Wanted Bugs- Dead or Alive Reward- $3,000 to $100,000

Can you believe it?  There are big bucks rewards for catching, capturing, and turning in villains we’ve come to know as software bugs and vulnerabilities. Yes, that’s right, Big Bucks, according to Margaret Rouse who writes [...]

2018 Top IT Security Stories, Meltdown and Spectre at the Top

Meltdown and Spectre microprocessor vulnerabilities took top billingin’s top 10 IT security stories of 2018. Discovery of these and several similar vulnerabilities “were probably the single most challenging developments for enterprise IT security teams” [...]

Is Hardware-Based Security The Right Answer to Cloud Security?

Without question, today, there is considerable focus on securing the Cloud. This is especially true for virtualization systems, which have played a major role in creating cloud computing. However, the downsides to virtualization involve security [...]

Protecting Wi-Fi chipsets with hardware-based security cores

Embedi security researcher Denis Selianin recently disclosed a slew of major vulnerabilitiesthat impacted one of the most popular Wi-Fi chipsets on the market. According to various media reports, the affected SoC can be found in [...]

The Next Vulnerability: Looking Back on Meltdown and Spectre One Year Later

By Paul Kocher, Senior Technology Advisor, Rambus Around this time last year, two vulnerabilities known as Meltdown and Spectre became public. Discovered independently by multiple research teams, each flaw exposed critical vulnerabilities across a wide [...]

Are Tried and True Encryption Standards Going by the Wayside?

Michael Cobb, certified information systems security professional – information systems security architecture professional (CISSP – ISSAP), is regarded as a top security expert and is a published author of many security papers. In his most [...]

India Tech Pursues RISC-V ISA

EE Times India reports that the RISC-V instruction set architecture (ISA) has made significant progress in that country. It says that researchers at Indian Institute of Technology, Madras (IIT-M) have designed and booted up India’s first [...]

Micron Taps CryptoManager Platform for Secure Provisioning To Authenta Technology

The latest news coming out of the security world is the link up of Micron’s Authenta™ secure memory product and Rambus’s CryptoManager™ infrastructure to add greater protection for industrial IoT devices, as well as medical, [...]

Rambus Highlights CryptoManager Root of Trust At RISC V Summit -2018

We will be showcasing our CryptoManager Root of Trust at the RISC-V Summit on December 3-6,2018, at the Santa Clara Convention Center.. CryptoManager Root of Trust is a fully programmable root of trust core that [...]

A Potential Measure against Side Channel Attacks with DPASL

With the proliferation of connected devices and the sensitive data they produce comes a significant challenge for manufacturers seeking to comprehensively protect their devices from exploits and attacks. As devices and services get more sophisticated [...]

Matters of Import: The Ransomware Attack on San Diego and Barcelona

Our world is growing increasingly connected, and while most people have reaped the benefits of interconnectivity, ranging from social networks to Internet of Things (IoT) devices, the lack of security features that scale with the [...]

No Need to Reinvent the Wheel: How Easy It Is to Build with RISC-V

The single software ecosystem built on the RISC-V standard allows for OEMs to bypass having to lock into a specific processer ecosystem. When an OEM chooses a particular processor type, it not only has to pay for that particular processor, but it has to continue to purchase from whichever company it purchased it processor from, leading to a market where profits are not driven by competition

A Foreshadowing of Another Exploit: The Appearance of the Foreshadow Attack

Dubbed “Foreshadow,” this speculative execution attack allows an attacker to steal sensitive information stored inside personal computers or third-party clouds. There are two versions: the original attack designed to extract data from  Software Guard Extensions (SGX) enclaves and a next-generation version that affects virtual machines (VM), hypervisors, operating system kernel memory, and System Management Mode (SMM) memory. SGX is a new feature in modern CPUs which allows computers to protect users’ data, even if the entire system falls under the attacker’s control.

Lowering Risks with RISC-V

Reduced Instruction Set Computing Five (RISC-V) is an open Instruction Set Architecture (ISA) designed with small, fast, and low-power real-world implementations in mind. It describes the way in which software talks to an underlying processor

A Rise in IoT Spending: Bain and Company’s Findings

According to a new report published by Bain and Company, the combined markets of the Internet of Things (IoT) will grow to about $520 billion in 2021, more than double the $235 billion spent in [...]

Data Breaches in Retail over the Last Two Years

Depending on the person doing the shopping, it can be either a relaxing or a stressful affair. The latter is certainly true for those who are concerned about security and personal information. Since January, 2017, [...]

