Alex Matrosov
Alex Matrosov is CEO and Founder of Binarly Inc. where he builds an AI-powered platform to protect devices against emerging firmware threats. Alex has more than two decades of experience with reverse engineering, advanced malware analysis, firmware security, and exploitation techniques. He served as Chief Offensive Security Researcher at Nvidia and Intel Security Center of Excellence (SeCoE). Alex is the author of numerous research papers and the bestselling award-winning book Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats. He is a frequently invited speaker at security conferences, such as REcon, Black Hat, Offensivecon, WOOT, DEF CON, and many others. Additionally, he was awarded multiple times by Hex-Rays for his open-source contributions to the research community.
FirmwareBleed: The industry failures to adopt SMM mitigations introduced years ago
In the industry, speculative execution mitigations have been discussed for some time, but most people focus on the operating system level in order to adopt them in software stacks. What is happening at firmware level? When it comes to applying mitigations, how does the industry take advantage of them, and who controls their adoption in the firmware? Those are all good questions, but unfortunately no positive news can be shared. SMM attack vectors will be discussed in this talk from the perspective of attacking the operating system or hypervisor from the firmware. The nature of these attacks breaks the foundation of confidential computing and often creates problems for the entire industry. This talk will focus on practical examples of such attacks and how they are dangerous.