#hardware-security — Public Fediverse posts

Interesting work on AMD SEV-SNP by Benedict Schlüter, Christoph Wech and @Shweta: https://fabricked-attack.github.io/

By reconfiguring data fabric routing from the untrusted, hypervisor-controlled UEFI firmware, they redirect Platform Security Processor (PSP) memory accesses, compromising SEV-SNP initialization, particularly the Reverse Map Table (RMP).

#Fabricked #sevsnp #security #hardwaresecurity #confidentalcomputing

Investigating Split Locks on x86-64

https://chipsandcheese.com/p/investigating-split-locks-on-x86

#HackerNews #SplitLocks #x86_64 #CPUArchitecture #HardwareSecurity #TechInvestigation

Critics call FCC router rule a ‘big swing’ that could create more supply chain uncertainty | CyberScoop
https://cyberscoop.com/fcc-bans-foreign-routers-critics-warn-about-supply-chain/

#Cybersecurity #InfoSec #FCC #SupplyChain #HardwareSecurity #NetSec #TechNews #NationalSecurity #MastodonAdmin

Caetra new release v1.2.0; added new shield that reacts when a webcam turns it on/off.

With this shield we are trying to avoid privacy leaks from you and others, among possible security visual breaches like harvesting information about your surroundings. Do not forget to cover your webcam with a nice cat sticker :3

https://github.com/carvilsi/caetra

#physicalSecurity #physicalAttacks #linuxhardening #hardwareSecurity #bpf #ebpF #bcc

caetra new release v1.1.0; added new shield to react when the CD-DVD-ROM tray opens or closes.

https://github.com/carvilsi/caetra?tab=readme-ov-file#12-cd_dvd_rom

#physicalSecurity #physicalAttacks #linuxhardening #hardwareSecurity #bpf #ebpF #bcc

Was für ein unbeschreibliches Gefühl! 📦📚

Nach über acht Monaten intensiver Arbeit, unzähligen Tassen Schwarztee und Club-Mate-Flaschen war es heute so weit: Der Postbote stand vor der Tür und überreichte mir die allerersten Autorenexemplare meines ersten eigenen englischsprachigen Buches!

„Hacking Hardware: The Practical Guide to Penetration Testing and Prevention” ist nun offiziell bei Rheinwerk Publishing in den USA erschienen. Es physisch in den Händen zu halten, durch die frisch gedruckten Seiten zu blättern und das eigene Cover zu sehen, ist ein absoluter Meilenstein für mich.

#HackingHardware #Pentesting #Cybersecurity #InfoSec #HardwareSecurity #RheinwerkPublishing #AuthorLife

Google OpenTitan open source security chip is now shipping inside Chromebooks

https://fed.brid.gy/r/https://nerds.xyz/2026/03/google-opentitan/

Leanpub book LAUNCH 🚀 Code, Chips and Control: The Security Posture of Digital Isolation by Sal Kimmich

Watch here: https://youtu.be/KCURt43Rqhg

#books #leanpublishing #selfpublishing #booklaunch #cybersecurity #infosec #securityarchitecture #supplychainsecurity #opensource #devsecops #hardwaresecurity #softwaresecurity #zerotrust #leanpubpodcast

Leanpub book LAUNCH 🚀 Code, Chips and Control: The Security Posture of Digital Isolation by Sal Kimmich

Watch here: https://youtu.be/KCURt43Rqhg

#books #leanpublishing #selfpublishing #booklaunch #cybersecurity #infosec #securityarchitecture #supplychainsecurity #opensource #devsecops #hardwaresecurity #softwaresecurity #zerotrust #leanpubpodcast

Understanding that it's probably nowhere close to as good as the #GoogleTensor chip or #SamsungKnox, has anyone done an analysis of the #HardwareSecurity of the @jolla phone line?

#security #MobileSecurity #JollaPhone #SailfishOS

Leanpub book LAUNCH 🚀 Code, Chips and Control: The Security Posture of Digital Isolation by Sal Kimmich

Watch here: https://youtu.be/KCURt43Rqhg

#books #leanpublishing #selfpublishing #booklaunch #cybersecurity #infosec #securityarchitecture #supplychainsecurity #opensource #devsecops #hardwaresecurity #softwaresecurity #zerotrust #leanpubpodcast

NEW! A Leanpub Podcast Interview with Sal Kimmich, Author of Code, Chips and Control: The Security Posture of Digital Isolation

Watch here: https://youtu.be/kfeJVv7boNs

#books #leanpublishing #selfpublishing #cybersecurity #infosec #securityarchitecture #supplychainsecurity #opensource #devsecops #hardwaresecurity #softwaresecurity #zerotrust #leanpubpodcast

Leanpub Book LAUNCH 🚀 Code, Chips and Control: The Security Posture of Digital Isolation by Sal Kimmich

Through the lens of the top 100 hacks since 1985, learn cybersecurity through real-world examples of what went wrong to convince us of “best practices".

Watch on our blog here:

https://leanpub.com/blog/leanpub-book-launch-code-chips-and-control-the-security-posture-of-digital-isolation-by-sal-kimmich

#books #leanpublishing #selfpublishing #booklaunch #cybersecurity #infosec #securityarchitecture #supplychainsecurity #opensource #devsecops #hardwaresecurity #softwaresecurity #zerotrust

Leanpub book LAUNCH 🚀 Code, Chips and Control: The Security Posture of Digital Isolation by Sal Kimmich

Watch here: https://youtu.be/KCURt43Rqhg

#books #leanpublishing #selfpublishing #booklaunch #cybersecurity #infosec #securityarchitecture #supplychainsecurity #opensource #devsecops #hardwaresecurity #softwaresecurity #zerotrust #leanpubpodcast

In this episode of the Leanpub Podcast, Sal Kimmich offers a deep technical look at the evolving security landscape across hardware, software, and open-source ecosystems.