The US Department of Homeland Security’s Guidelines for IoT Security

March of 2018 saw the United States Department of Defense (DoD) introduce a guidelines document through the Government Accountability Office (GAO) titled Enhanced Assessment and Guidance are Needed to Address Security Risks in DoD. Two [...]

Introducing the Rambus CryptoManager Root of Trust (CMRT)

Taking a closer look: The Rambus CMRT The recent Meltdown and Spectre vulnerabilities illustrate the critical need for a new generation of devices that execute sensitive security functions in a secure core which is physically [...]

Mind the gap (in security): The UK’s IoT guidelines

As part of its ongoing, five-year 1.9 billion pound security initiative, the United Kingdom (UK) government is planning to introduce new cybersecurity measures to better address Internet of Things (IoT) products that are online around [...]

Let’s talk about securing the edge

Earlier this month, Jeff Dorsch of Semiconductor Engineering wrote an article about securing the network edge. According to Dorsch, microcontrollers, sensors and other devices that “live” at the edge of the Internet must be protected [...]

The US SEC’s guidelines to IoT security

As discussed previously on Rambus Press, Internet of Things (IoT) devices typically have a number of vulnerabilities. Indeed, a United States Department of Defense report found that there is little to no incentive for IoT device [...]

The US DoD’s approach to IoT security

The United States Department of Defense (DoD) has identified several Internet of Things (IoT) scenarios that underscore the need for strong cybersecurity measures. One scenario, highlighted in a July 2017 report issued by the Government [...]

Living in a post-Meltdown and Spectre world


Paul Kocher talks Meltdown and Spectre Last month, SiFive hosted a seminar that featured senior Rambus technology advisor Paul Kocher. During the seminar, Kocher discussed a number of security related topics, including side-channel (SCA) differential [...]

Understanding consumer IoT risks

Consumer IoT components increasingly targeted by attackers Earlier this month, the National Institute of Standards and Technology (NIST) published a document titled “Draft Report on International IoT Cybersecurity Standardization (PDF).” The report – which examines [...]

Building practical IoT security to preempt tomorrow’s cyberattacks

On March 15th, ABI Research and Rambus will host a webinar titled “Building practical IoT security to preempt tomorrow’s cyberattacks.” The webinar will be presented by Michela Menting, Research Director at ABI Research and Asaf Ashkenazi, [...]

Rambus is @ MWC 2018!

, ,

MWC 2018 kicks off today in Barcelona! We’re at booth #7J31 (Hall 7) in the Fira Barcelona Gran Via, showcasing our CryptoManager IoT Security Service, Unified Payment Platform and a range of Smart Ticketing solutions. [...]

Rambus talks IoT security with Semiconductor Engineering

Chip-to-cloud security Kevin Fogarty of Semiconductor Engineering recently sat down with Asaf Ashkenazi, Rambus VP of IoT Security Products, to discuss security in the age of the Internet of Things. As Fogarty notes, Rambus is [...]

Rambus at CES 2018: Running with Cybertrust’s Hamon

Rambus and Cybertrust Corporation, a security services company based in Tokyo, will introduce a new user experience through the Rambus “CryptoManager™ IoT Security Service” and Cybertrust’s “Secure IoT Platform®” (SIOTP) for a wearable IoT total [...]

Siloing security: A response to Meltdown and Spectre

Earlier this week, Jann Horn of Google’s Project Zero published a detailed blog post titled “Reading privileged memory with a side-channel.” The post confirmed that CPU data cache timing can be exploited to efficiently leak [...]

Europe’s answer for IoT Security: Baseline security recommendations

While politicians in the United States have been discussing measures to tackle the oft-ignored but nevertheless growing issue of Internet of Things (IoT) security, similar measures are being discussed across the pond. On November, 2017, [...]

The Cyber Shield Act of 2017: A real solution to IoT security?

The 2010s have seen the internet manifest not only in phones, but in everyday products such as refrigerators, locks, thermostats, and even toys. However, with advances in technology comes more vulnerabilities. From glaring vulnerabilities in [...]

Cybertrust Japan selects Rambus CryptoManager IoT Security Service

Cybertrust Japan Co., Ltd, a subsidiary of SoftBank Technology Corp., has selected the Rambus CryptoManager IoT Security Service for its Cybertrust Secure IoT Platform, a comprehensive IoT platform-as-a-service (PaaS). As a leading provider of Public [...]

Rambus selects Codasip Studio for next-gen RISC-V security products

Next-gen Rambus RISC-V security products Last week, we confirmed the selection of Codasip Studio for the development of our next-generation RISC-V security products. According to Bret Sewell, SVP and general manager of the Rambus Security [...]

