PSW #758 – Ang Cui
Full Audio
View Show IndexSegments
1. Device Paradox: Why Security & Criticality Don’t Overlap in Embedded Systems – Ang Cui – PSW #758
Red Balloon Security CEO Ang Cui has spent over a decade looking into the most critical devices supporting our infrastructure. He explains why the insight that launched his company still holds true, and what it will take for security experts, manufacturers and end users to resolve our insecure stasis.
Segment Resources:
https://redballoonsecurity.com/
https://github.com/redballoonsecurity/ofrak
https://redballoonsecurity.com/def-con-30-badge-fun-with-ofrak/
https://www.wired.com/story/ofrak-iot-reverse-engineering-tool/
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Guest
Dr. Ang Cui founded Red Balloon Security in 2011, when he was a doctoral student and part of Columbia University’s Intrusion Detection Systems Lab. His doctoral dissertation, “Embedded System Security: A Software-based Approach,” focused exclusively on scientific inquiries concerning the exploitation and defense of embedded systems. Ang is the creator of Firmware Reverse Analysis Konsole (FRAK) — the forerunner of OFRAK — and Symbiote technology, a novel, host-based defense that operates on embedded devices on the binary level. The RBS team’s success in developing embedded security solutions that harden and provide continuous runtime protection and monitoring of device firmware led to a significant multi-year engagement with HP, which installed Symbiote defense on its enterprise printers in 2015
Ang and the RBS team have uncovered numerous, critical vulnerabilities within ubiquitous embedded devices such as Cisco routers, HP printers, and Cisco IP phones. He also has led research efforts that uncovered vulnerabilities in aerospace infrastructure, building automation systems, electrical grid devices, telecommunications equipment, and ATMs. Ang has participated in many government-led and funded engagements, particularly with DARPA, that bring end users, device vendors, and security experts together to find vulnerabilities and devise new security solutions to protect embedded devices in mission-critical environments. He was named a DARPA Riser in 2015, and is a distinguished presenter of the annual Pwnie Awards (which he sometimes makes himself).
Hosts
2. Pig Butchering, Dell Driver FTW, Deep Access, & PHP Supply Chain Attacks – PSW #758
In the Security News: deep access, dell drivers for the win, detecting deep fakes with acoustic tracking, exchanging 0days, I got 99 embedded firmware security problems, executing in SMM, secure boot to the rescue, automation or a crappy pen test, PHP supply chain attacks, pig butchering, fake profiles, & bribing journalists!
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!
Hosts
- 1. Tech Journalists Offered Bribes to Write Articles for Major OutletsFrom Dan Goodin at Ars Technica Bribes are $2k - $5k, delivered secretly The marketer claims to have 10-40 writers taking bribes now, publishing on Techcrunch, Forbes and others
- 2. Uncle Sam orders federal agencies to step up scans for govt IT security holesCISA has ordered federal civilian agencies to scan for and report software vulnerabilities in their IT systems more frequently. They must scan their entire IPv4 space for vulnerabilities every 14 days and update vulnerability detection signatures within 24 hours of availability. This must be working by April 3, 2023.
- 3. Never-before-seen malware has infected hundreds of Linux and Windows devicesSmall office routers? FreeBSD machines? Enterprise servers? Chaos infects them all.