CryptoManager

>CryptoManager

Matters of Import: The Ransomware Attack on San Diego and Barcelona

As society becomes more reliant on connectivity and more sophisticated technology, so do the means to take advantage of that connectivity and cause major disruption to essential services. While the Port of Barcelona has not reported significant disruptions to services, the Port of San Diego’s cybersecurity ransomware attack, which took place only five days later, has had impacts on public services. Such an attack continues to underscore the need for more cybersecurity measures.

No Need to Reinvent the Wheel: How Easy It Is to Build with RISC-V

The single software ecosystem built on the RISC-V standard allows for OEMs to bypass having to lock into a specific processer ecosystem. When an OEM chooses a particular processor type, it not only has to pay for that particular processor, but it has to continue to purchase from whichever company it purchased it processor from, leading to a market where profits are not driven by competition

A Foreshadowing of Another Exploit: The Appearance of the Foreshadow Attack

Dubbed “Foreshadow,” this speculative execution attack allows an attacker to steal sensitive information stored inside personal computers or third-party clouds. There are two versions: the original attack designed to extract data from  Software Guard Extensions (SGX) enclaves and a next-generation version that affects virtual machines (VM), hypervisors, operating system kernel memory, and System Management Mode (SMM) memory. SGX is a new feature in modern CPUs which allows computers to protect users’ data, even if the entire system falls under the attacker’s control.

Lowering Risks with RISC-V

Reduced Instruction Set Computing Five (RISC-V) is an open Instruction Set Architecture (ISA) designed with small, fast, and low-power real-world implementations in mind. It describes the way in which software talks to an underlying processor

A Rise in IoT Spending: Bain and Company’s Findings

According to a new report published by Bain and Company, the combined markets of the Internet of Things (IoT) will grow to about $520 billion in 2021, more than double the $235 billion spent in [...]

Data Breaches in Retail over the Last Two Years

Depending on the person doing the shopping, it can be either a relaxing or a stressful affair. The latter is certainly true for those who are concerned about security and personal information. Since January, 2017, [...]

The US Department of Homeland Security’s Guidelines for IoT Security

March of 2018 saw the United States Department of Defense (DoD) introduce a guidelines document through the Government Accountability Office (GAO) titled Enhanced Assessment and Guidance are Needed to Address Security Risks in DoD. Two [...]

Introducing the Rambus CryptoManager Root of Trust (CMRT)

Taking a closer look: The Rambus CMRT The recent Meltdown and Spectre vulnerabilities illustrate the critical need for a new generation of devices that execute sensitive security functions in a secure core which is physically [...]

Mind the gap (in security): The UK’s IoT guidelines

As part of its ongoing, five-year 1.9 billion pound security initiative, the United Kingdom (UK) government is planning to introduce new cybersecurity measures to better address Internet of Things (IoT) products that are online around [...]

Let’s talk about securing the edge

Earlier this month, Jeff Dorsch of Semiconductor Engineering wrote an article about securing the network edge. According to Dorsch, microcontrollers, sensors and other devices that “live” at the edge of the Internet must be protected [...]

The US SEC’s guidelines to IoT security

As discussed previously on Rambus Press, Internet of Things (IoT) devices typically have a number of vulnerabilities. Indeed, a United States Department of Defense report found that there is little to no incentive for IoT device [...]

The US DoD’s approach to IoT security

The United States Department of Defense (DoD) has identified several Internet of Things (IoT) scenarios that underscore the need for strong cybersecurity measures. One scenario, highlighted in a July 2017 report issued by the Government [...]

Living in a post-Meltdown and Spectre world

,

Paul Kocher talks Meltdown and Spectre Last month, SiFive hosted a seminar that featured senior Rambus technology advisor Paul Kocher. During the seminar, Kocher discussed a number of security related topics, including side-channel (SCA) differential [...]

Understanding consumer IoT risks

Consumer IoT components increasingly targeted by attackers Earlier this month, the National Institute of Standards and Technology (NIST) published a document titled “Draft Report on International IoT Cybersecurity Standardization (PDF).” The report – which examines [...]

Building practical IoT security to preempt tomorrow’s cyberattacks

On March 15th, ABI Research and Rambus will host a webinar titled “Building practical IoT security to preempt tomorrow’s cyberattacks.” The webinar will be presented by Michela Menting, Research Director at ABI Research and Asaf Ashkenazi, [...]

Rambus is @ MWC 2018!

, ,

MWC 2018 kicks off today in Barcelona! We’re at booth #7J31 (Hall 7) in the Fira Barcelona Gran Via, showcasing our CryptoManager IoT Security Service, Unified Payment Platform and a range of Smart Ticketing solutions. [...]

