ThunderStrike 2: Sith Strike

Black Hat USA 2015

Presented by: Trammel Hudson, Corey Kallenberg, Xeno Kovah
Date: Thursday August 06, 2015
Time: 15:50 - 16:40
Location: Jasmine Ballroom

The number of vulnerabilities in firmware disclosed as affecting Wintel PC vendors has been rising over the past few years. Although several attacks have been presented against Mac firmware, unlike their PC counterparts, all of them required physical presence to perform. Interestingly, when contacted with the details of previously disclosed PC firmware attacks, Apple systematically declared themselves not vulnerable.

This talk will provide conclusive evidence that Mac's are in fact vulnerable to many of the software only firmware attacks that also affect PC systems. In addition, to emphasize the consequences of successful exploitation of these attack vectors, we will demonstrate the power of the dark side by showing what Mac firmware malware is capable of.

Trammel Hudson

I like to take things apart.

Xeno Kovah

Xeno Kovah's speciality area is stealth malware and its ability to hide from security software and force security software to lie. To combat such attacks he researches trusted computing systems that can provide much stronger security guarantees than normal COTS. He co-founded LegbaCore in 2014 to help improve security at the foundation of computing systems. He is also the founder and lead contributor to OpenSecurityTraining.info. He has posted 9 full days of class material material on x86 assembly, architecture, binary formats (PE and ELF), and Windows rootkits to OpenSecurityTraining.info.

Corey Kallenberg

Corey Kallenberg is a co-founder of LegbaCore, a consultancy focused onevaluating and improving host security at the lowest levels. Hisspecialty areas are trusted computing, vulnerability research and lowlevel development. In particular, Corey has spent several years usinghis vulnerability research expertise to evaluate limitations in currenttrusted computing implementations. In addition, he has used hisdevelopment experience to create and improve upon trusted computingapplications. Among these are a timing based attestation agent designedto improve firmware integrity reporting, and an open source TrustedPlatform Module driver for Windows. Corey is also an experiencedtrainer, having created and delivered several technical courses. He isan internationally recognized speaker who has presented at Black Hat USA,DEF CON, CanSecWest, Hack in the Box, NoSuchCon, SyScan, EkoParty and Ruxcon.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats