Ekoparty Security Conference
Well… everybody knows Ekoparty. One of the most important Security Conferences at south america. And a very important event in the local scene.
Of course, Alfred and I will be talking there. This’ll be a great opportunity for us to show all the PoC that we left out (coz of the Turbo Talk) in the past Black Hat – Las Vegas.
So, i hope you be there.
If you wanna share a beer (or two) and chat a bit. Please drop me a msg.
BlackHat 2009 - Vegas
Has been a long time since my last post here… Alfred and I were working very hard for our last research/talk (the continuation of ‘Persistant BIOS Infection’) “Deactivate the rootkit” where we found that Computrace (an Anti-Theft Technology system) comes by default on most of the laptops BIOSes and it can be controlled by an attacker compromising the whole system’s security mechanisms.
Im not going to explain all the research here… a lot has been said about this. We just did a turbo-talk at black hat ( a very long one, im really happy about that) and we didnt have the time to show all the proofs we gathered but we did it through Core. Here is all the stuff. Draw Your Own Conclusions
Slides: Black Hat – Las Vegas 2009
White Paper : Black Hat – Las Vegas 2009
Continue reading ‘Deactivate the rootkit – Black Hat Vegas 2009′
SyScan
Alfred and I we’ll be giving our talk “Persistent BIOS Infection” at SyScan ‘09, Singapore. This time with some added content and of course, with our multiple cOOl demos, including the one with the dismembered real box (i hope not to have problems when traveling with the hardware).
If someone wants to meet and go out for a beer or something i’ll be glad. Just drop me some line here or at als.alsx@gmail.com
c ya there!
We finally did it. Our paper is out, and the phrack #66 is the best place i can imagine to release it. We had to run a lot this last days for getting the paper ready on time. I would like to thank the whole Phrack team for putting together the outstanding issue that you can read right here.
Continue reading ‘Our paper ‘Persistent BIOS Infection’ has been released… on Phrack!’
Poor little CUPS… I feel bad for him.
I swear, i wasn’t looking for bugs in it (not for *new* bugs at least 
). It just crashed in my face…
At the beginning i didn’t give so much importance to it but CUPS is shipped as the default printing service for OS X and almost all Linux distributions. Besides, it’s a pre-auth vulnerability so… i think it was worth to release an advisory for it – with the appropiated PoC and technical info, as usual -
So, here you have it. have phun. :p
Continue reading ‘Apple CUPS IPP_TAG_UNSUPPORTED Handling null pointer Vulnerability’
HotFuzz
Mario Vilas, a very good friend of mine (and coworker) has released a very cool python module that allows developers to quickly code instrumentation scripts in Python under a Windows environment.
I’ve been folowing this project very close, testing some pre-releases, and i must say that i cant wait to fuzz some stuff with this final version.
Ok, so, CanSecWest has finished. And i must say, It was an excellent conference.
We ‘ve talked on the second day and, although it was very early, there was a lot of -amazingly not drunk- people there.
Continue reading ‘CanSecWest was great!. Here, the presentation slides.’
After some time without news -as is usual around here- im back again, ready to say that i was confirmed as speaker at the CanSecWest conference that will be held March 16-20, at Vancouver, BC.
We will give a talk about a project what we’ve been working on with Alfredo Ortega (you know, the OpenBSD guy 
) about a new generic binary method to get malicious code injected and executed into the computer BIOS. Yeah, that cute little chip…
I will post more details about the conference in some time. In the meanwhile, you can get more info at the CanSecWest website.
For those who are planning to attend the conference, we (Alfred & I) will be arriving 16/3, and of course, we are up for some beers.
Hey all. I’ve written an article called “The METHOD_NEITHER Odyssey” for the latest issue of the (IN)SECURE Magazine and you can download it here.
(IN)SECURE Magazine Nr. 18
I’ve released a new advisory this past days addressing a new vulnerability i’ve found in the Windows Driver of VSun xVM VirtualBox. This is another example of the problems that must be faced when the METHOD_NEITHER method is used.
The vulnerability is deeply explained in the advisory. So, lets see it:
Continue reading ‘Sun xVM VirtualBox Privilege Escalation Vulnerability’
