In recent years, we have seen a significant rise in attacks on firmware. A survey conducted by Microsoft concluded that in the last four years, there has been a 500% increase in reported firmware attacks, and 83% of surveyed businesses reported...
We talk about buffer overflows a lot. So much so, it almost seems silly to be writing another article dedicated to this software vulnerability. But, it’s worth driving the point home: buffer overflows are one of the most dangerous software...
In March 2021, Arm announced the release of its new Armv9 architecture. The first new architecture in a decade, Armv9 includes new security features—from compartmentalization to memory safety to pointer authentication.
The ever-expanding universe of cybersecurity threats plaguing embedded systems today is only getting more dangerous, costly, and pervasive with every year that passes.
The threat universe for embedded systems is seemingly endless. To try to make sense of it all, we turn to MITRE’s CWE database. It’s a publicly-available, community-developed list of software and hardware weaknesses. Its purpose is to serve as...
In order to make sense of the many threats plaguing embedded systems today, we turn to MITRE’s Common Weakness Enumeration (CWE) database. This database serves as a tool to help categorize the tens of thousands of common vulnerabilities and...
In order to understand the many potential cyberattacks that threaten you and your organization, we turn to MITRE’s Common Weakness Enumeration (CWE) database as a key first step.
Compartmentalization is one of the seven layers in the Cybersecurity Stack. It works by separating data and software on a processor into different compartments to effectively limit the scope of damage of potential cyberattacks only to the...
In January 2021, a major buffer overflow vulnerability, impacting a large chunk of the Linux ecosystem, was discovered in the sudo application by security auditing firm, Qualys. The vulnerability, known widely as “Baron Samedit,” received a CVE...
Solving the problem of how to prevent cyberattacks has been a priority even before the first internet-born cyberattack, the Morris Worm. It was a buffer overflow attack that spread rapidly and became a viral denial of service attack and it was...