Talking about Clock Glitching
Clock Glitching as a viable technique that can potentially uncover new vulnerabilities and thus is useful in a hardware security testing environment.
Device Evaluation
Secure Implementation of Post Quantum Crypto in the spotlight
Marc Witteman shares his thoughts on the latest developments in secure Post Quantum Crypto
Introducing Riscuberry, Riscure’s advanced embedded target
Considering the changes in the security landscape, the new IoT target Riscuberry serves multiple purposes. Riscuberry is not only an up-to-date target for embedded security training but also a ...
Security evaluation of a smart device: D-Link DIR 2680 router
In this blog post, Riscure’s security analyst Naasa Fikri and senior trainer/senior security analyst Yashin Mehaboobe illustrate a common approach for a light security assessment of smart home ...
Breaking TEE Security Part 3: Escalating Privileges
In our previous two blog posts, we first introduced Samsung’s TEE OS TEEGRIS and then showed how to exploit a Trusted Application (TA) and gain runtime control.
Breaking TEE Security Part 2: Exploiting Trusted Applications (TAs)
In this second blog post, we will continue to explore TEEGRIS by reverse engineering TAs in order to identify and exploit vulnerabilities.
Breaking TEE Security Part 1: TEEs, TrustZone and TEEGRIS
The goal of our investigation was to assess how strong Samsung’s TEE security OS is and whether it can be compromised to obtain runtime control and extract all protected assets, allowing, e.g. ...
How to determine the cost of an attack objectively?
Setting priorities right is very important when it comes to security. As a developer of a software and/or hardware solution, you simply cannot chase every single bug or design issue. If you know ...
Justin, the OEM and the automotive cybersecurity requirements: Part 3
Justin is on the phone with Alex from Riscure, discussing how to address security requirements from the OEM. After some minutes, Justin realized he needs to align with Chris from the OEM on what ...
Talking about Clock Glitching
Clock Glitching as a viable technique that can potentially uncover new vulnerabilities and thus is useful in a hardware security testing environment.
Secure Implementation of Post Quantum Crypto in the spotlight
Marc Witteman shares his thoughts on the latest developments in secure Post Quantum Crypto
Introducing Riscuberry, Riscure’s advanced embedded target
Considering the changes in the security landscape, the new IoT target Riscuberry serves multiple purposes. Riscuberry is not only an up-to-date target for embedded security training but also a ...
Security evaluation of a smart device: D-Link DIR 2680 router
In this blog post, Riscure’s security analyst Naasa Fikri and senior trainer/senior security analyst Yashin Mehaboobe illustrate a common approach for a light security assessment of smart home ...
Breaking TEE Security Part 3: Escalating Privileges
In our previous two blog posts, we first introduced Samsung’s TEE OS TEEGRIS and then showed how to exploit a Trusted Application (TA) and gain runtime control.
Breaking TEE Security Part 2: Exploiting Trusted Applications (TAs)
In this second blog post, we will continue to explore TEEGRIS by reverse engineering TAs in order to identify and exploit vulnerabilities.
Breaking TEE Security Part 1: TEEs, TrustZone and TEEGRIS
The goal of our investigation was to assess how strong Samsung’s TEE security OS is and whether it can be compromised to obtain runtime control and extract all protected assets, allowing, e.g. ...
How to determine the cost of an attack objectively?
Setting priorities right is very important when it comes to security. As a developer of a software and/or hardware solution, you simply cannot chase every single bug or design issue. If you know ...
Justin, the OEM and the automotive cybersecurity requirements: Part 3
Justin is on the phone with Alex from Riscure, discussing how to address security requirements from the OEM. After some minutes, Justin realized he needs to align with Chris from the OEM on what ...