November 14, 2023 at 02:27PM Researchers from the CISPA Helmholtz Center for Information Security have discovered a new software fault attack called CacheWarp that targets AMD’s Secure Encrypted Virtualization (SEV) technology. The attack exploits a vulnerability in SEV to infiltrate encrypted virtual machines and achieve privilege escalation. AMD has released a microcode update to address … Read more
October 30, 2023 at 05:56PM A security researcher has published a proof-of-concept exploit for Wyze Cam v3 devices, allowing attackers to take control of vulnerable cameras. The exploit takes advantage of two flaws in the firmware, enabling remote code execution and the ability to overwrite stack memory. Wyze has released a firmware update to address … Read more
October 24, 2023 at 05:48PM Researchers from ETH Zurich have developed Cascade, a novel fuzzer designed to find bugs in RISC-V chips. Unlike other fuzzers, Cascade constructs long random programs that manage the control flow during execution, allowing for more thorough testing of the silicon. It was able to find 37 new bugs in six … Read more