Blog

Demystifying Secure Development for Devices & Apps

Demystifying Secure Development for Devices & Apps

Riscure worked together with Trustonic to accumulate the essential knowledge about secure development of mobile applications.
Security Pitfalls in TEE Development

Security Pitfalls in TEE Development

This paper describes an outlook of the most important future TEE security topics.
Attacking AUTOSAR using Software and Hardware Attacks

Attacking AUTOSAR using Software and Hardware Attacks

This paper describes several scenarios how software and hardware attacks can compromise the security of AUTOSAR-based automotive ECUs.
Hardening Secure Boot On Embedded Devices for Hostile Environments

Hardening Secure Boot On Embedded Devices for Hostile Environments

We present an approach for secure boot design, which can be used as a starting point for a complete hardened secure boot solution.
PEW PEW PEW: Designing Secure Boot Securely

PEW PEW PEW: Designing Secure Boot Securely

We present our vision on secure boot design for embedded devices by means of clear, concrete, practical and easy-to-follow recommendations.
Secure Boot Under Attack: Simulation to Enhance Fault Attacks & Defenses

Secure Boot Under Attack: Simulation to Enhance Fault Attacks & Defenses

This talk presents a fault simulator created using existing open-source components and without requiring a detailed model of the underlying hardware.
Security implications of accepting transactions on smartphones

Security implications of accepting transactions on smartphones

One of the most exciting innovations in the payment chain for retailers today is the potential of utilizing commercial-of-the-shelf (COTS) smartphones for Point-of-Sale terminals, also known as ...
Extracting and Analyzing Automotive Firmware Efficiently

Extracting and Analyzing Automotive Firmware Efficiently

In this paper we discuss hardware attacks, like fault injection, which can be used to efficiently extract automotive firmware from secured ECUs.
Side-channel based intrusion detection for industrial control systems

Side-channel based intrusion detection for industrial control systems

Research paper written by Pol Van Aubel and Kostas Papagiannopoulos from Radboud University, Digital Security Group; Lukasz Chmielewski from Riscure; Christian Doerr from Delft University of ...
Security Highlight: Unveiling EM Eye – a new vulnerability in embedded cameras

Security Highlight: Unveiling EM Eye – a new vulnerability in embedded cameras

This security highlight discusses the recent EM Eye vulnerability discovery, its practical implications, challenges, and potential countermeasures.
Security Takes the Front Seat in Automotive

Security Takes the Front Seat in Automotive

Modern cars are becoming more reliant on complex computer systems, leading to shifts in business models and product lifecycles in the automotive industry.
How to Tame a Light Switch

How to Tame a Light Switch

In a recent publication, Riscure illustrated the analysis and testing of a commercially available smart light switch. By understanding the methods used to exploit these devices, we can take ...
The Power of Collaboration – Examining the Latest Hardware CWE Updates

The Power of Collaboration – Examining the Latest Hardware CWE Updates

In this podcast, members from the Special Interest Group (SIG) of CWE, representing Intel, MITRE, AMD, Cycuity, and Riscure, delve into the importance of the new CWEs and explore the ...
The Impact of Rust on Security Development

The Impact of Rust on Security Development

On February 26th, the White House Office of the National Cyber Director (ONCD) released a report endorsing memory-safety for future software development. In this blogpost, we’ll talk about the ...
Security Highlight: Post-Quantum Cryptography on Embedded: challenges and opportunities

Security Highlight: Post-Quantum Cryptography on Embedded: challenges and opportunities

We are moving to an era where quantum computing threatens the confidentiality of current cryptographic protocols, specifically around "harvest now, decrypt later" attacks: the ability to store ...
My internship at Riscure: Maggie Mackenzie

My internship at Riscure: Maggie Mackenzie

In this blog post, Security Analyst Maggie Mackenzie shares her internship and career journey at Riscure.
From Card Skimming to Card Shimming: Legacy remains at risk

From Card Skimming to Card Shimming: Legacy remains at risk

Card skimming is an attack aimed to capture sensitive data on payment cards. Read about the current trends and developments in card skimming.
Understanding RFID Technology and Its Security Implications

Understanding RFID Technology and Its Security Implications

In this article, our team delves into the intricacies of RFID technology, highlighting its various applications while uncovering potential security implications that may be present within these ...