To use our site, you agree to the use of cookies and data processing according to our privacy statement.

Riscure Blog

On November 8, failOverflow reported finding the PS5 root keys for symmetric encryption. At first glance, this find may seem harmless as it will not directly provide code execution privileges. These keys only serve to keep the firmware confidential. In addition, since this report, the internet remained rather silent on the topic, so this may seem like an innocent isolated incident.

Learn more

Researchers from universities in Singapore, China, and Switzerland have discovered a novel way to compromise the security of SGX, the Trusted Execution Environment provided by Intel. The attack allows a privileged attacker to retrieve secrets processed in a secure enclave, by which the benefit of the enclave is lost.

Learn more

Recently, the new ISO/SAE 21434 security standard was published. The publication of the long-awaited standard marks a major milestone in automotive security.

Learn more

This month we celebrate 20 years of Riscure, and, as it happens, device security evaluation and certification emerged during that period. Whereas regulation is still limited to the most sensitive products, we also see a trend towards more semi-formal and voluntary certification for more products.

Learn more

Electronic devices have a limited lifetime. Not so much because the electronics wear out, but because the technology ages. A typical example is a smartphone. People replace them because they seek the newest features, like communication speed, screen size, biometrics, and energy capacity. Due to the fast technological advancements, smartphones have an average lifespan of only 2.5 years. However, this parameter varies per product. TVs have a life expectancy of 6 years, and cars even survive 12 years.

Learn more

Hardware Fault Injection is increasingly recognized as a dangerous alternative, or prelude, to pure software attacks. While FI attacks are often technically complex and require physical access to a device, they open up a world of attack opportunities leaving almost every line of code vulnerable.

Learn more

On the device side, we can distinguish the 5G communication stack and the non-communication part of the device (including the hardware, OS, and applications).

Learn more

Apple recently introduced the AirTag, a small 30$ device that helps you locate lost or stolen items.

Learn more

Software security is widely considered an increasing concern. Daily reports of data breaches and hacked products feed the perception that everything is broken.

Learn more