Black Hat USA 2025 | Shade BIOS: Unleashing the Full Stealth of UEFI Malware

UEFI security has been gaining significant attention, especially in the context of national security and cloud security, due to its high stealth capabilities and strong privileges. However, existing UEFI malware has only scratched the surface of what BIOS can do. They all eventually perform malbehaviors in userland or kernel and are dependent on OS-level security after all. There is some research on SMM backdoors that are purely BIOS implemented, but these implementations tend to be device dependent, resulting in low-versatility backdoors that only work on a specific PC. Moreover, with the current trends of SMM deprivileging, they won't be able to function anymore. We propose the concept "pure-BIOS malware", which operates completely independent from OS-level security and performs malbehaviors without device dependence at runtime. Then, we will introduce Shade BIOS, which made this possible. Shade BIOS operates like an attacker-exclusive OS by running BIOS environment, which would normally lose its functionality after OS boot, in the shadow of OS at runtime. In this talk, we dive into the technical details of Shade BIOS. Moreover, considering the latest trends in BIOS security, such as SMM deprivileging, we will take a broad perspective on BIOS and examine the optimal entity for pure-BIOS malware. As a starting point for detecting pure-BIOS malware, we will also demonstrate a practical method for detecting Shade BIOS. By: Kazuki Matsuo | Security Researcher, FFRI Security, Inc. Presentation Materials Available at: https://ift.tt/nQ9qDMb

source https://www.youtube.com/watch?v=t17YEHymwE4

Black Hat USA 2025 | Ransomware, Tracking, DoS, and Data Leaks on Xiaomi Electric Scooters

We present a broad security and privacy assessment of the internals of two popular Xiaomi e-scooters: the M365 (2016) and Mi3 (2023). The internals include a battery management system (BMS), an electric motor controller (DRV), and a Bluetooth Low Energy subsystem (BTS). We also analyze Mi Home, the official Xiaomi e-scooter companion app for Android and iOS. We uncovered four critical vulnerabilities through extensive static and dynamic reverse engineering, including a remote code execution flaw in the BMS. We exploit the vulnerabilities to conduct four novel attacks we call E-Trojans. The attacks can be executed remotely via a malicious mobile application installed on the victim's phone or in wireless proximity using a Bluetooth Low Energy (BLE) device. The attacks affect the e-scooter safety, security, availability, and privacy. For example, we present a new ransomware attack infecting the BMS and asking for a ransom while permanently damaging the e-scooter battery by silently undervolting its cells. We present the E-Trojans toolkit, an open-source and modular toolkit for reproducing our attacks and experimenting with Xiaomi e-scooters. The toolkit contains an automated patching module that creates modified BMS firmware with malicious capabilities, such as disabling firmware updates and overriding the battery safety thresholds. The toolkit also includes the Android app and Django/MongoDB backend required by our ransomware. Empirical tests confirm our attacks' effectiveness and practicality. For instance, our undervoltage ransomware can permanently reduce the autonomy of an M365 battery by 50% in three hours while asking for a ransom. We propose four countermeasures to enhance the security and privacy of the Xiaomi e-scooter ecosystem. By: Marco Casagrande | Security Researcher, KTH Daniele Antonioli | Professor, EURECOM Presentation Materials Available at: https://ift.tt/oFnvRdh

source https://www.youtube.com/watch?v=k-UsaSfndQQ

Black Hat USA 2025 | No Hoodies Here: Organized Crime in AdTech

For nearly a decade, traffic distribution systems (TDSs) have enabled cybercriminals to hide the true nature of their operations. A TDS serves not only to 'cloak' their activity but also to ensure that victims are 'delivered' to the malicious bait they are most likely to take. These systems are so complex that they are often disregarded with off-hand references to 'a bunch of redirects,' but TDSs are critical enablers to a wide range of crime, from scams to information stealers. In this talk, we will unveil the true identity and nature of one of the most pervasive TDS operators in the landscape, which serves as a cautionary tale of how organized crime actors have created an adtech sector unnoticed by the security community. VexTrio operates the oldest documented (dating back to 2015), most prolific criminal TDS. For years, it was assumed that VexTrio was a gang of 'hackers in hoodies' operating in the dark web as part of the underground economy. In reality, VexTrio operates in the corporate world and their activities go far beyond traffic distribution. They run a vast enterprise that includes dozens of companies across adjacent industries (not just adtech) on multiple continents. We'll share how we unraveled their operations and how they responded to coordinated exposure, cementing our confidence in the conclusions. Unmasking VexTrio has been a watershed moment in understanding the role of organized crime within the adtech industry. Numerous other syndicates were discovered as a result, as well as their affiliations with one another. With this new perspective, attendees working in threat intelligence will see TDS in a different light, allowing them to help advance the industry's knowledge and capabilities to fight against malicious adtech. While at the same time, attendees working in defender positions will understand events in their own network better. By: Renée Burton | VP of Threat Intel, Infoblox Dave Mitchell | Senior Director, Threat Intel, Infoblox Christopher Kim | Senior Staff Threat Researcher, Infoblox Full Session Details Available at: https://ift.tt/jlT5tbJ

