Blog & News

Aktuelles von SCHUTZWERK

preview-image for Logo of the CacheWarp attack

CacheWarp: Dropping one write to take over AMD-SEV

23. November, 2023 #attacks #news #reverse engineering

On 2023-11-14 the CISPA Helmholtz Center for Information Security published a new Attack on AMD-SEV called CacheWarp (CVE-2023-20592), in which I am one of the original authors. This attack allows a malicious hypervisor to drop memory writes on an encrypted VM using the invd instruction. Due to the difficulty of the setup, a feasible attack should only drop memory once to achieve its goal. In this article, we examine how one memory drop is enough to break openssh and sudo to completely hijack the victim system.

preview-image for Telechips und SCHUTZWERK gehen eine SoC Cybersecurity Kooperation ein

Kooperation mit Telechips zur Stärkung der SoC Cybersecurity

22. August, 2023 #news #automotive security #embedded security

Wir freuen uns, bekannt zu geben, dass Telechips, ein führender Anbieter von System-on-Chip (SoC)-Komponenten für In-Vehicle Infotainment- und Cockpit-Lösungen in der Automobilindustrie mit Sitz in Seoul, Südkorea, SCHUTZWERK als strategischen Partner für SoC-Cybersecurity-Assessments ausgewählt hat. Telechips hat sich für eine Kooperation mit SCHUTZWERK, einem renommierten und erfahrenen Anbieter von Automotive- und Embedded-Security-Assessments, entschieden, um umfassende Cybersecurity-Assessments mit dem gesamten SoC-Portfolio bis Ende 2024 durchzuführen. Während der Zusammenarbeit wird das Fachwissen des erfahrenen Embedded Security Teams von SCHUTZWERK genutzt, um die ganzheitliche Sicherheit der SoCs von Telechips beizubehalten und, wo möglich, noch weiter zu verbessern.

preview-image for Kubescale Title Image

Kubernetes RBAC: Paths for Privilege Escalation

17. Juli, 2023 #kubernetes #cloud #container #attacks

Kubernetes is a widely used open-source container orchestration system that helps to reduce workloads when dealing with container management in distributed systems. Its built-in authorization module is enabled by default and provides authorization mechanisms that prevent unauthorized access to resources. However, certain permissions enable their subject to escalate their privileges to a potentially Cluster compromising extent.

preview-image for Title image

The PROBoter software framework

10. Juli, 2023 #proboter #embedded security #secforcars #toolrelease

The last part of the PROBoter series showed how innovative algorithms can help an embedded system pentester to analyze recorded voltage signals of an unknown PCB. Besides basic signal characteristics, these algorithms can link signal lines and identify communication buses typically found on PCBs like I2C or SPI. In this final post of the PROBoter series, we draw the big picture of the PROBoter software framework. In parallel to the release of this post, all missing services forming the framework are released on the PROBoter Github repo.

Blog & News Archiv

Blog & News Archiv

Aktuell 2022 2021 2020