Loading…

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Track2 [clear filter]
Wednesday, April 28
 

3:00pm EDT

Educated Guesses with Symbolic Execution: Using Constraint Solvers for Speculative Execution in Modern Firmware
Symbolic Execution is a useful way to perform static and dynamic analysis but is underutilized by security professionals. I hope to expose more people to this awesome tool and demonstrate its utility in finding bugs and "rehosting" firmware.
Speakers
avatar for Chris Craig

Chris Craig

Cyber Security Software Engineer, ORNL
Christopher Craig is a Cyber Security Software Engineer in the Vulnerability Research Group at Oak Ridge National Laboratory. He received a B.S. and M.S. in Computer Science from the University of Tennessee in 2011 and 2018 respectively and has 9 years of experience in the field of... Read More →

SymbolicExecution pdf
Wednesday April 28, 2021 3:00pm - 3:55pm EDT
Virtual
  Track2, Intermediate

4:00pm EDT

Hacking K-12 School Software in a Time of Remote Learning
This talk will take an in-depth look at the zero-day vulnerabilities discovered in a K-12 classroom management solution used in over 9,000 school districts. The focus will be on how four vulnerabilities combined lead to a wormable unauthenticated remote code execution resulting in System privileges.
Speakers
avatar for Sam Quinn

Sam Quinn

Security Researcher, McAfee
Sam Quinn is a Security Researcher on McAfee's Advanced Threat Research team, focused on finding new vulnerabilities in both software and hardware. Sam has a focus on IOT and embedded devices with knowledge in the fields of reverse engineering and penetration testing.

Hacking k 12 school software Sam Quinn pdf
Wednesday April 28, 2021 4:00pm - 4:55pm EDT
Virtual
  Track2, Intermediate
 

Twitter Feed