source https://www.youtube.com/watch?v=o7jlWJ8_Xuc

Black Hat USA 2025 | Weaponization of Cellular Based IoT Technology

As IoT devices continue to integrate cellular technologies for communication, the potential risk for adversaries to weaponize the hardware's trust relationship and gain access to critical backend infrastructure grows exponentially. During this talk, we will present our research focused on how built-in cellular technology in IoT devices can be leveraged to gain access to and execute attacks against cloud services and backend private network environments. We will cover methods to modify IoT devices to take control over the installed cellular modules, allowing for injecting communications and establishing Man-in-the-Middle (MitM) traffic between the Micro Controller Units (MCU) and the cellular modules. We will demonstrate how control of onboard cellular communications could be used to launch attacks against the backend cloud infrastructure and network systems outside of the IoT device's intended purpose. During this presentation, we will demo and release proof-of-concept code to control the onboard cellular modules to accomplish these goals. We will also discuss techniques that manufacturers can leverage to reduce or mitigate the risk and impact of these attacks. By: Deral Heiland | Principal Security Research (IoT), Rapid7 Carlota Bindner | Lead Product Security Researcher, Thermo Fisher Scientific Presentation Materials Available at: https://ift.tt/lvK8S4p

source https://www.youtube.com/watch?v=eadubgujxGc

Black Hat USA 2025 | China's 5+ Year Campaign to Penetrate Perimeter Network Defenses

For more than five years, firewall vendors have been under a persistent, cyclical struggle against a well-resourced and relentless China-based adversary that has expended considerable resources developing custom exploits and bespoke malware expressly for the purpose of compromising enterprise firewalls in customer environments. In this first-of-its-kind presentation, I will walk attendees through the complete history of the campaign, detailing the full scope of attacks and the countermeasures one firewall vendor developed to derail the threat actors. The presentation will provide rich detail into the exploit development targeting specific firewalls, how the exploits were deployed and leveraged to compromise customers, and characteristics of the malware deployed inside the firewall's operating system as a result of these attacks. Fundamental to this presentation is the fact that the adversary behind this campaign has not targeted only one firewall vendor: Most of the large network security providers in the industry have been targeted multiple times, using many of the same tactics and tools. So this serves not merely as a warning to the entire security industry, but as an urgent call to the companies that make up this industry to collectively combat this ongoing problem. Because at the end of the day, we all face the same threat, and we cannot hope to withstand the tempo and volume of these attacks alone. We must work together. By: Andrew Brandt | Hacker Presentation Materials Available at: https://ift.tt/5oFN68L

source https://www.youtube.com/watch?v=z4COrX9YHcU

Black Hat USA 2025 | Clue-Driven Reverse Engineering by LLM in Real-World Malware Analysis

IDA Pro feat. MCP (Model Context Protocol) is truly amazing! Through interactive chat windows, LLM can automatically complete reverse engineering tasks and even assist in generating malware analysis reports. At first glance, this technology seems to offer malware analysts the ability to "clock out early." But is this truly the case? Not quite! Malware analysis is not a CTF competition, the adversaries certainly won't reveal the correct answer. In the absence of ground truth, analysts must meticulously trace every step performed by the LLM, deeply understanding why the LLM reached a particular conclusion. Moreover, LLMs' generative nature tends to prioritize producing outputs whenever possible, even when lacking sufficient information, resulting in reasonable yet incorrect answers. In complex programs with highly interdependent functions, incorrect answers can snowball into catastrophic mistakes, ultimately leading to entirely inaccurate reverse engineering results. Therefore, blindly relying on LLM output is unreliable. Analysts often need to spend even more time verifying and correcting these outputs to ensure accuracy and reliability. To address these challenges in LLMs in automated malware analysis, we propose a clue-driven reverse engineering framework. By generating high-quality clues, such as API information and magic constants, in decompiled code. Then, devising analysis strategies based on these clues, our framework effectively reduces the errors generated by LLMs in uncertain situations and significantly improves the accuracy and stability of the results. Additionally, we designed validation mechanisms by integrating entropy-based evaluation methods with attention tracking technology to ensure that LLM outputs are based on reliable clues, preventing the further propagation of errors. This study demonstrates the potential of combining clue generation, clue-driven analysis strategies, and stabilization mechanisms to deliver novel, efficient technical solutions for malware analysis. By: Tien-Chih Lin | Research Team Lead, CyCraft Technology Wei Chieh Chao | Senior Cybersecurity Researcher, CyCraft Technology Zhao-Min Chen | Cybersecurity Researcher, CyCraft Technology Presentation Materials Available at: https://ift.tt/Lm5WafA

