Researchers disclose major vulnerabilities in HSMs (Hardware Security Modules).
Two security researchers have recently revealed vulnerabilities that can be exploited remotely to retrieve sensitive data stored inside special computer components known as HSMs (Hardware Security Modules).
HSMs are hardware-isolated devices that use advanced cryptography to store, manipulate, and work with sensitive information such as digital keys, passwords, PINs, and various other sensitive information.
In the real world, they can take the form of add-in computer cards, network-connectable router-like devices, or USB-connected thumb drive-like gadgets. They are usually used in financial institutions, government agencies, data centers, cloud providers, and telecommunications operators.
While they've been a niche hardware component for almost two decades, they are now more common than ever, as many of today's "hardware wallets" are, basically, fancily-designed HSMs.
Remote attack discovered in one HSM brand
At a security conference in France this past week, two security researchers from
hardware wallet maker Ledger have disclosed details about several vulnerabilities in the HSM of a major vendor.
... ...
