We from SCHUTZWERK will be at the Embedded World in Nuremberg from April 9th to 11th, 2024! The Embedded World is a trade fair for experts in embedded systems. Come visit our booth 372 in Hall 5 and meet our special companion: Our Glitching Setup, which we use for Fault-Injection attacks as part of Embedded Security Assessments , for example, to bypass security checks like password prompts.
SCHUTZWERK is visiting Munich! From February 21st to 22nd, 2024, we will be at the building IoT Conference participating with a presentation. The building IoT has been the meeting point since 2016 for those developing software applications and digital products in the Internet of Things and Industrial Internet of Things.
On February 22nd, in our presentation Breaking Through the Wall: Side Channel Attacks and Fault Injection we will showcase invisible methods through which attackers obtain confidential information.
On 2023-11-14 the CISPA Helmholtz Center for Information Security published a new Attack on AMD-SEV called CacheWarp (CVE-2023-20592), in which I am one of the original authors. This attack allows a malicious hypervisor to drop memory writes on an encrypted VM using the invd instruction. Due to the difficulty of the setup, a feasible attack should only drop memory once to achieve its goal. In this article, we examine how one memory drop is enough to break openssh and sudo to completely hijack the victim system.
We are excited to announce that Telechips, a leading supplier of System-on-Chip (SoC) components for automotive In-Vehicle Infotainment and cockpit solutions based in Seoul, South Korea, has selected SCHUTZWERK as their strategic partner for SoC cybersecurity assessments.
Telechips has chosen to partner with SCHUTZWERK, a renowned and experienced provider of automotive and embedded security assessments , to conduct comprehensive cybersecurity assessments of their entire SoC portfolio through the end of 2024.