Considering the changes in the security landscape, the new IoT target Riscuberry serves multiple purposes. Riscuberry is not only an up-to-date target for embedded security training but also a ...
Security evaluation of a smart device: D-Link DIR 2680 router
14 Apr, 21 |
In this blog post, Riscure’s security analyst Naasa Fikri and senior trainer/senior security analyst Yashin Mehaboobe illustrate a common approach for a light security assessment of smart home ...
Breaking TEE Security Part 3: Escalating Privileges
30 Mar, 21 |
In our previous two blog posts, we first introduced Samsung’s TEE OS TEEGRIS and then showed how to exploit a Trusted Application (TA) and gain runtime control.
Breaking TEE Security Part 1: TEEs, TrustZone and TEEGRIS
23 Feb, 21 |
The goal of our investigation was to assess how strong Samsung’s TEE security OS is and whether it can be compromised to obtain runtime control and extract all protected assets, allowing, e.g. ...
How to determine the cost of an attack objectively?
21 Jan, 20 |
Setting priorities right is very important when it comes to security. As a developer of a software and/or hardware solution, you simply cannot chase every single bug or design issue. If you know ...
Justin, the OEM and the automotive cybersecurity requirements: Part 3
24 May, 19 |
Justin is on the phone with Alex from Riscure, discussing how to address security requirements from the OEM. After some minutes, Justin realized he needs to align with Chris from the OEM on what ...
Considering the changes in the security landscape, the new IoT target Riscuberry serves multiple purposes. Riscuberry is not only an up-to-date target for embedded security training but also a ...
Security evaluation of a smart device: D-Link DIR 2680 router
14 Apr, 21 | Device Evaluation
In this blog post, Riscure’s security analyst Naasa Fikri and senior trainer/senior security analyst Yashin Mehaboobe illustrate a common approach for a light security assessment of smart home ...
Breaking TEE Security Part 3: Escalating Privileges
30 Mar, 21 | Device Evaluation
In our previous two blog posts, we first introduced Samsung’s TEE OS TEEGRIS and then showed how to exploit a Trusted Application (TA) and gain runtime control.
Breaking TEE Security Part 1: TEEs, TrustZone and TEEGRIS
23 Feb, 21 | Device Evaluation
The goal of our investigation was to assess how strong Samsung’s TEE security OS is and whether it can be compromised to obtain runtime control and extract all protected assets, allowing, e.g. ...
How to determine the cost of an attack objectively?
21 Jan, 20 | Device Evaluation
Setting priorities right is very important when it comes to security. As a developer of a software and/or hardware solution, you simply cannot chase every single bug or design issue. If you know ...
Justin, the OEM and the automotive cybersecurity requirements: Part 3
24 May, 19 | Device Evaluation
Justin is on the phone with Alex from Riscure, discussing how to address security requirements from the OEM. After some minutes, Justin realized he needs to align with Chris from the OEM on what ...