Rambus showcases IoT security and smart ticketing at Smart City Expo World Congress


We will be showcasing our CryptoManager IoT Security Service and smart ticketing solutions at the Smart City Expo World Congress on November 14-16, 2017, in Barcelona, Spain. Come visit us at booth #E545 (Hall 2) [...]

Securing the Industrial Internet of Things (IIoT)

Defining the IIoT Objects, sensors, actuators and controllers that were once designed for stand-alone operation are now increasingly connected by means of intelligent software and networks – forming the basis of the Industrial Internet of [...]

Rambus is @ escar Europe 2017


Written by Joe Gullo As we fast approach escar Europe in Berlin (November 7-8), our Rambus security team is reflecting on the continued and rapid evolution of the automotive space. For example, the trend towards [...]

Hack the planet: Security concerns about the IoT

IoT security concerns The 2010s has seen a proliferation of the Internet of Things (IoT) on a tremendous scale. According to Gartner, there are 8.4 billion smart devices in use in 2017, a number projected [...]

A holistic view of automotive security with FASTR and Rambus

Infographic: Opportunities for Research & Innovation The Future of Automotive Security Technology Research (FASTR) recently published an infographic that highlights its holistic view of vehicle security. As is illustrated in the infographic below, this includes [...]

IoT adoption outpaces security as cyber threats mount

The Internet Society (ISOC) has published a detailed report that highlights the “pressing need” for IoT security. According to the organization, connected devices add enormous complexity to an already complex security environment. Consequently, there is an [...]

The challenge of securing smart homes

Understanding smart homes Although there is little consensus regarding a specific definition, the “Internet of Things” generally refers to the multiple networks of devices (“things”) that communicate with each other via wired and wireless network [...]

The challenge of securing smart cities

Defining smart cities The U.S. Department of Homeland Security (DHS) defines smart cities as urban centers that integrate cyber-physical technologies and infrastructure to create environmental and economic efficiency while improving the overall quality of life. [...]

The importance of securing smart homes

Earlier this month, Rambus Sr. Director of Security Products Asaf Ashkenazi wrote an article for Semiconductor Engineering that discusses the importance of securing smart homes. As Ashkenazi notes, OEMs are inadvertently creating major security risks [...]

Rambus showcases IoT security, mobile payments and smart ticketing @ MWCA 2017

, ,

We will be showcasing our IoT security, mobile payment and smart ticketing solutions at Mobile World Congress Americas (MWCA 2017) in San Francisco on September 12-14, 2017. Come visit us at stand N.319 in Moscone’s [...]

Understanding the growing threat of medical cyberattacks

Depending on what you read or who you talk to, medical devices, along with hospital networks, fall into two categories: they are either woefully unprepared for a cyberattack, or designed and maintained by those who [...]

SiFive and Rambus to provide IP for the ‘DesignShare’ economy

SiFive has announced a collaborative partnership with Rambus. More specifically, the latter company’s security technology will be made available for use with SiFive’s Freedom platforms. This includes a hardware root-of-trust, cryptographic cores, key provisioning capabilities [...]

Can the IoT be immunized?

The Financial Times recently published an article that explores the dangers of an unsecured IoT ecosystem. As the article notes, human pandemics such as the Spanish Flu illustrate how poor cyber-health could potentially lead to a [...]

U.S. Senate legislation seeks to bolster federal IoT security

U.S. Sens. Mark R. Warner (D-VA) and Cory Gardner (R-CO), co-chairs of the Senate Cybersecurity Caucus, along with Sens. Ron Wyden (D-OR) and Steve Daines (R-MT), have introduced bipartisan legislation to bolster the security of [...]

British police official eyes security ratings for IoT-connected devices

A British police official has suggested that televisions, fridges and other internet-connected home appliances should carry a cyber security score alongside energy efficiency ratings. “Whenever you go into a store now you see fridges and [...]

Softbank Technology announces strategic IoT security partnership with Rambus

Softbank Technology, along with two of its subsidiaries, Cybertrust Japan and Miracle Linux Corporation, have announced a strategic partnership with Rambus. The partnership will see the three companies collaborate to bolster IoT security and device [...]

Devil’s Ivy haunts vulnerable IoT devices

Security researchers at Senrio have discovered a stack buffer overflow vulnerability (CVE-2017-9765) in the M3004 Axis Communications security camera. Dubbed “Devil’s Ivy,” the vulnerability, identified in an open source third-party code library, results in remote [...]