🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

I am basically giving away 30 #PicoGlitcher because of a manufacturing error. This is the cheapest way to get into voltage glitching: tindie.com/products/fault…

Released new version of #findus: - Fixed schematics for Pico Glitcher v2.3 (latest hardware version is now 2.4) - Fixed Pico Glitcher firmware to support hardware version 2.3 and later - full release notes: github.com/MKesenheimer/f…

#findus version 1.7.0 released: - Reworked the power-cycling methods - Now the pulse-shaping stage (also the multiplexing stage) can be used to power-cycle the target - Added methods to control the output of the pulse-shaping stage when not glitching github.com/MKesenheimer/f…

This is how it looks if research is done with the #PicoGlitcher on two targets simultaneously :D

New version of #findus and #PicoGlitcher released: - Added functions to re-initialize the Pico Glitcher during a run - Removed unnecessary code - Added a function to switch to a different statemachine on the RP2030. github.com/MKesenheimer/f…

I’m working on voltage glitching the Trezor One crypto wallet with the latest firmware installed. I can get down to RDP-0 from RDP-2 and read out the complete flash memory and potentially the recovery keys. Performed with the #PicoGlitcher.

#findus 1.10.4 released - Added a function to generate heat maps with the analyzer tool. This is helpful to search for hotspots in the parameter space. For example: ``` analyzer --directory databases --auto-update 60 --heatmap --x-bins 15 --y-bins 15 ```

My colleague Matthias Kesenheimer was successful with some more voltage glitching and electromagnetic fault injection attacks and published one security advisory for the STM32L051 and one for the nRF54L15 today. You can find a short German blog article here: syss.de/pentest-blog/f…

The two security advisories SYSS-2025-022 and SYSS-2025-033 are available here: syss.de/fileadmin/doku… syss.de/fileadmin/doku… And I also recommend checking out his fault injection project with Pico Glitcher and findus: fault-injection-library.readthedocs.io/en/stable/

#findus 1.11.0 released: - Added a function to generate two fully configurable pulses with the crowbar stage (arm_double) - This could be used to double-glitch a target - configuration is similar as for the multiplexing method github.com/MKesenheimer/f…

As announced yesterday, the blog article by my colleagues Stefan Walter and Daniel Isern with further technical details concerning the Windows SMB security vulnerability CVE-2025-33073 is now published. blog.syss.com/posts/kerberos…

Florian Roth ⚡️ Here is yet another blog article about CVE-2025-33073: blog.syss.com/posts/kerberos…

Today I sold the 300. Pico Glitcher! Thank you for all the support and the interest in this product! This device proofed to be useful in so many fault injection attempts. I am working with it nearly every day and still improving it. tindie.com/products/fault…

A new tech blog article by my colleague Matthias Kesenheimer about an electromagnetic fault injection attack against an nRF54L15 by Nordic Semiconductor is now also online. If you want to know more about EMFI or the security issue SYSS-2025-022 have a look: blog.syss.com/posts/nrf54-em…

Two blog articles about fault injection vulnerabilities of the nRF54L15 and the stm32l051 released: blog.syss.com/posts/voltage-… blog.syss.com/posts/nrf54-em… Check them out!

COROS has confirmed a substantial set of security vulnerabilities, impacting not just the watch, but COROS online account as well. These were initially spotted by security researcher Moritz Abrell and I've confirmed they impact all devices. Full details: dcrainmaker.com/2025/06/coros-…

There is a great YouTube video by Ray Maker about this issue now! Thanks for bringing attention to this very nice work by my colleague. youtube.com/watch?v=Iqd6sq…

Introduction to Voltage Glitching (STM32L051 microcontroller) blog.syss.com/posts/voltage-… Credits Matthias Kesenheimer #hardware #infosec

Good news! I was invited as a speaker at this year’s conference Hacktivity in Budapest: hacktivity.com I will speak about my recent research on voltage glitching the STM32L05 and electromagnetic fault-injection of the nRF54L15. Hope to see you there!

Holiday sale! The #PicoGlitcher is for sale for the next three weeks. Use code 330A3E30 to get 10% off. tindie.com/products/fault…