Firmware Vulnerabilities in Critical Infrastructure - Tools and Techniques for Security Analysis

Explore the hidden vulnerabilities in critical infrastructure firmware through this comprehensive conference talk. Dive into the world of open-source tools and techniques used for deep security analysis of device firmware. Learn how to uncover vulnerabilities in connected enterprise systems, transit system hardware, network infrastructure, and physical security controls. Discover practical examples of leveraging open-source tools and AI systems like ChatGPT to simplify research and reverse engineering processes. Gain insights into identifying supply chain risks and understanding how vendors silently patch vulnerabilities. Compare the effectiveness of free or low-cost solutions to expensive commercial alternatives. Examine real-world examples of vulnerabilities, misconfigurations, and poor security controls across various enterprise systems. Leave with a deeper understanding of hidden risks in your environment, the importance of identifying them, and the tools, techniques, and procedures necessary for effective firmware security analysis.

12 - BruCON 0x0F - Firmware vulnerabilities in critical infrastructure - Nate Warfield