Blog

How multi-fault injection breaks the security of smart cards

How multi-fault injection breaks the security of smart cards

05 Mar, 10 | Technical
How multi-fault injection breaks the security of smart cards from Riscure
Read More
Why are we still vulnerable to Side Channel Attacks?

Why are we still vulnerable to Side Channel Attacks?

11 Feb, 10 | Technical
Why are we still vulnerable to Side Channel Attacks? from Riscure
Read More
How to secure electronic passports

How to secure electronic passports

02 Jul, 07 | Technical
How to secure electronic passports from Riscure
Read More
Java Card Security

Java Card Security

24 Feb, 04 | Technical
Java Card Security from Riscure
Read More
Security Highlight: The Difficulty of Securing a Mobile Phone

Security Highlight: The Difficulty of Securing a Mobile Phone

14 Apr, 21 | Security Highlight
Our team did a deep dive into TEEGRIS, the newest TEE of Samsung. As a result, we proved that this TEE, introduced in 2019 for the Galaxy S10, can be fully compromised by a determined expert. ...
Read More
Failure analysis techniques applied for Side Channel Analysis

Failure analysis techniques applied for Side Channel Analysis

07 Apr, 21 | Industry Updates
Riscure conducted research that proved that a specific failure analysis method, Thermal Laser Stimulation, can be effective to recover key material.
Read More
Breaking TEE Security Part 3: Escalating Privileges

Breaking TEE Security Part 3: Escalating Privileges

30 Mar, 21 | Device Evaluation
In our previous two blog posts, we first introduced Samsung’s TEE OS TEEGRIS and then showed how to exploit a Trusted Application (TA) and gain runtime control.
Read More
Breaking TEE Security Part 2: Exploiting Trusted Applications (TAs)

Breaking TEE Security Part 2: Exploiting Trusted Applications (TAs)

12 Mar, 21 | Device Evaluation
In this second blog post, we will continue to explore TEEGRIS by reverse engineering TAs in order to identify and exploit vulnerabilities.
Read More
Security Highlight: What it takes to hack a tesla and what it means for device makers

Security Highlight: What it takes to hack a tesla and what it means for device makers

09 Mar, 21 | Security Highlight
KU Leuven's security research group COSIC has a strong track record in studying Tesla security and demonstrated attacks on model S in 2018 and 2019. This time, they broke model X and applied ...
Read More
Sharing knowledge through blended learning

Sharing knowledge through blended learning

26 Feb, 21 | Learning
You know your team needs to learn new skills. But are they actually going to be able to put new knowledge into practice? Will this investment pay off? And how does this work in a remote-first world?
Read More
Breaking TEE Security Part 1: TEEs, TrustZone and TEEGRIS

Breaking TEE Security Part 1: TEEs, TrustZone and TEEGRIS

23 Feb, 21 | Device Evaluation
The goal of our investigation was to assess how strong Samsung’s TEE security OS is and whether it can be compromised to obtain runtime control and extract all protected assets, allowing, e.g. ...
Read More
Security Highlight: a Journey to Titan

Security Highlight: a Journey to Titan

10 Feb, 21 | Security Highlight
Recently, NinjaLab investigated Titan, a two-factor authentication token offered by Google, and broke its secure crypto implementation.
Read More
Security Highlight: The real threat of Amnesia-33

Security Highlight: The real threat of Amnesia-33

04 Feb, 21 | Security Highlight
At the end of last year, ForeScout analyzed seven open-source software libraries and found a set of 33 vulnerabilities in four of them (uip, picoTCP, FNET, Nut/Net). Three of these ...
Read More