Watch & read on our blog here:

https://leanpub.com/blog/the-leanpub-podcast-feat-sal-kimmich-author-of-code-chips-and-control-the-security-posture-of-digital-isolation

#books #leanpublishing #selfpublishing #cybersecurity #infosec #securityarchitecture #supplychainsecurity #opensource #devsecops #hardwaresecurity #softwaresecurity #zerotrust #leanpubpodcast

NEW! A Leanpub Podcast Interview with Sal Kimmich, Author of Code, Chips and Control: The Security Posture of Digital Isolation

Watch here: https://youtu.be/kfeJVv7boNs

#books #leanpublishing #selfpublishing #cybersecurity #infosec #securityarchitecture #supplychainsecurity #opensource #devsecops #hardwaresecurity #softwaresecurity #zerotrust #leanpubpodcast

Every modern system carries a tiny vault called a TPM—Trusted Platform Module.
It protects encryption keys and validates your system at boot.
TPM is now required for Windows 11, making firmware vigilance more critical than ever.
Even trusted hardware needs updates.
Trust, but patch.
#CyberSecurity #HardwareSecurity #Privacy #B2B

Firmware is low-level code that powers everything from routers to laptops.
It’s invisible, vital—and often ignored.
Unpatched firmware can expose known vulnerabilities for years.
✅ Check vendor updates
✅ Enable secure boot
✅ Replace hardware with signed firmware support
Security starts below the OS.
#CyberSecurity #HardwareSecurity #B2B

🖥️ Data doesn’t vanish when you hit delete.

Proper hardware disposal is a compliance act—GDPR & ISO 27001 both demand secure data destruction.

That means:
• Cryptographic wipes
• Degaussing or shredding
• Verified certificates of destruction

Compliance isn’t digital-only.

#Privacy #HardwareSecurity #DataProtection #GDPR #B2B

New Hardware Based 'ONEFLIP' Attack Can Hijack AI Models by Flipping a Single Memory Bit

#AI #AISecurity #Cybersecurity #Rowhammer #ONEFLIP #HardwareSecurity

https://winbuzzer.com/2025/08/25/new-hardware-based-oneflip-attack-can-hijack-ai-models-by-flipping-a-single-memory-bit-xcxwbn

Nvidia Denies GPU Backdoors as China Probe Threatens Renewed H20 Chip Sales

#AI #Nvidia #NvidiaH20 #ChipWar #Geopolitics #HardwareSecurity #China

https://winbuzzer.com/2025/08/06/nvidia-denies-gpu-backdoors-as-china-probe-threatens-renewed-h20-chip-sales-xcxwbn

Critical ‘Revault’ Flaws Leaves over 100 Dell Laptop Models Vulnerable if Unpatched

#CyberSecurity #Dell #Vulnerability #Cisco #Firmware #ReVault #HardwareSecurity

https://winbuzzer.com/2025/08/05/critical-revault-flaws-leaves-over-100-dell-laptop-models-vulnerable-if-unpatched-xcxwbn

📢New in our Research-Blog: A Tale of Practical Keylogger Forensics

On a recent engagement, an interesting hardware side quest popped up.
A client had found a #keylogger and, naturally, Cass Rebellin and @jrt wanted to know what the adversary had seen and if they could gather any useful traces towards the perpetrator.
The full story 👉https://research.hisolutions.com/2025/07/a-tale-of-practical-keylogger-forensics/

#ResearchBlog #DFIR #HardwareSecurity

One of our founding directors, Mike Eftimakis, sat down with Akshaya Asokan from Information Security Media Group (ISMG) to explore how CHERI is helping tackle one of cybersecurity’s biggest challenges: memory safety.

CHERI (Capability Hardware Enhanced RISC Instructions) is a hardware-based approach to security, designed to prevent around 70% of today’s common vulnerabilities. Backed by industry leaders and the UK government, we're working to ensure global adoption across the electronics supply chain.

Watch the interview to learn more about:

💠 How CHERI addresses memory safety issues
💠 Common hardware supply chain vulnerabilities
💠 Progress on adoption by chipmakers
💠 Scalability challenges associated with CHERI

🎥 Watch the full interview: https://www.bankinfosecurity.com/uks-cheri-alliance-expands-to-global-hardware-supply-chain-a-28942

#CHERI #CyberSecurity #HardwareSecurity #MemorySafety #SecurityByDesign #InfoSec

🔧 Right to repair, but not to fix security?

Framework’s philosophy empowers users to open, upgrade, and repair their devices. But with great openness comes a security catch.

On the Framework 13, pressing the chassis intrusion switch 10 times resets the BIOS, removing passwords, Secure Boot, and more.

We flagged this to Framework. Their response?
"It's a feature..."

That’s risky. This reset might help with recovery, but it also hands an attacker physical access to critical settings.

Kieran explains the issue, what this means for security, and how to protect your device.

📌Read here: https://www.pentestpartners.com/security-blog/framework-13-press-here-to-pwn/

#RightToRepair #HardwareSecurity #FrameworkLaptop #BIOSReset #SecurityByDesign #CyberSecurity