BEGIN:VCALENDAR VERSION:2.0 PRODID:Data::ICal 0.24 BEGIN:VEVENT DESCRIPTION: 'Title: Power Corrupts\; Corrupt It Back! Hacking Power Mana gement in\n Data Centers\n When: Saturday\, Aug 12\, 14:00 - 14:45 PDT \n Where: Caesars Forum - Academy - 407-410 - Track 4 - [1]Map\n Speak ers:Jesse Chick\,Sam Quinn\n\n SpeakerBio:Jesse Chick \, Security Resear cher at Trellix Advanced\n Research Center\n Jesse Chick is a Security Researcher with the Advanced Research\n Center's vulnerability team. Je sse focusses on vulnerability discovery\n and exploit development for al l things connected to the internet and\n is credited with numerous CVEs affecting popular embedded devices. He\n is passionate about reverse eng ineering\, full system emulation\, and\n educating others in offensive s ecurity techniques.\n Twitter: [2]@ravenousbytes\n\n SpeakerBio:Sam Qu inn \, Sr. Security Researcher at Trellix Advanced\n Research Center\n Sam Quinn is a Senior Security Researcher on the Advanced Research\n Ce nter Vulnerability team\, focused on finding new vulnerabilities in\n bo th software and hardware. Sam has a focus on embedded devices with\n kno wledge in the fields of reverse engineering and exploitation. He\n has h ad numerous vulnerability findings\, published CVEs in IOT and\n enterpr ise software\, and has spoken at multiple industry conferences\n such as Def Con\, BlackHat\, North Sec\, and Hardwear.io.\n Twitter: [3]@eAyeP\ n\n Description:\n Our current administration lists "Defend Critical I nfrastructure" as\n the #1 item in the 2023 National Cybersecurity Strat egy. At the\n intersection of governmental and corporate concerns is dat a center\n security\, a trend that is bound to continue as more and more \n operations move to the cloud. This talk details our findings in the\n domain of power management\, the first category in a broader effort to\ n investigate the security of critical data center components. We will\n reveal nine vulnerabilities in two integral data center appliances: a\n Power Distribution Unit (PDU) and a Data Center Infrastructure\n Mana gement (DCIM) system. Continuing\, we will delve into the technical\n de tails of the most impactful vulnerabilities and highlight the\n potentia l impact on their respective operations. The talk will\n challenge the m isconception that data centers are inherently more\n secure than on-prem by exposing how attackers could leverage these\n vulnerabilities. This presentation will be valuable to data center\n professionals\, security researchers\, and anyone interested in\n understanding the characteristi c vulnerabilities associated with\n modern data centers.\n\n REFERENCE S:\n Contributing Researcher - Philippe Laulheret Claroty Research - [4] https://claroty.com/team82/research/jumping-nat-to-shut-down-electric-devi ces\n National Cybersecurity Strategy - [5]https://www.whitehouse.gov/br iefing-room/statements-releases/2023/03/02/fact-sheet-biden-harris-adminis tration-announces-national-cybersecurity-strategy/\n\n '\n\n 1. #Caesa rsAcademyBR\n 2. https://twitter.com/ravenousbytes\n 3. https://twitte r.com/eAyeP\n 4. https://claroty.com/team82/research/jumping-nat-to-shut -down-electric-devices\n 5. https://www.whitehouse.gov/briefing-room/sta tements-releases/2023/03/02/fact-sheet-biden-harris-administration-announc es-national-cybersecurity-strategy/\n\n\n DTEND:20230812T214500Z DTSTART:20230812T210000Z LOCATION:DC - Caesars Forum - Academy - 407-410 - Track 4 SUMMARY:Power Corrupts\; Corrupt It Back! Hacking Power Management in Data Centers END:VEVENT END:VCALENDAR