Next week is Hardwear.io – a world-renowned hardware security conference and training platform will be taking place September 27 through September 30 2020. Given the threats against hardware, particularly IoT devices, this conference is designed to help InfoSec pros and ethical hackers to learn the latest in protecting hardware and firmware against a barrage of attacks and vulnerabilities. After all, 98% of all IoT device traffic is unencrypted, exposing personal and confidential data and 57% of IoT devices are vulnerable to medium- or high-severity attacks, making IoT the low-hanging fruit for attackers.
- The discussions focus on all aspects of hardware and firmware including the IoT product eco-system comprising of hardware device(s), firmware, network, communication protocols, web, mobile, cloud applications and more.
- For instance, IoT vendors will learn how that no matter how secure their web/mobile application is from a software POV, any hardware/embedded security issue can compromise the entire product ecosystem.
This normally takes place in the Hague but this year the conference is digital.
What participants can gain from attending these talks:
- Participants will learn how to protect their products from being manipulated/ hacked from an external source and learn all the countermeasures that they can implement to make their product more secure.
- Become aware of the new tools/research to offer new ideas to help them with their own research
Selected speaker highlights:
- John McMasters: Taming Hydrofluoric Acid to Extract Firmware.
- John is a hardware reverse engineer with a decade of embedded security expertise.
- Daniel Moghimi: JackHammer: Rowhammer and Cache Attacks on Heterogeneous FPGA-CPU Platforms
- Daniel’s research interests are in the area of computer security with special focus on side channels and microarchitectural attacks.
Training sessions include the following:
– Advanced Microcontrollers Firmware Exploitation
– BootPwn: Breaking Secure Boot by Experience
– Connected Car Hacking
– RF Hacking with Software-Defined Radio
– Machine Learning and SCA: Advanced Tutorial
– Embedded Physical Attacks 101
– TEEPwn: Breaking TEEs by Experience
– Hunting UEFI Firmware Implants