BTS #56 - Vulnerabilities & Backdoors In IT Infrastructure

Update: 2025-08-08

Description

In this episode, the hosts discuss various cybersecurity topics, focusing on Nvidia vulnerabilities, the implications of backdoors in technology, and the importance of secure boot and certificate management. They also delve into SonicWall's security challenges and the ongoing debate of building versus buying security solutions, particularly in the context of AI infrastructure and cloud services.

Articles and topics for this week:

https://blog.trailofbits.com/2025/08/04/uncovering-memory-corruption-in-nvidia-triton-as-a-new-hire/
https://mjg59.dreamwidth.org/72892.html - Secure Boot and certificates
https://www.tomshardware.com/pc-components/gpus/nvidia-defiant-over-backdoors-and-kill-switches-in-gpus-as-u-s-mulls-tracking-requirements-calls-them-permanent-flaws-that-are-a-gift-to-hackers -
https://www.bleepingcomputer.com/news/security/sonicwall-urges-admins-to-disable-sslvpn-amid-rising-attacks/ -
https://www.darkreading.com/endpoint-security/shade-bios-technique-beats-security -
1. Researcher's previous paper on SMM and malware: https://arxiv.org/abs/2405.04355
2. He presented at Blackhat last year on Option ROMS: https://www.blackhat.com/us-24/briefings/schedule/index.html#youve-already-been-hacked-what-if-there-is-a-backdoor-in-your-uefi-orom-39579 - YouTube video: https://www.youtube.com/watch?v=_S6EymfaBqQ

Comments

In Channel

F5 Breach, Linux Malware, and Hacking Banks - BTS #63

2025-10-3001:00:06

Unpacking the F5 Breach, Framework UEFI Shells - BTS #62

2025-10-2153:20

Red November, Cisco Vulnerabilities, and Supply Chain Security - BTS #61

2025-10-0801:02:17

HybridPetya and UEFI Threats - BTS #60

2025-09-2201:04:06

Exploit Marketplaces - BTS #59

2025-09-1059:09

UEFI Vulnerabilities and Hardware Risks - BTS #58

2025-09-0401:01:20

Interview with Brian Mullen from AMI - BTS #57

2025-08-1553:29

BTS #56 - Vulnerabilities & Backdoors In IT Infrastructure

2025-08-0801:06:11

Netgear, Gigabyte, and Rowhammer Vulnerabilities - BTS #55

2025-07-2446:52

CVE-2024-54085: The First of Its Kind - BTS #54

2025-07-0856:17

Exploring the Evolution of Zero Trust - BTS #53

2025-07-0751:14

Securing the Future of AI Infrastructure - BTS #52

2025-07-0101:00:44

When Windows 10 Expires - BTS #51

2025-05-3054:20

SBOMs, HBOMs, and Supply Chain Visibility - BTS #50

2025-05-1545:01

The Hidden Risks of Open Source Components - BTS #49

2025-05-0652:52

Hardware Hacking Tips & Tricks - BTS #48

2025-04-0754:24

BMC&C Part 3 - BTS #47

2025-03-1949:24

Black Basta - Threat Intelligence Insights - BTS #46

2025-03-0551:33

Understanding Firmware Vulnerabilities in Network Appliances - BTS #45

2025-02-0659:35

Network Appliances: A Growing Concern - BTS #44

2025-01-2747:24

00:00

BTS #56 - Vulnerabilities & Backdoors In IT Infrastructure

#box-pro-ellipsis-176304662239511{-webkit-line-clamp:2;}BTS #56 - Vulnerabilities & Backdoors In IT Infrastructure

BTS #56 - Vulnerabilities & Backdoors In IT Infrastructure

Paul Asadoorian

BTS #56 - Vulnerabilities & Backdoors In IT Infrastructure