entire industry. Motivated by that, we discuss what needs to happen to rule out such vulnerabilities entirely. By: Henrik Ferdinand Nölscher | Security Engineer, Google Full Abstract and Presentation Materials: https://ift.tt/7UkXwiq

source https://www.youtube.com/watch?v=eZczwNFzxus

Thursday, 15 May 2025

The Double (AI) Agent: Flipping a GenAI Agent Behavior

The Double (AI) Agent: Flipping a GenAI Agent Behavior from Serving an Application to Attacking it using Promptwares Function calling (a.k.a. Plan & Execute), is a groundbreaking application of generative AI (GenAI). By dynamically planning a solution for a given user input, it offers a powerful alternative to traditional, pre-coded approaches. GenAI engines are used to craft a tailored plan (based on the available functions within an application) which independent agents subsequently execute. Despite its rapid adoption in the industry and integration into countless applications (e.g., chatbots, assistants), the risks associated with function calling (agents-based GenAI applications) remain largely unexplored. This talk discusses PromptWare, a new emerging risk to agents-based GenAI applications. PromptWare is a family of zero-click input prompts that when given as inputs to GenAI applications, flip the behavior of the GenAI engine from serving the application to attacking it. In the first part of the talk, we discuss the properties and uses of PromptWares. Next, we discuss a naive variant of Propmtware intended to target applications whose interface with the GenAI engine is known to attackers. We show how attackers could exploit such knowledge to trigger a DoS attack against a GenAI-powered assistant by forcing the agents to enter an infinite loop which wastes redundant API calls to the GenAI engine. Next, we discuss Advanced Promptware Threats (APwT), an advanced variant of Promptware that targets applications with no prior knowledge. We show how attackers could write a prompt that exploits the advanced AI capabilities of GenAI to conduct real-time reconnaissance (by understanding the context of the GenAI-powered application, and identifying the assets in its context), threat reasoning (enumerating the possible malicious activities that could be conducted and deciding on one) and finally use an agent to execute a malicious activity within the context of the application. We show how attackers could write APwT that forces an e-commerce chatbot to provide them discounts. By: Ben Nassi | Infosec Researcher, Technion Stav Cohen | PhD Student, Technion – Israel Institute of Technology Ron Bitton | Principal AI/ML Security Researcher, Intuit Full Abstract and Presentation Materials: https://ift.tt/iVNhoq4

source https://www.youtube.com/watch?v=2xGcqDmkkf8

Unmasking State-Sponsored Mobile Surveillance Malware from Russia, China, and North Korea

Unmasking State-Sponsored Mobile Surveillance Malware from Russia, China, and North Korea – Threat Actors, Tactics, and Defense Strategies State-sponsored threat actors have expanded their arsenal of surveillance tooling, leaning into mobile malware as a way to acquire information about a target or target group that had otherwise been inaccessible through traditional desktop campaigns. With more than 86% of the worldwide population using a smartphone, attackers have access to the perfect espionage device in the pockets of nearly every potential target. However, APTs from various regions tend to conduct operations in significantly different ways. In this session, we'll explore the landscape of state-sponsored surveillance activity using case studies from Russian, Chinese and North Korean threat actors. We'll discuss their choice of targeting and the different methodologies each employ while introducing several previously unreported malware families that highlight the differences in these state-sponsored operations. By: Kristina Balaam | Senior Staff Security Intelligence Researcher, Lookout Kyle Schmittle | Senior Security Intelligence Researcher, Lookout Alemdar Islamoglu | Senior Staff Security Intelligence Researcher, Lookout Full Abstract and Presentation Materials: https://ift.tt/wNdQ3JY

source https://www.youtube.com/watch?v=AkNzyvGbB50

UNC1860 and The Temple of Oats - Iran's hidden hand in Middle Eastern Networks

This session is a master class in piecing together seemingly unrelated tools and incidents into a single cohesive story about an uprising threat group, UNC1860. For years, UNC1860, a state sponsored Iranian threat actor, operated covertly, leaving behind a trail of tools and incidents that multiple security vendors could not attribute to a single entity. Through meticulous investigation, we were able to correlate the clues about this actor and expose not only its full arsenal but also its intent and tactics. While remaining largely obscured despite its persistent targeting of governments, telecommunications and critical infrastructure entities across the Middle East since at least 2018, this group has in fact played the role of an advanced access broker employed by the Iranian government quite often. In this talk, we will shed light on the advanced aspects of the group's activity. This includes their sophisticated use of Windows kernel-mode drivers that entailed repurposing Iranian AV drivers, as well as developing custom kernel implants that demonstrated the group's extensive reverse engineering capabilities of Windows kernel components. Moreover, our research will reveal previously undisclosed tools extracted from victim systems that were used as webshells and passive backdoors controllers in production environments. Drawing on Google Cloud - Mandiant's real-world incident response experience in the Middle East, we will illustrate UNC1860's distinct tactics within compromised environments, demonstrating how their activities facilitate operations for a large spectrum of Iranian threat actors. This includes destructive attacks against government networks that have garnered international attention and sophisticated espionage operations by MOIS affiliated APTs. By connecting the dots of UNC1860's activities, we will unveil a critical component of Iran's cyber strategy and the associated risks to organizations in the region and beyond. By: Stav shulman | Staff Security Researcher, Google Cloud Full Abstract and Presentation Materials: https://ift.tt/LMeSpzK

