Blog

Automotive Security Checklist

Automotive Security Checklist

We curated a list of the most essential security considerations that we recommend when beginning to incorporate security into your automotive components. 
Securing Embedded Devices: 9 Considerations for Success

Securing Embedded Devices: 9 Considerations for Success

We curated a list of the most essential security considerations that we recommend when beginning to incorporate security into your embedded devices. 
Exploring genomic sequence alignment for improving side-channel analysis

Exploring genomic sequence alignment for improving side-channel analysis

Abstract: Side-channel analysis (SCA) extracts sensitive information from a device by analyzing information that is leaked through side channels. These measurements are correlated with specific ...
Forgotten Essence Of The Backend Penetration Testing

Forgotten Essence Of The Backend Penetration Testing

At Riscure we have observed many severe security issues exploited by hackers even in previously certified solutions. In recent years, certification, which aims to minimize security risks, has ...
Whip the Whisperer: Blackhat 2022

Whip the Whisperer: Blackhat 2022

Cryptographic side channels are well-known and understood in the industry. There are also many countermeasures against side channels to reduce the leakage risk. However, many implementations in ...
Five things you should know to avoid the most common security errors

Five things you should know to avoid the most common security errors

For more than 20 years Riscure has been helping chip and device vendors to improve the security of their products. We have observed the ever-changing security landscape, adjusted to the evolving ...
3 Reasons Why Your Payment App Needs To Get EMVCo Certified

3 Reasons Why Your Payment App Needs To Get EMVCo Certified

Riscure worked together with Promon to define why mobile app providers should consider getting EMVCo Software-Based Mobile Payment (SBMP) certification.
Security certification considerations when choosing a secure product

Security certification considerations when choosing a secure product

Understanding Common Criteria and Evaluation Assurance Levels, and putting these into context when choosing secure products and services.
The Price We Pay for Fault Injection

The Price We Pay for Fault Injection

This new paper describes the background and risks of Fault Injection.
DURIP Unlocks Research Opportunities for Universities with CHIPS Act Funding

DURIP Unlocks Research Opportunities for Universities with CHIPS Act Funding

DURIP Unlocks Research Opportunities for Universities with CHIPS Act Funding
My internship at Riscure: Shivam Kapoor

My internship at Riscure: Shivam Kapoor

In this blog post, Security Analyst Shivam Kapoor shares his internship and career journey at Riscure.
Security Highlight: CPU Fuzzing

Security Highlight: CPU Fuzzing

We look at the recent publication in the growing field of pre-silicon security analysis, particularly in CPU fuzzing.
My internship at Riscure: Utsav Dayal

My internship at Riscure: Utsav Dayal

In this blog post, Security Analyst Utsav Dayal shares his internship experience at Riscure and discusses the research he worked on.
Flipper Zero – The Controversial Pentesting Tool That Went Viral

Flipper Zero – The Controversial Pentesting Tool That Went Viral

Flipper Zero - a pocket-sized hacking tool - is stirring debates in the device security community.
Security Highlight: You may be leaking secrets if you don’t keep your pace

Security Highlight: You may be leaking secrets if you don’t keep your pace

At the recent CHES conference in Prague a team from Karlsruhe Institute of Technology reported a new side channel and a successful attack.
Security Highlight: The Impact of Zenbleed

Security Highlight: The Impact of Zenbleed

In this blog post we discuss the recent hardware vulnerability in AMD Zen 2 processors.
Security Highlight: Stretching local attacks too far

Security Highlight: Stretching local attacks too far

We take a closer look at the recent research that attempted to convert one side channel to another.
Type-Aware Fuzzing with Security Benchmarks

Type-Aware Fuzzing with Security Benchmarks

In this blog post, we discuss the problem of harnessing C code for fuzzing.