To use our site, you agree to the use of cookies and data processing according to our privacy statement.

Riscure Blog

Electronic devices have a limited lifetime. Not so much because the electronics wear out, but because the technology ages. A typical example is a smartphone. People replace them because they seek the newest features, like communication speed, screen size, biometrics, and energy capacity. Due to the fast technological advancements, smartphones have an average lifespan of only 2.5 years. However, this parameter varies per product. TVs have a life expectancy of 6 years, and cars even survive 12 years.

Learn more

Hardware Fault Injection is increasingly recognized as a dangerous alternative, or prelude, to pure software attacks. While FI attacks are often technically complex and require physical access to a device, they open up a world of attack opportunities leaving almost every line of code vulnerable.

Learn more

On the device side, we can distinguish the 5G communication stack and the non-communication part of the device (including the hardware, OS, and applications).

Learn more

Apple recently introduced the AirTag, a small 30$ device that helps you locate lost or stolen items.

Learn more

CENSUS Labs has recently identified several vulnerabilities in the popular WhatsApp Android application.

Learn more

Our team did a deep dive into TEEGRIS, the newest TEE of Samsung. As a result, we proved that this TEE, introduced in 2019 for the Galaxy S10, can be fully compromised by a determined expert. The research is documented in a series of technical blogs, but here we summarize the results and lessons for the non-technical reader.

Learn more

KU Leuven's security research group COSIC has a strong track record in studying Tesla security and demonstrated attacks on model S in 2018 and 2019. This time, they broke model X and applied some new techniques for that, using 2 design flaws, both exploiting a lack of authentication.

Learn more

Recently, NinjaLab investigated Titan, a two-factor authentication token offered by Google, and broke its secure crypto implementation.

Learn more

At the end of last year, ForeScout analyzed seven open-source software libraries and found a set of 33 vulnerabilities in four of them (uip, picoTCP, FNET, Nut/Net). Three of these vulnerabilities are critical and can lead to remote code execution.

Learn more