source https://www.youtube.com/watch?v=ijHL3V08Z2I

Wednesday, 14 May 2025

Vulnerabilities in the eSIM download protocol

Downloadable eSIM is replacing physical SIM cards in mobile phones. The GSM Association (GSMA) defines the consumer Remote SIM Provisioning (RSP) protocol that enables consumers to download SIM profiles to a secure element in their mobile devices. These profiles contain the credentials for authenticating the device and subscriber to the mobile network. The security of the downloaded profile is critically important for protecting mobile communication and billing, and various other applications depend on these credentials for user authentication. We modeled the protocol with formal methods and performed an in-depth analysis of its security properties. This talk presents the results of the analysis in an understandable form for security practitioners. We will explain the RSP protocol architecture and the assumptions made in its design. We then present several realistic scenarios where the assumptions might not hold and vulnerabilities that arise. One observation is that the dependence of the RSP protocol on TLS encapsulation creates unnecessary weaknesses. Another observation is that the trust model of the protocol assumes all download servers to be trustworthy, and the compromise of even one download server will seriously weaken the protocol. Similarly, the protocol assumes all secure elements in all mobile devices to remain secure, and the compromise of a small number of devices can be misused to attack other devices and users. At the protocol design level, we show how the lack of pre-established identifiers contributes to these vulnerabilities. Additionally, we explain how the lack of reliable methods for verifying user intent to download an eSIM can lead to security failures that are similar to SIM swapping. We suggest improvements to the protocol and identify practical solutions for mitigating the vulnerabilities in the current eSIM deployments. By: Abu Shohel Ahmed | Dr, Aalto University Tuomas Aura | Professor, Aalto University Full Abstract and Presentation Available: https://ift.tt/WGebKZM

source https://www.youtube.com/watch?v=v0muR5UGFB8

Tuesday, 13 May 2025

Redefining the Origin of Secrecy in a Post-Quantum World

The post-quantum era demands innovative approaches to key generation that can withstand the capabilities of quantum adversaries, making secure and scalable symmetric key creation more essential than ever. Key agreement and distribution methods, old and new, achieve secrecy by constructing relative distinguishability and indistinguishability through high complexity mathematical constructions or quantum phenomena. This talk explores and compares a range of these approaches against a quantum threat model —from mathematical problem-based techniques to quantum-based solutions—and introduces an alternative strategy: leveraging the properties of finite randomness. This unique, quantum-safe method reimagines the origin of secrecy by utilizing a straightforward resource as a foundation for mutual secrecy. In doing so, it offers a resilient and efficient path forward, effectively addressing the challenges posed by an impending quantum threat. By: Frey Wilson | Co-Founder and Chief Technology Officer, Cavero Quantum Full Abstract and Presentation Materials: https://ift.tt/3PdYavt

source https://www.youtube.com/watch?v=dxJfjcQPZo8

Monday, 12 May 2025

Over the Air: Compromise of Modern Volkswagen Group Vehicles

Modern cars offer an increasing number of connected features: in-vehicle Wi-Fi, Bluetooth, and USB to name a few. At the same time, the internal architecture of a modern car has closed nature. This situation, coupled with the fact that car security directly affects everyone's safety, makes cars extremely important targets for security research. The talk will disclose a chain of critical vulnerabilities in the Infotainment System used in many Volkswagen Group vehicles including Skoda Superb III 2022, which allowed would-be attackers to gain code execution on the MIB3 infotainment unit over Bluetooth, elevate privileges to root, bypass secure boot to gain persistent code execution, and control infotainment unit via DNS channel every time the car starts. Tracking vehicle location & speed in real-time? Piece of cake! Want to play spy and listen in through the car's mic? Bam, just like that! Stealing phone contact database and ruining the owner's privacy? Just ask. Since MIB3 infotainment unit is used in numerous Skoda & Volkswagen cars, the number of affected vehicles counts in millions. By: Danila Parnishchev | Head of Security Assessment, PCAutomotive Artem Ivachev | Senior Security Researcher, PCAutomotive Mikhail Evdokimov | Senior Security Researcher, PCAutomotive Aleksei Stennikov | Hardware Security Expert, PCAutomotive Polina Smirnova | Senior Security Researcher, PCAutomotive Radu Motspan | Senior Security Researcher, PCAutomotive Full Abstract and Presentation Materials: https://ift.tt/uClHI8X

source https://www.youtube.com/watch?v=gSudZtBIyX4

Friday, 9 May 2025

Main Stage: Understanding and Reducing Supply Chain and Software Vulnerability Risks

