Senior Consultant Matthew Lewis will be delivering his presentation "The importance of being biometrically earnest" at Biometrics 2008.

The presentation aims to highlight the importance of applying security controls and procedures to biometric devices and systems. The possibilities for misusing and abusing biometric-related data will be demonstrated through results from research conducted at IRM involving the interception and manipulation of biometric data.

This presentation will also cover mitigation strategies for the risks associated with exposed biometric data, including both technical and procedural remedial action that can go a long way in deriving a secure biometric solution.

Senior Consultants Gyan Chawdhary and Varun Uppal will be presenting their research on Cisco IOS Shellcode in Black Hat Las Vegas, August 6 2008.

The presentation covers significant advances in IOS shell code development and looks at its subsequent impact on modern day routing infrastructure. IOS specific payloads including bind shell, reverse shell, 2 byte shell codes and bypassing the check heaps process in IOS 12.4 are covered from both a practical and theoretical standpoint as well as a detailed overview of IRM's techniques used to develop these payloads.

Furthermore, building a complete IOS debugging environment and identifying new attack vectors is also covered in the presentation, allowing researchers to establish a fully working environment to develop IOS specific code, execution payloads, memory resident backdoors and to conduct vulnerability research on Cisco embedded devices.

Senior Consultant Matthew Lewis presented his research on biometric systems, specifically his work on a 'Biologger' or biometric keylogger that could be used to attack a biometric system by capturing and replaying biometric and control data of a networked biometric solution.