Rambus talks IoT security with Semiconductor Engineering

Chip-to-cloud security Kevin Fogarty of Semiconductor Engineering recently sat down with Asaf Ashkenazi, Rambus VP of IoT Security Products, to discuss security in the age of the Internet of Things. As Fogarty notes, Rambus is [...]

Rambus at CES 2018: Running with Cybertrust’s Hamon

Rambus and Cybertrust Corporation, a security services company based in Tokyo, will introduce a new user experience through the Rambus “CryptoManager™ IoT Security Service” and Cybertrust’s “Secure IoT Platform®” (SIOTP) for a wearable IoT total [...]

Siloing security: A response to Meltdown and Spectre

Earlier this week, Jann Horn of Google’s Project Zero published a detailed blog post titled “Reading privileged memory with a side-channel.” The post confirmed that CPU data cache timing can be exploited to efficiently leak [...]

Europe’s answer for IoT Security: Baseline security recommendations

While politicians in the United States have been discussing measures to tackle the oft-ignored but nevertheless growing issue of Internet of Things (IoT) security, similar measures are being discussed across the pond. On November, 2017, [...]

The Cyber Shield Act of 2017: A real solution to IoT security?

The 2010s have seen the internet manifest not only in phones, but in everyday products such as refrigerators, locks, thermostats, and even toys. However, with advances in technology comes more vulnerabilities. From glaring vulnerabilities in [...]

Cybertrust Japan selects Rambus CryptoManager IoT Security Service

Cybertrust Japan Co., Ltd, a subsidiary of SoftBank Technology Corp., has selected the Rambus CryptoManager IoT Security Service for its Cybertrust Secure IoT Platform, a comprehensive IoT platform-as-a-service (PaaS). As a leading provider of Public [...]

Rambus selects Codasip Studio for next-gen RISC-V security products

Next-gen Rambus RISC-V security products Last week, we confirmed the selection of Codasip Studio for the development of our next-generation RISC-V security products. According to Bret Sewell, SVP and general manager of the Rambus Security [...]

Rambus showcases IoT security and smart ticketing at Smart City Expo World Congress

,

We will be showcasing our CryptoManager IoT Security Service and smart ticketing solutions at the Smart City Expo World Congress on November 14-16, 2017, in Barcelona, Spain. Come visit us at booth #E545 (Hall 2) [...]

Securing the Industrial Internet of Things (IIoT)

Defining the IIoT Objects, sensors, actuators and controllers that were once designed for stand-alone operation are now increasingly connected by means of intelligent software and networks – forming the basis of the Industrial Internet of [...]

Rambus is @ escar Europe 2017

,

Written by Joe Gullo As we fast approach escar Europe in Berlin (November 7-8), our Rambus security team is reflecting on the continued and rapid evolution of the automotive space. For example, the trend towards [...]

Hack the planet: Security concerns about the IoT

IoT security concerns The 2010s has seen a proliferation of the Internet of Things (IoT) on a tremendous scale. According to Gartner, there are 8.4 billion smart devices in use in 2017, a number projected [...]

A holistic view of automotive security with FASTR and Rambus

Infographic: Opportunities for Research & Innovation The Future of Automotive Security Technology Research (FASTR) recently published an infographic that highlights its holistic view of vehicle security. As is illustrated in the infographic below, this includes [...]

IoT adoption outpaces security as cyber threats mount

The Internet Society (ISOC) has published a detailed report that highlights the “pressing need” for IoT security. According to the organization, connected devices add enormous complexity to an already complex security environment. Consequently, there is an [...]

The challenge of securing smart homes

Understanding smart homes Although there is little consensus regarding a specific definition, the “Internet of Things” generally refers to the multiple networks of devices (“things”) that communicate with each other via wired and wireless network [...]

The challenge of securing smart cities

Defining smart cities The U.S. Department of Homeland Security (DHS) defines smart cities as urban centers that integrate cyber-physical technologies and infrastructure to create environmental and economic efficiency while improving the overall quality of life. [...]

The importance of securing smart homes

Earlier this month, Rambus Sr. Director of Security Products Asaf Ashkenazi wrote an article for Semiconductor Engineering that discusses the importance of securing smart homes. As Ashkenazi notes, OEMs are inadvertently creating major security risks [...]

Rambus showcases IoT security, mobile payments and smart ticketing @ MWCA 2017

, ,

We will be showcasing our IoT security, mobile payment and smart ticketing solutions at Mobile World Congress Americas (MWCA 2017) in San Francisco on September 12-14, 2017. Come visit us at stand N.319 in Moscone’s [...]

