Reverse Engineering BMCs and Other Firmware – Vladyslav Babkin – BTS #15
Vlad is part of the Eclypsium research team and has discovered several flaws in BMC ecosystems. He comes on the show to talk about his journey and cover the details behind BMC vulnerabilities and attacks.
Segment Resources: https://forum.defcon.org/node/245714 https://eclypsium.com/research/bmcc-lights-out-forever/ https://eclypsium.com/blog/supply-chain-vulnerabilities-put-server-ecosystem-at-risk/
Announcements
Below the surface listeners can learn more about Eclypsium by visiting eclypsium.com/go - there you will find the “Ultimate guide to supply chain security”, an on-demand webinar I presented called “Unraveling Digital Supply Chain Threats and Risk”, a paper on the relationship between ransomware and the supply chain, and a customer case study with Digital Ocean. If you are interested in seeing our product in action you can also sign up for a demo, you can get all that at eclypsium.com/go!
Guest
Vlad is currently a Security Researcher at Eclypsium with over 10 years of experience in networking, security, firmware research and software engineering. He is a long-time member of dcua CTF team and is passionate about breaking software and firmware to make the world a safer place.