Luigi Fragale Relatore

I am 27 years old; I was born in Calabria, and I have been involved in software, computers, and electronic stuff since I was 15 years old. I love playing basketball and tennis, but I’m also into beer and music. I got a master’s degree in computer engineering from the University of Calabria in 2019. I have two years of work experience in the cyber security field, as I work as a Cyber Security consultant for Communication Valley Reply in the Red Team. My current daily activities are Web Application Penetration Testing, Network Infrastructure Penetration Testing and IoT device Penetration Testing. I really like to understand how things work at a low level, especially IOT device and software.
  • Bitlocker and Trusted Platform Module Hardware security is going more and more deeper. Hardware as root of trust is the heart of every secure operation. There are several devices and integrated components, made for security reasons, and among these we find the Trusted Platform Module. Unfortunately, using secure hardware by itself is not enough. The manufacturers must use these components appropriately by designing security measurements into each step of the firmware execution. In this presentation we would like to highlight the security weaknesses of the Bitlocker and Trusted Platform Module, focusing on how they can be exploited to gain access to personal data and the operating system. These weaknesses could on the one hand lead a malicious user to access sensitive information and on other could help the Red Teaming assessment or Digital Forensics analysis. Finally will be present a tool made by our team to exploit these security flaws. - 11:30/12:15, 06 Nov 2021