Security Highlight

Security Highlight: Exploiting persistent faults in crypto

Security Highlight: Exploiting persistent faults in crypto

At the most recent CHES workshop, Hossein Hadipour of the Graz University of Technology presented an important step forward in exploiting persistent faults in crypto.
Security Highlight: Compromising printers via malicious third-party cartridges

Security Highlight: Compromising printers via malicious third-party cartridges

This fall, HP Inc. published an article describing a buffer overflow vulnerability in their printer software which would allow an attacker to obtain persistent remote code execution on the ...
Security Highlight: Marc Witteman on the roots of Riscure, device security, and pre-silicon

Security Highlight: Marc Witteman on the roots of Riscure, device security, and pre-silicon

The story of Riscure, like with many other technology businesses, started in the garage. Dissatisfied with the quality of then available hardware testing tooling, Marc Witteman founded Riscure ...
Security Highlight: Glitched on Earth by Humans

Security Highlight: Glitched on Earth by Humans

  The Black Hat conference always brings up interesting and current research within the device security industry. Jasper van Woudenberg attended the latest conference, ...
Security Highlight: Post Quantum Crypto – are we done yet?

Security Highlight: Post Quantum Crypto – are we done yet?

The US standards institute recently completed the third round of the Post Quantum Crypto (PQC) standardization process. This milestone was long-awaited, and even though we are one step closer to ...
Security Highlight: Honda Rolling-PWN attack

Security Highlight: Honda Rolling-PWN attack

The attack known as Rolling-PWN (CVE-2021-46145) [1] is the latest of a recent series of security issues affecting the car’s immobilizers and RKEs (Remote Keyless Entry, also known as the keyfob ...
Security Highlight: Hertzbleed – prime time for power side channel countermeasures or novelty attack?

Security Highlight: Hertzbleed – prime time for power side channel countermeasures or novelty attack?

Hertzbleed is a new side-channel attack that turns a power side channel into a timing side channel. That timing side channel may be exploitable even if the algorithm runs in a constant number of ...
Security Highlight: Evil Never Sleeps

Security Highlight: Evil Never Sleeps

Recently, Apple introduced a useful but potentially dangerous feature to its iPhones. Most of us would assume that a phone becomes inactive when switched off by the user or, due to low power. ...
Security highlight: Attack Stepping Stones

Security highlight: Attack Stepping Stones

Experienced hackers know that successful exploits usually require a series of vulnerabilities, the stepping stones. The combination of these vulnerabilities enables the attack path, and all of ...
Security Highlight: Exploiting persistent faults in crypto

Security Highlight: Exploiting persistent faults in crypto

At the most recent CHES workshop, Hossein Hadipour of the Graz University of Technology presented an important step forward in exploiting persistent faults in crypto.
Security Highlight: Compromising printers via malicious third-party cartridges

Security Highlight: Compromising printers via malicious third-party cartridges

This fall, HP Inc. published an article describing a buffer overflow vulnerability in their printer software which would allow an attacker to obtain persistent remote code execution on the ...
Security Highlight: Marc Witteman on the roots of Riscure, device security, and pre-silicon

Security Highlight: Marc Witteman on the roots of Riscure, device security, and pre-silicon

The story of Riscure, like with many other technology businesses, started in the garage. Dissatisfied with the quality of then available hardware testing tooling, Marc Witteman founded Riscure ...
Security Highlight: Glitched on Earth by Humans

Security Highlight: Glitched on Earth by Humans

  The Black Hat conference always brings up interesting and current research within the device security industry. Jasper van Woudenberg attended the latest conference, ...
Security Highlight: Post Quantum Crypto – are we done yet?

Security Highlight: Post Quantum Crypto – are we done yet?

The US standards institute recently completed the third round of the Post Quantum Crypto (PQC) standardization process. This milestone was long-awaited, and even though we are one step closer to ...
Security Highlight: Honda Rolling-PWN attack

Security Highlight: Honda Rolling-PWN attack

The attack known as Rolling-PWN (CVE-2021-46145) [1] is the latest of a recent series of security issues affecting the car’s immobilizers and RKEs (Remote Keyless Entry, also known as the keyfob ...
Security Highlight: Hertzbleed – prime time for power side channel countermeasures or novelty attack?

Security Highlight: Hertzbleed – prime time for power side channel countermeasures or novelty attack?

Hertzbleed is a new side-channel attack that turns a power side channel into a timing side channel. That timing side channel may be exploitable even if the algorithm runs in a constant number of ...
Security Highlight: Evil Never Sleeps

Security Highlight: Evil Never Sleeps

Recently, Apple introduced a useful but potentially dangerous feature to its iPhones. Most of us would assume that a phone becomes inactive when switched off by the user or, due to low power. ...
Security highlight: Attack Stepping Stones

Security highlight: Attack Stepping Stones

Experienced hackers know that successful exploits usually require a series of vulnerabilities, the stepping stones. The combination of these vulnerabilities enables the attack path, and all of ...