Update your OpenWrt router! Security issue made supply chain attack possible

A security issue that could have allowed attackers to serve malicious firmware images to users has been fixed by OpenWrt Project, the organization that helms the development of the popular Linux distribution for embedded devices. About OpenWrt OpenWrt … Continue reading Update your OpenWrt router! Security issue made supply chain attack possible

EMBA: Open-source security analyzer for embedded devices

The EMBA open-source security analyzer is tailored as the central firmware analysis tool for penetration testers and product security groups. It assists throughout the security evaluation procedure, extracting firmware, conducting static and dynamic an… Continue reading EMBA: Open-source security analyzer for embedded devices

What the food and building industry can teach us about securing embedded systems

As one of the leading experts in product security with over 15 years of experience in security engineering and 120 cybersecurity patents under his belt, Adam Boulton is one of the most experienced software security professionals in the industry. Curren… Continue reading What the food and building industry can teach us about securing embedded systems

Successful Hack of Time-Triggered Ethernet

Time-triggered Ethernet (TTE) is used in spacecraft, basically to use the same hardware to process traffic with different timing and criticality. Researchers have defeated it:

On Tuesday, researchers published findings that, for the first time, break TTE’s isolation guarantees. The result is PCspooF, an attack that allows a single non-critical device connected to a single plane to disrupt synchronization and communication between TTE devices on all planes. The attack works by exploiting a vulnerability in the TTE protocol. The work was completed by researchers at the University of Michigan, the University of Pennsylvania, and NASA’s Johnson Space Center…

Continue reading Successful Hack of Time-Triggered Ethernet

Embedded IoT security threats and challenges

IoT embedded systems combine hardware, firmware, and internet connectivity to carry out particular functions. These devices transfer real-time data via the internet for various purposes, including tracking, monitoring, and analysis. In this Help Net Se… Continue reading Embedded IoT security threats and challenges

Ubuntu Core 22: The secure, application-centric IoT OS is now available

Canonical announced that Ubuntu Core 22, the fully containerised Ubuntu 22.04 LTS variant optimised for IoT and edge devices, is now generally available for download. IoT manufacturers face complex challenges to deploy devices on time and within budget… Continue reading Ubuntu Core 22: The secure, application-centric IoT OS is now available

Embedded security market to reach $9 billion by 2027

The embedded security market size is projected to grow from $6.8 billion in 2022 to $9 billion by 2027; it is expected to grow at a CAGR of 5.9% from 2022 to 2027, according to MarketsandMarkets. The key factors contributing to the growth of the embedd… Continue reading Embedded security market to reach $9 billion by 2027

Intel chip flaw could enable attacks on laptops, cars, medical devices (CVE-2021-0146)

Researchers uncovered a vulnerability in Intel Processors that could affect laptops, cars and embedded systems. The flaw (CVE-2021-0146) enables testing or debugging modes on multiple Intel processor lines, which could allow an unauthorized user with p… Continue reading Intel chip flaw could enable attacks on laptops, cars, medical devices (CVE-2021-0146)