Bypassing Secure Boot Using Fault Injection
This research is also available in a form of slides and video from the BlackHat Europe 2016.
Blog
Extracting and Analyzing Automotive Firmware Efficiently
In this paper we discuss hardware attacks, like fault injection, which can be used to efficiently extract automotive firmware from secured ECUs.
Side-channel based intrusion detection for industrial control systems
Research paper written by Pol Van Aubel and Kostas Papagiannopoulos from Radboud University, Digital Security Group; Lukasz Chmielewski from Riscure; Christian Doerr from Delft University of ...
Analyzing the security of Cloud-Based Payment apps on Android
Riscure’s researchers analyzed more than 426 Android payment applications, downloaded directly from the Google App Store.
Deep Learning for Side Channel Analysis: Tuning your network efficiently
A video presentation by Guilherme Perin, from the Riscure User Workshop
13 steps to improve security and privacy when developing a smart lock
Our findings show that smart locks can introduce new security risks. We provide 13 recommendations for smart lock developers in this whitepaper.
Premium Content Delivery on Android: how to guard an open platform
Defending an Android implementation of a secure media path also requires a unique set of methods. This whitepaper provides a high-level overview of Android security risks for the content ...
Lowering the bar: deep learning for side-channel analysis
We show we can break a lightly protected AES, an AES implementation with masking countermeasures and a protected ECC implementation using Deep Learning.
Efficient Reverse Engineering of Automotive Firmware
In this paper we evaluate the efficiency of reverse engineering the firmware of an automotive embedded controller unit.
My journey at Riscure: Anna Kolesnichenko
What is the role of the Operations Manager?
I’m responsible for the well-being of the certification team, starting from ensuring the fulfillment of customer requests on ...
Security Highlight: Honda Rolling-PWN attack
The attack known as Rolling-PWN (CVE-2021-46145) [1] is the latest of a recent series of security issues affecting the car’s immobilizers and RKEs (Remote Keyless Entry, also known as the keyfob ...
My journey at Riscure: Nikola Medic
Nikola Medic, Director of Sales Certification at Riscure, has been helping customers find the best way to meet their product deployment objectives for more than 5 ...
Security Highlight: Hertzbleed – prime time for power side channel countermeasures or novelty attack?
Hertzbleed is a new side-channel attack that turns a power side channel into a timing side channel. That timing side channel may be exploitable even if the algorithm runs in a constant number of ...
My journey at Riscure: Hanna Humenyuk
Hanna Humenyuk is an International Sales and Business Development Manager specializing in Mobile Payment Security at Riscure. Before joining Riscure, Hanna worked in FinTech for over 10 years. ...
DRM security trends and future
The security measures implemented on the device determine the overall system level of protection as required by the license.
Security Highlight: Evil Never Sleeps
Recently, Apple introduced a useful but potentially dangerous feature to its iPhones. Most of us would assume that a phone becomes inactive when switched off by the user or, due to low power. ...
My journey at Riscure: Siebe Krijgsman
Siebe Krijgsman, Principal Engineer at Riscure, compares fundamental security topics to old action movies. He discusses the differences between various Riscure tools and the challenges of ...
My journey at Riscure: Praveen Vadnala
Praveen Vadnala, a principal security analyst, encourages companies to consider the security of their devices during all stages of the development lifecycle, and the earlier, the better.