source https://www.youtube.com/watch?v=Ofo2RRaqVwU

Black Hat USA 2025 | Hack to the Future: Owning AI-Powered Tools with Old School Vulns

Harder, Better, Faster, Stronger isn't just the title of a Daft Punk song; it's also what developers hope to get out of the current wave of generative AI. As developers work to shove AI into everything and optimize every aspect of their workflow, the hard-won security lessons of the past are discarded in favor of shiny new objects, with devastating consequences. AI-powered developer tools and agents are meant to add efficiency and speed, but can also add attack surface and amplify vulnerabilities, creating issues where there weren't any previously. These tools often erode security boundaries, contain excess functionality, or are deployed with elevated permissions, a seemingly happy trade for developers looking to optimize. However, this trade creates real-world consequences for organizations and development teams who may have no idea how vulnerable the tools they use are or how exposed they may be. In this presentation, we demonstrate the impact of the regression away from common security practices with vulnerabilities we identified in developer productivity tools used by millions of developers across the globe. We spotlight specific trends and themes from the current wave of generative AI-based development and cover these attack categories, allowing others to quickly focus on addressing what matters most. We also cover generative AI-based quirks in operations and architecture that will continue to lead to security issues in the future. If you missed what it was like to hack in the early days when everything was insecure, now's your chance to go back in time! By: Nathan Hamiel | Senior Director of Research, Kudelski Security Nils Amiet | Lead Prototyping Engineer, Kudelski Security Full Presentation Materials Available at: https://ift.tt/Hy4cTJA

source https://www.youtube.com/watch?v=oaU6a8nuyT8

Black Hat USA 2025 | How to Secure Unique Ecosystem Shipping 1 Billion+ Cores?

Security research has historically been focused on securing well-known, widely replicated ecosystems—where problems and solutions are shared across the industry. But what happens when you build something no one else has? How do you secure an architecture that's both proprietary and deployed at billion-core scale? In 2016, NVIDIA began transitioning its internal Falcon microprocessor—used as a logic controller in nearly all GPU products—to a RISC-V-based architecture. Today, each chipset includes 10 to 40 RISC-V cores, and in 2024, NVIDIA surpassed 1 billion RISC-V cores shipped. This success came with unique security challenges—ones that existing models couldn't solve. To address them, we developed a custom software and hardware security architecture from scratch. This includes a purpose-built Separation Kernel software, novel RISC-V ISA extensions like Pointer Masking and IOPMP (later ratified), and unique secure boot and attestation mechanisms. But how do you future-proof a proprietary ecosystem against tomorrow's threats? In this talk, we'll share what we learned—and what's next. From hardware-assisted memory safety (HWASAN, MTE) to control-flow integrity (CFI) and CHERI-like models, we'll explore how NVIDIA is preparing not only its RISC-V ecosystem for the evolving threat landscape. If you care about real-world security at an unprecedented scale, this is a journey you won't want to miss. By: Adam Zabrocki | Director of Offensive Security, NVIDIA Marko Mitic | System Software Manager, NVIDIA Presentation Materials Available at: https://ift.tt/uCXUP7Z

source https://www.youtube.com/watch?v=JmAXnQJZbWg

Black Hat USA 2025 | Vulnerability Haruspicy: Picking Out Risk Signals from Scoring System Entrails

