CWE 1240, a top 2021 Hardware CWE deals with using risky cryptographic primitives. Read More
Featured
CWE 1240: Risky Crypto
Featured
CWE 1231: Improper Prevention of Lock Bit Modification
In this video Josh discusses what this lock bit could do and provides a RISCV example as well. Read More
Featured
CWE 1191: On-Chip Debug and Test Interface With Improper Access Control
In this video we discuss CWE 1191: On-Chip Debug and Test Interface With Improper Access Control. Read More
Featured
CWE 1189: Improper Isolation of Shared Resources on a System-on-Chip (SoC)
osh discusses the Most Important Hardware Weaknesses of 2021. In this video he goes over CWE 1189, Improper Isolation of Shared Resources on System-on-a-Chip (SoC). Read More
Featured
Toorcon: San Beagle eCTF
CTF at Toorcon is next week! Check it out at advsec.io/ctf. Read More
Featured
Season 1 Episode 4 of Bytes, Boards, and Books
In this video, I go over my favorite and not-so-favorite RISCV dev boards and RISCV books. Not surprisingly, the best boards IMHO are coming from SiFive right now. Read More
Featured
Security Logging and Monitoring in the IoT
Insufficient logging and monitoring have been on the OWASP Top 10 for some time now, but is this applicable to IoT deployments as well as web apps? Read More
Featured
Sniffing TPM Buses: All the Kids Are Doing it Now
A few weeks ago there was a blog post about sniffing the SPI bus that had a TPM to decrypt a bit locker-encrypted laptop. Reactions ranged the typical response on the classic watering holes. Read More
Featured
Advanced Security Intro to Hardware Hacking and Reverse Engineering Preview
In this video Josh gives a small taste of what you can expect in the Introduction to Hardware Hacking and Reverse Engineer Course at Advanced Security. Specifically, he shows the run-time interpreter used to directly PEEK and POKE memory address. Read More
Featured
What is PKCS#11, why does it suck, and why will you keep using it?
In this video, Josh discusses about the PKCS#11 standard. Read More