top of page
Imperium Securiy Logo

2 VOLLTAGE ONLINE-TRAINING

20-21 / 4/2020

Practical Embedded Security Hands On Course

Angriffs- und Verteidigungstechniken

Sichere Entwicklungsmaßnahmen

Praktische Erfahrung

CyberWeek2019_2_edited_edited.jpg

Meet Lior Yaari

Sicherheitsforscher und Berater mit Schwerpunkt auf der Sicherheit von Embedded Devices

Lior started his Security career at the military cyber corps, where he served as an officer for 6 years.

He specialized in automotive ECU hacking, working as a vulnerability researcher for Cymotive Technologies and VW Group.

​

Lior is an international speaker and trainer for embedded security and secure development. His training was selected for international conferences such as: Hack In The Box (Amsterdam, Singapore), DeepSec (Vienna), x33fcon (Gdynia) and DakotaCon (Madison SD).

You Will Learn How To

01

Understand Famous IoT Attacks and
Vulnerability Types 

02

Protect from Memory Corruption Vulnerabilities

03

Avoid Mistakes in Cryptographic Security Mechanisms

04

Prepare for 
Embedded Devices Attacks

Full Agenda

Day 1

Day 2

20/04 - 9:30 - 17:30 *(CET)

21/04 - 9:30 - 16:30 *(CET)

Introduction to Embedded Security:

  • Famous IoT attacks

  • Vulnerabilities types and classification

​​

Memory Corruption Vulnerabilities:

  • Complied programs memory layout

    • Stack​

    • Heap

    • Globals

  • Buffer Overflows + Lab

    • Stack Overflows​

    • Heap Overflows

  • Protection Mechanisms + Lab​

    • DEP

    • ASLR

    • Stack Canary

​​​

Advanced Vulnerabilities:​​

  • Format String Attacks + Lab

  • Integer Overflows + Lab

  • Command Injections + Lab

  • Daily Summary

Cryptographic Security Mechanisms and Their Risks:

  • Hashes + Lab

  • Encryption + Lab

  • Signatures

  • Certificates

  • Password Breaking Lab

​​

Embedded Devices Attacks:

  • TOCTOU Attacks + Lab

  • SPI Intrusion + Lab​​

  • Memory Swaps + Lab

  • Glitching 

​​

Final Exercise – Hacking a Secure Boot System​

  • Detecting & Fixing Buffer Overflows

  • Identifying Architecture Issues 

​

 

Embedded Security Specialist Certificate

will be given upon completion of lab exercises

What People Say

I know more than i thought i did! - interesting aspects for the physical and lower level weaknesses. Excellent workshop.
- David S.
Embedded Software Developer at a Medical Devices Company

DeepSec 2019

Featured on

HITB-Security-Conference-1-300x300_edite
1_vG5uPKC1QCb3gor8jf1ydA.png
D21KA1dWkAAQgMN_edited.jpg
154d-300x225.jpg

Schiffgraben 24, 30175

Hannover, Germany

Tel: +49 176 439 17074     |     info@zyberum.com

  • LinkedIn
  • White Facebook Icon
  • White Twitter Icon

Seats are limited!

​

Please sign up early to ensure your ticket. 

bottom of page