Riscure Blog

Our team did a deep dive into TEEGRIS, the newest TEE of Samsung. As a result, we proved that this TEE, introduced in 2019 for the Galaxy S10, can be fully compromised by a determined expert. The research is documented in a series of technical blogs, but here we summarize the results and lessons for the non-technical reader.

In this blog post, Riscure’s security analyst Naasa Fikri and senior trainer/senior security analyst Yashin Mehaboobe illustrate a common approach for a light security assessment of smart home devices with D-Link DIR 2680 router as a target.

Riscure conducted research that proved that a specific failure analysis method, Thermal Laser Stimulation, can be effective to recover key material.

In our previous two blog posts, we first introduced Samsung’s TEE OS TEEGRIS and then showed how to exploit a Trusted Application (TA) and gain runtime control.

In this second blog post, we will continue to explore TEEGRIS by reverse engineering TAs in order to identify and exploit vulnerabilities.

KU Leuven's security research group COSIC has a strong track record in studying Tesla security and demonstrated attacks on model S in 2018 and 2019. This time, they broke model X and applied some new techniques for that, using 2 design flaws, both exploiting a lack of authentication.

You know your team needs to learn new skills. But are they actually going to be able to put new knowledge into practice? Will this investment pay off? And how does this work in a remote-first world?

The goal of our investigation was to assess how strong Samsung’s TEE security OS is and whether it can be compromised to obtain runtime control and extract all protected assets, allowing, e.g. decryption of user data and possible payment frauds.

Recently, NinjaLab investigated Titan, a two-factor authentication token offered by Google, and broke its secure crypto implementation.