Hardware Security - Tagged - Security Boulevard

ZeroNights 2018, HC Ma’s ‘Massive Scale USB Device Driver Fuzz WITHOUT Device’

From the Video Description: USB is one of the most common interfaces supported on modern computers. Modern OSes offer tons of USB drivers to support frequently used USB device classes. For other ...

ZeroNights 2018, Alexandre Gazet’s, Fabien (0xf4b) Perigaud’s & Joffrey (@_Sn0rkY) Czarny’s ‘Turning Your BMC Into A Revolving Door’

From The Video Description: "Unmonitored and unpatched BMC (remote administration hardware feature for servers) are an almost certain source of chaos. They have the potential to completely undermined the security of complex ...
Time To Stop: More Intel Tomfoolery Discovered

Time To Stop: More Intel Tomfoolery Discovered

Another chip-based flaw has now reared it's miniscule silicon noggin over Intel-way. Pro Tip: It would be wise to perform adequate security testing on these products before unleashing them on the world, ...
Windows remote code printers Bugcrowd

Guarding Against Backdoors and Malicious Hardware

In a post-Supermicro-scoop world, it’s important for security teams to review the basics on detecting and guarding against hardware backdoors. Malicious software is relatively easy to find, but what if your actual ...
Security Boulevard
Denials, Denials, Denials, Believe Them Or Not, Something Is Rotten On The Supply-Chain Side...

Denials, Denials, Denials, Believe Them Or Not, Something Is Rotten On The Supply-Chain Side…

Apple Inc. (Nasdaq: AAPL) has quite forcefully denied the (via Reuters, reportedly written by George Stathakopoulos - Apple’s Vice President for Information Security) existence of surreptitious-command-and-control-chip-insertions on system boards within devices manufactured ...
The Joy of Tech®'s ' 'Parental Controls'

The Joy of Tech®’s ‘ ‘Parental Controls’

via the Comic Noggins of Nitrozac and Snaggy at The Joy of Tech®! : Permalink ...
dial phone.jpg

MDM Brute Forced

via Sean Gallagher, writing at Ars Technica, comes this particularly unfortunate news for Apple Inc. (Nasdaq: AAPL) MDM (Mobile Device Management) bits - especially considering there will be a flood of new ...
Hardware Security, Ramtin Amin's Take

Hardware Security, Ramtin Amin’s Take

Friend of the Blog Trey Blalock of Firewall Consultants sent a link in yesterday which amgically trasnprted us to Ramtin Amin's Web Blog yesterday (in actuality, a Hardware Security blog of considerable ...
NetSpectre, The New Vector

NetSpectre, The New Vector

Meanwhile, in Spectre (PDF) news, comes word from Ars Technica's Peter Bright, of a newly discovered attack vector (PDF) (dubbed NetSpectre) using the pernicious speculative-execution in-built microscode from the Minds of Intel ...
Positioning System Spoof Lash-up Can Reroute Robotic Automobiles Into Opposing Traffic

Positioning System Spoof Lash-up Can Reroute Robotic Automobiles Into Opposing Traffic

Bad mojo written up at Ars Technica and The Wall Street Journal, in the GPS realm. It's high time for the manufacturers to step up remediation efforts targeting these pernicious position system ...