Hardware Trojan Inserted Inside A RISC-V Based Automotive Telematics Control Unit


A new technical paper titled "On the Feasibility of Remotely Triggered Automotive Hardware Trojans" was written by researchers at Georgia Tech. "In this paper, we discuss how Hardware Trojans can act as the physical access intermediates to allow the remote triggering of malicious payloads embedded in ECUs, through seemingly benign wireless communication. We demonstrate a proof of concept ECU... » read more

Hertzbleed: A New Family of Side-Channel Attacks–Root Case: Dynamic Frequency Scaling


  New research paper titled "Hertzbleed: Turning Power Side-Channel Attacks Into Remote Timing Attacks on x86" from researchers at UT Austin, University of Illinois Urbana-Champaign (UIUC) and University of Washington can be found here. (preprint). This paper will be presented at the 31st USENIX Security Symposium (Boston, 10–12 August 2022). Summary explanation of the Hertzbleed ... » read more

SMASH: Synchronized Many-sided Rowhammer Attacks from JavaScript


Authors: Finn de Ridder, ETH Zurich and VU Amsterdam; Pietro Frigo, Emanuele Vannacci, Herbert Bos, and Cristiano Giuffrida, VU Amsterdam; Kaveh Razavi, ETH Zurich Abstract: "Despite their in-DRAM Target Row Refresh (TRR) mitigations, some of the most recent DDR4 modules are still vulnerable to many-sided Rowhammer bit flips. While these bit flips are exploitable from native code, tri... » read more