There’s a vulnerability in Wi-Fi hardware that breaks the encryption: The vulnerability exists in Wi-Fi chips made by Cypress Semiconductor and Broadcom, the latter a chipmaker Cypress acquired in 2016. The affected devices include iPhones, iPads, Macs, Amazon Echos and Kindles, Android devices, and Wi-Fi routers from Asus and Huawei, as well as the Raspberry … Read More “Wi-Fi Chip Vulnerability” »
Category: hardware
Auto Added by WPeMatico
BusKill is designed to wipe your laptop (Linux only) if it is snatched from you in a public place: The idea is to connect the BusKill cable to your Linux laptop on one end, and to your belt, on the other end. When someone yanks your laptop from your lap or table, the USB cable … Read More “USB Cable Kill Switch for Laptops” »
Really interesting research: TPM-FAIL: TPM meets Timing and Lattice Attacks, by Daniel Moghimi, Berk Sunar, Thomas Eisenbarth, and Nadia Heninger. Abstract: Trusted Platform Module (TPM) serves as a hardware-based root of trust that protects cryptographic keys from privileged system and physical adversaries. In this work, we per-form a black-box timing analysis of TPM 2.0 devices … Read More “TPM-Fail Attacks Against Cryptographic Coprocessors” »
Interesting story. I always recommend using a random number generator like Fortuna, even if you’re using a hardware random source. It’s just safer. Powered by WPeMatico
Interesting proof of concept: At the CS3sthlm security conference later this month, security researcher Monta Elkins will show how he created a proof-of-concept version of that hardware hack in his basement. He intends to demonstrate just how easily spies, criminals, or saboteurs with even minimal skills, working on a shoestring budget, can plant a chip … Read More “Adding a Hardware Backdoor to a Networked Computer” »
Security researchers Gabriel Campana and Jean-Baptiste BĂ©drune are giving a hardware security module (HSM) talk at BlackHat in August: This highly technical presentation targets an HSM manufactured by a vendor whose solutions are usually found in major banks and large cloud service providers. It will demonstrate several attack paths, some of them allowing unauthenticated attackers … Read More “Hacking Hardware Security Modules” »
Summary: Thangrycat is caused by a series of hardware design flaws within Cisco’s Trust Anchor module. First commercially introduced in 2013, Cisco Trust Anchor module (TAm) is a proprietary hardware security module used in a wide range of Cisco products, including enterprise routers, switches and firewalls. TAm is the root of trust that underpins all … Read More “Thangrycat: A Serious Cisco Vulnerability” »
Remember the Spectre and Meltdown attacks from last year? They were a new class of attacks against complex CPUs, finding subliminal channels in optimization techniques that allow hackers to steal information. Since their discovery, researchers have found additional similar vulnerabilities. A whole bunch more have just been discovered. I don’t think we’re finished yet. A … Read More “Another Intel Chip Flaw” »
This sounds like a good development: …a new $10 million contract the Defense Department’s Defense Advanced Research Projects Agency (DARPA) has launched to design and build a secure voting system that it hopes will be impervious to hacking. The first-of-its-kind system will be designed by an Oregon-based firm called Galois, a longtime government contractor with … Read More “DARPA Is Developing an Open-Source Voting System” »
Kaspersky is reporting on a series of bank hacks — called DarkVishnya — perpetrated through malicious hardware being surreptitiously installed into the target network: In 2017-2018, Kaspersky Lab specialists were invited to research a series of cybertheft incidents. Each attack had a common springboard: an unknown device directly connected to the company’s local network. In … Read More “Banks Attacked through Malicious Hardware Connected to the Local Network” »