Vulnerability scoring is supposed to bring order to the chaos of risk management, but in practice, it can feel more like reading tarot cards or poking at entrails than applying science. CVSS performs monkey math to force fractal bell curves, EPSS tries to predict exploitation with statistical black magicks, and SSVC ditches math entirely in favor of structured gut feelings. Meanwhile, defenders mix and match shortcuts — KEV lists, vendor advisories, and lived experience — to separate the truly urgent from the merely annoying. But are we actually making better risk decisions, or just using these frameworks to justify what we were going to do anyway? This talk will dig into the strengths, weaknesses, and absurdities of CVSS, EPSS, and SSVC, comparing them to the reality of how security teams actually handle vulnerabilities. This talk will explore where these models help, where they mislead, and whether any of them are meaningfully better than rolling a D20 saving throw vs exploitation. Expect debate, disagreements, and plenty of astrology jokes. By: Tod Beardsley | VP of Security Research, runZero Presentation Materials Available at: https://ift.tt/bnu5d0o

source https://www.youtube.com/watch?v=CW0Awo7pN5M

Black Hat USA 2025 | How Tree-of-AST Redefines the Boundaries of Dataflow Analysis

In recent years, vulnerability discovery has largely relied on static analysis tools with predefined pattern matching and taint analysis. These traditional methods are not as efficient for complex codebases that span multiple files and utilize atypical input processing techniques. While successful for common vulnerability patterns, they frequently miss sophisticated attack vectors that operate across multiple functions, and sometimes multiple files. In this talk, we will be covering Tree-of-AST, a new framework that combines large language models with abstract syntax tree analysis to address the limitations above. This approach leverages a unique Locate-Trace-Vote (LTV) methodology that enables autonomous tracking of data flows within large-scale projects, even in the absence of predefined source patterns. We will be sharing conclusive benchmark analysis showing that the Tree-of-AST method outperforms established tools by discovering previously undetected vulnerabilities. The study was done on widely-used open-source projects. Further, we demonstrate that our system autonomously generates working exploits with a success rate above the industry average for similar tools. We would wrap up the talk by examining practical defensive strategies developers could implement to protect their codebases from similar emerging techniques, and discuss how automatic exploitation capabilities reshape the modern digital security landscape. By: Sasha Zyuzin | Student, Bachelor's Degree, University of Maryland Ruikai Peng | Founder, Pwno Presentation Materials Available at: https://ift.tt/MBxqKGU

source https://www.youtube.com/watch?v=VNBEoLE_bGA

Black Hat USA 2025 | Digital Dominoes: Scanning the Internet to Expose Systemic Cyber Risk

Policymakers and risk owners face significant challenges in managing systemic cyber risk, largely because few tools use empirical data to accurately identify and quantify it. But that data is essential to (1) identify vendors and technologies that require targeted measures, (2) track how systemic cyber threats evolve compared to non-cyber risk, and (3) assess the effectiveness of targeted interventions. Traditional approaches rely on backward-looking models or hypothetical scenarios—methods that can't keep pace with today's fast-moving, complex digital infrastructure. What's needed are real-time, data-driven insights that empower decision-makers to take meaningful action. We address this gap by leveraging internet-scale scanning to build a dynamic, empirical map of concentration risk—showing how systemic vulnerabilities spread across networks, technologies, and vendors. In a first-of-its-kind live demonstration, we will unveil a new risk visualization platform that highlights how risk concentrates within and across sectors, including those supporting critical national functions. Our findings challenge conventional wisdom. Many assumed sources of systemic risk have limited real-world impact, while some overlooked technologies (e.g., large industry-specific white label SaaS vendors) carry significant potential for cascading failures across society. Drawing from real-world examples in sectors such as financial services and manufacturing, we demonstrate how this platform—and the dynamic models behind it—can support more informed, data-driven policy interventions. Participants will leave with a clearer understanding of the systemic risk landscape, as well as actionable insights for developing smarter, more resilient national cyber strategies. Participants will be able to: - Define the Unseen: Understand systemic cyber risk in the real world—down to specific technologies, vendors, and interdependencies in the digital supply chain. - Track, Quantify, Predict: Monitor how cyber threats evolve, compare risk levels across sectors, and assess impact alongside traditional risk categories. - Test What Works: Evaluate potential policy interventions using dynamic, empirical models grounded in real infrastructure data—not theoretical scenarios. By: Morgan Hervé-Mignucci | Head of ERM Analytics, Coalition, Inc. Presentation Materials Available at: https://ift.tt/Rc1SdmN

source https://www.youtube.com/watch?v=sPyhJykSLUw