Cybersecurity

PC hardware vulnerabilities of summer 2022

There has been several BWAIN PC hardware vulnerabilities published this summer. BWAIN is a short name for a Bug With An Impressive Name. BWAIN is an accolade that we hand out when a new cybersecurity flaw not only turns out to be interesting and important, but also turns up with its own logo, domain name

Air gapped systems leak secrets in new ways

Some critical systems aren’t exposed to the public internet and sit, apparently safely, in an isolated environment, air gapped from the rest of the world by a lack of internet connectivity. The integrity of the air gap is only maintained when the means of data transport in and out of the environment are equally subject

HDMI firewall

Any device sporting a chip and some form of communications protocol can be hacked – that’s almost as strong a law as those governing gravity. Besides audio and video data, there are a number of parallel protocols in HDMI that transmit more information than we’d expect. There is I2C configuration data, HDCP (High-bandwidth Digital Content

New ‘Hertzbleed’ Remote Side-Channel Attack

Critical side-channel vulnerabilities in modern processors became well known in 2018 with Meltdown and Spectre vulnerabilities. And several more same type vulnerabilities followed. Now the newest on this series is called Hertzbleed Attack. It is a a new family of side-channel attacks: frequency side channels. Hertzbleed takes advantage that, under certain circumstances, the dynamic frequency

End of IE is here

With IE, Microsoft caused great damage to the Web. I’m happy to see it finally go. You probably won’t miss IE much as a result, but it’s still hard to ignore the program’s impact and its flaws. Microsoft ends Internet Explorer support in Windows 10 tomorrow It’s the end of an era you probably won’t