Black Hat USA offers help to stay on top of the latest threats against hardware, firmware, and embedded devices.
Physical security is an oft-overlooked pillar of good cybersecurity, which means serious professionals need to stay on top of the latest threats against hardware, firmware, and embedded devices.
That's why the physical security of devices both mundane and exotic has long been a core focus of Black Hat events, and that remains true for next month's virtual Black Hat USA.
This globally accessible online event will offer a bumper crop of relevant learning opportunities as part of the Hardware/Embedded track of Briefings available to Black Hat USA attendees. Security Research on Mercedes-Benz: From Hardware to Car Control, for example, will teach you the fundamentals of how to perform security research on modern connected cars.
You'll learn how to build a low-cost testbench with relevant intelligent components and how to design an attack chain from the outside to the inside of the vehicle based on this testbench, with a demonstration of how to perform the attack chain in a genuine car. Expect lots of practical examples from the researchers' work exploiting vulnerabilities in a Mercedes-Benz E-Class to do things like remotely unlock the doors or start the engine.
For more in-depth learning, consider a Black Hat USA Hardware Training like Physical Penetration & Electronic Access Control Hacking. This 4-Day Training will equip you with a full awareness of how to best protect buildings and grounds from unauthorized access, as well as how to compromise most existing physical security in order to gain access yourself
Both mechanical lock systems as well as electronic access controls will be covered in depth, and students will be provided all the tools as well as the knowledge needed to bypass them! This training is ideal for any individual tasked with making physical security decisions for existing or new facilities, but all are welcome to come and learn.
If you need new tools, check out the Hardware/Embedded section of the Arsenal and attend a live demo of some new tech. AutoGadgetFS: USB testing made easy is an open-source framework (written in Python3) that allows users to assess USB devices and their associated hosts/drivers/software without an in-depth knowledge of the USB protocol. AutoGadgetFS allows you to clone and emulate devices quickly, or create your own fuzzers on top of it, and you'l' have a chance to learn more at Black Hat USA next month!
Register now for this year's fully virtual Black Hat USA, still scheduled to take place August 1st through 6th, and get more information about the event on the Black Hat website.