PSW #758 – Ang Cui

Full Audio

View Show Index

Segments

1. Device Paradox: Why Security & Criticality Don’t Overlap in Embedded Systems – Ang Cui – PSW #758

Announcements

Guest

Ang Cui
Founder and CEO at Red Balloon Security

Dr. Ang Cui founded Red Balloon Security in 2011, when he was a doctoral student and part of Columbia University’s Intrusion Detection Systems Lab. His doctoral dissertation, “Embedded System Security: A Software-based Approach,” focused exclusively on scientific inquiries concerning the exploitation and defense of embedded systems. Ang is the creator of Firmware Reverse Analysis Konsole (FRAK) — the forerunner of OFRAK — and Symbiote technology, a novel, host-based defense that operates on embedded devices on the binary level. The RBS team’s success in developing embedded security solutions that harden and provide continuous runtime protection and monitoring of device firmware led to a significant multi-year engagement with HP, which installed Symbiote defense on its enterprise printers in 2015

Ang and the RBS team have uncovered numerous, critical vulnerabilities within ubiquitous embedded devices such as Cisco routers, HP printers, and Cisco IP phones. He also has led research efforts that uncovered vulnerabilities in aerospace infrastructure, building automation systems, electrical grid devices, telecommunications equipment, and ATMs. Ang has participated in many government-led and funded engagements, particularly with DARPA, that bring end users, device vendors, and security experts together to find vulnerabilities and devise new security solutions to protect embedded devices in mission-critical environments. He was named a DARPA Riser in 2015, and is a distinguished presenter of the annual Pwnie Awards (which he sometimes makes himself).

Hosts

Professor at Roger Williams University
Executive Director at RM-ISAO
Brainstem Hacker and InfoSec Enthusiast at Redacted
Founder at Infosec Decoded, Inc.
Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

2. Pig Butchering, Dell Driver FTW, Deep Access, & PHP Supply Chain Attacks – PSW #758

Announcements

Hosts

Executive Director at RM-ISAO
Brainstem Hacker and InfoSec Enthusiast at Redacted
Founder at Infosec Decoded, Inc.
Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element