STMicroelectronics STM32F1 Information Disclosure Vulnerability

The STMicroelectronics STM32F1 is an ARM Cortex M3-based 32-bit microcontroller from STMicroelectronics, Switzerland. An information disclosure vulnerability exists in the STMicroelectronics STM32F1 that stems from improper access control. An attacker could exploit the vulnerability to gain acces...

CVE-2018-18056

An issue was discovered in the Texas Instruments TI TM4C, MSP432E and MSP432P microcontroller series. The eXecute-Only-Memory XOM implementation prevents code read-outs on protected memory by generating bus faults. However, single-stepping and using breakpoints is allowed in XOM-protected flash...

Buffer overflow

An issue was discovered in the Texas Instruments TI TM4C, MSP432E and MSP432P microcontroller series. The eXecute-Only-Memory XOM implementation prevents code read-outs on protected memory by generating bus faults. However, single-stepping and using breakpoints is allowed in XOM-protected flash...

CVE-2018-18056

An issue was discovered in the Texas Instruments TI TM4C, MSP432E and MSP432P microcontroller series. The eXecute-Only-Memory XOM implementation prevents code read-outs on protected memory by generating bus faults. However, single-stepping and using breakpoints is allowed in XOM-protected flash...

CVE-2018-18056

The CVE-2018-18056 entry concerns TI TM4C, MSP432E and MSP432P microcontroller series. The issue stems from the eXecute-Only-Memory (XOM) implementation, which prevents code reads on protected memory by using bus faults, yet allows single-step/breakpoint use in XOM-protected flash. This enables a...

Walkthrough. Investigating an SSD

I had an interesting job come in. A client wants the data off a dead SSD, and it’s a model that regular data recovery companies won’t deal with, an SK Hynix drive. It’s used extensively on many Dell laptops. The drive is NVMe which means it uses several PCIe lanes for communication. First things...

Cryptocurrency Wallet Hacks Spark Dustup

LEIPZIG, GERMANY – Hardware based cryptocurrency wallets may not be as secure as promised. That’s the judgement of Dmitry Nedospasov, Thomas Roth and Josh Datko who together presented their research at a session here at the 35c3 conference called “wallet.fail.” In the talk the researchers...

CVE-2018-11986

In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, Possible buffer overflow in TX and RX FIFOs of microcontroller in camera subsystem used to exchange commands and messages between Micro FW and CPP driver...

Buffer overflow

In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, Possible buffer overflow in TX and RX FIFOs of microcontroller in camera subsystem used to exchange commands and messages between Micro FW and CPP driver...

CVE-2018-11986

CVE-2018-11986 : The vulnerability affects Android releases under CAF using the Linux kernel, specifically in the camera subsystem’s microcontroller FIFO (TX/RX) handling that exchanges commands between Micro FW and the CPP driver. The issue is a possible buffer overflow in these FIFOs. The NVD e...

CVE-2018-11986

In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, Possible buffer overflow in TX and RX FIFOs of microcontroller in camera subsystem used to exchange commands and messages between Micro FW and CPP driver...

Ghost hardware. Device No.2, the Boo Buddy

The “Boo Buddy” is sold as a “trigger object” with a wide range of internal functionality such as EMF, motion and temperature detection. It’s a “trigger object”, in the sense that it is designed to evoke the spirits of children, who might be drawn in by the presence of a toy. Many people have...

Researchers Heat Up Cold-Boot Attack That Works on All Laptops

A pair of researchers have developed an attack method that can bypass mitigations for cold-boot attacks on laptops. A physical attacker can compromise a laptop that’s in sleep mode, potentially lifting sensitive passwords, encryption keys and other information. The ramifications are, on the...

PT-2018-16228 · Insteon · Insteon Hub

Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1013 Description: An exploitable permanent denial of service issue exists due to the firmware upgrade functionality retrieving signed firmware binaries using plain HTTP requests. The device does not check the type of...

Modern OSs for embedded systems

At Kaspersky Lab we analyze the technologies available on cybersecurity market and this time we decided to look at what OS developers are offering for embedded systems or, in other words, the internet of things. Our primary interest is how and to what degree these OSs can solve...

BrilliantTS FUZE card (MCU firmware 0.1.73, BLE firmware 0.7.4)Vulnerability

Description of FUZE Card FUZE is an IoT device the size, shape, and thickness of a normal credit card. You program credit cards into it via Bluetooth BLE using a smart phone app. When you go to pay, you use the buttons and e-Paper display to select which card to emulate. The magnetic stripe...

PT-2018-18867 · Brilliantts · Brilliantts Fuze Card

Name of the Vulnerable Software and Affected Versions: BrilliantTS FUZE card MCU firmware 0.1.73, BLE firmware 0.7.4 Description: The issue allows an attacker with physical access to unlock the card, extract credit card numbers, and tamper with data on the card via Bluetooth, as no authentication...

Intel Confirms Its Much-Loathed ME Feature Has A Kill Switch

Researchers at Positive Technologies forced Intel’s hand at revealing that a previously undocumented kill switch exists for its oft-criticized Intel Management Engine, a remote management component of Intel CPUs. Initially, Positive Technologies set out to disable the feature that some security...

Credit Card Magstripe Spoofer: MagSpoof

MagSpoof is a device that can spoof/emulate any magnetic stripe or credit card. It can work “wirelessly”, even on standard magstripe/credit card readers, by generating a strong electromagnetic field that emulates a traditional magnetic stripe card. MagSpoof does not enable you to use credit cards...

USBDriveby Device Can Install Backdoor, Override DNS Settings in Seconds

Samy Kamkar has a special talent for turning seemingly innocuous things into rather terrifying attack tools. First it was an inexpensive drone that Kamkar turned into a flying hacking platform with his Skyjack research, and now it’s a $20 USB microcontroller that Kamkar has loaded with code that...