In complex software ecosystems, individual application risks are compounded. When it comes to mitigating supply chain risk, identifying backdoors or unintended vulnerabilities that can be exploited in your environment is just as critical as staying current with the latest hacking intel. Understand how to spot and reduce the risk to your environment and prevent disruption to your operation. By: Danny Jenkins | CEO & Co-Founder, ThreatLocker Full Abstract Available: https://ift.tt/Hbq9jM5

source https://www.youtube.com/watch?v=miDslKwJ1PM

Thursday, 8 May 2025

Locknote: Conclusions and Key Takeaways from Black Hat Europe 2024

Join Black Hat Founder Jeff Moss and Black Hat Europe Review Board members for an insightful conversation on the most pressing issues facing the InfoSec community. This Locknote will feature a candid discussion on the key takeaways coming out of the Black Hat EU conference and how these trends will impact future InfoSec strategies. By: Jeff Moss | Founder of Black Hat and DEF CON Conferences & Former Chief Security Officer and VP at ICANN, U.S. Department of Homeland Security Advisory Council Stefano Zanero | Professor, Dipartimento di Elettronica, Informazione e Bioingegneria, Politecnico di Milano James Forshaw | Security Researcher, Google Meadow Ellis | Lead Hardware Security Engineer Vandana Verma | Global Board of Directors, OWASP Foundation Full Abstract Available: https://ift.tt/gpxQFDG

source https://www.youtube.com/watch?v=uGjV3hkiCrw

LLMbotomy: Shutting the Trojan Backdoors

Large Language Models (LLMs) are rapidly expanding their functionalities—such as browser-based internet access, interfacing with code interpreters, and connecting to peripheral devices—positioning them as central processing hubs. This transformation heralds LLMs as the new abstraction layer for operating systems, necessitating robust security frameworks to ensure their integrity. As more vendors release foundational LLMs, the urgency for robust security measures grows. While existing research primarily focuses on external threats like prompt injection and other input-based attacks, our research addresses embedded threats such as Trojan backdoors—malicious modifications inserted during the training lifecycle and triggered by specific inputs to cause harmful behaviors. This orthogonal strategy complements existing security guardrails by adding an additional layer of defense, enhancing the overall protection framework. The rising concern over these embedded threats, deliberately introduced through malicious intent or inadvertently through data poisoning, underscores the necessity for our focused approach on these newly emerging attack surfaces. In this talk, we introduce a novel approach to mitigate LLM Trojans. We propose targeted noising of neurons, identifying critical ones through their activation patterns in LLMs. Our findings show that noising these important neurons can effectively neutralize most Trojans in a model. We demonstrate that newly inserted Trojans by us tend to share neurons with existing ones, allowing us to locate, then neutralize both new and pre-existing Trojans without prior knowledge of the Trojans' presence. This technique ensures that the model retains almost its full functionality and performance while effectively blocking Trojan activations. By: Tamás Vörös | Senior Data Scientist, Sophos Full Abstract and Presentation Materials: https://ift.tt/wIXqdgN

source https://www.youtube.com/watch?v=Zbo4I0IKhTs

Keynote: Frédérick Douzet

Frédérick Douzet is Professor of Geopolitics at the University of Paris 8, director of the French Institute of Geopolitics research team (IFG Lab) and director of the Center Geopolitics of the Datasphere (GEODE). She has been appointed senior member of the Institut Universitaire de France in 2022 and is the Principal Investigator of the ERC Advanced Grant project DATAROUTES. Frédérick Douzet has been a Commissioner of the Global Commission on the Stability of Cyberspace (2017-2020) and a member of the French Defense Ethics Committee (2020-2023). In 2017, she was part of the drafting committee for the French Strategic Review of Defense and National Security. From 2013 to 2018, she was the director of the Castex Chair of Cyberstrategy at the Institute of Higher National Defense Studies (IHEDN). In 2021, she was a member of the Bronner Commission on Disinformation appointed by President Emmanuel Macron. By: Frédérick Douzet | Director, Geopolitics of the Datasphere Full Abstract Available: https://ift.tt/hOn8jr1

source https://www.youtube.com/watch?v=CfY5oqa1jQ0