Understanding the growing threat of medical cyberattacks

Depending on what you read or who you talk to, medical devices, along with hospital networks, fall into two categories: they are either woefully unprepared for a cyberattack, or designed and maintained by those who [...]

SiFive and Rambus to provide IP for the ‘DesignShare’ economy

SiFive has announced a collaborative partnership with Rambus. More specifically, the latter company’s security technology will be made available for use with SiFive’s Freedom platforms. This includes a hardware root-of-trust, cryptographic cores, key provisioning capabilities [...]

Can the IoT be immunized?

The Financial Times recently published an article that explores the dangers of an unsecured IoT ecosystem. As the article notes, human pandemics such as the Spanish Flu illustrate how poor cyber-health could potentially lead to a [...]

U.S. Senate legislation seeks to bolster federal IoT security

U.S. Sens. Mark R. Warner (D-VA) and Cory Gardner (R-CO), co-chairs of the Senate Cybersecurity Caucus, along with Sens. Ron Wyden (D-OR) and Steve Daines (R-MT), have introduced bipartisan legislation to bolster the security of [...]

British police official eyes security ratings for IoT-connected devices

A British police official has suggested that televisions, fridges and other internet-connected home appliances should carry a cyber security score alongside energy efficiency ratings. “Whenever you go into a store now you see fridges and [...]

Softbank Technology announces strategic IoT security partnership with Rambus

Softbank Technology, along with two of its subsidiaries, Cybertrust Japan and Miracle Linux Corporation, have announced a strategic partnership with Rambus. The partnership will see the three companies collaborate to bolster IoT security and device [...]

Devil’s Ivy haunts vulnerable IoT devices

Security researchers at Senrio have discovered a stack buffer overflow vulnerability (CVE-2017-9765) in the M3004 Axis Communications security camera. Dubbed “Devil’s Ivy,” the vulnerability, identified in an open source third-party code library, results in remote [...]

FBI expresses concern over Internet-connected toys

Privacy and safety risks The Federal Bureau of Investigation (FBI) has issued a public service announcement that encourages consumers to carefully consider cyber security before introducing smart, interactive, internet-connected toys into their homes. “Smart toys [...]

Encouraging IoT security adoption

Rambus Sr. Director of Security Products Asaf Ashkenazi recently wrote an article for Semiconductor Engineering about encouraging IoT security adoption. As Ashkenazi notes, everyone acknowledges that the clear majority of IoT devices are vulnerable and [...]

We need to talk about IoT security

Earlier this month, Sophos global head of security research James Lyne told ITProPortal that now is the time for tough, immediate action on dangerously unsafe IoT products. "We're absolutely in a world of release features, [...]

Ransomware could target connected vehicles

Jeff Plungis of Consumer Reports observes that the recent “WannaCry” ransomware attack highlights the digital vulnerabilities in our daily lives, including connected vehicles which increasingly rely on computer chips and more than 100 million lines [...]

U.S. Government Accountability Office highlights unsecured IoT risks

The United States Government Accountability Office (GAO) has published a detailed report that explores the rapidly evolving Internet of Things (IoT). As the report warns, the growing ubiquity and pervasive connectivity of IoT devices and [...]

U.S. firms confirm IoT security breaches

A new survey conducted by Altman Vilandrie & Company confirms that nearly half of U.S. firms using an Internet of Things (IoT) network have been hit by a recent security breach. According to the strategy [...]

Rambus and Synopsys deliver provisioning services for secure hardware modules

Rambus and Synopsys are collaborating to accelerate the adoption of advanced security platforms and technologies to protect valuable assets during key and device provisioning. In this context, Rambus will provide its CryptoManager infrastructure and key [...]

DesignNews highlights Rambus’ IoT Device Management

Earlier this month, Charles Murray of Design News sat down with Rambus Sr. Director of Security Products Asaf Ashkenazi to discuss the company’s recently launched IoT Device Management service. According to Ashkenazi, the service provides [...]

Is malware threatening the future of smart cities?

Writing for IBM’s Security Intelligence publication, Douglas Bonderud notes that the advantages of smart cities offset neither the potential security issues, nor the risk of connected devices and vehicles as unwitting malware carriers. “While it’s [...]

Rambus talks IoT Device Management at IoT World 2017

Last week, Rambus Sr. Director of Security Products Asaf Ashkenazi gave a presentation about enabling cost effective connected device security at IoT World 2017 in Santa Clara. According to Ashkenazi, there are a number of [...]