GhostWrite, a new CPU vulnerability, compromises the integrity of T-Head’s “XuanTie C910” RISC-V CPU. Discovered by CISPA researchers, GhostWrite grants unprivileged users read-and-write access to physical memory on the C910 #cpusecurity #cispa nachrichten.idw-online.de/2024/08/07/cpu…

Exciting work from my newest PhD Fabian Thomas! He just started at the beginning of the year, and this was his first project in his PhD. If you are Black Hat, don't miss his talk starting in 10 minutes!

A new critical CPU vulnerability is discovered: #GhostWrite. Affects T-Head XuanTie C910 RISC-V CPU. Allows reading and writing arbitrary physical memory. The only mitigation is disabling half of the instruction set; the performance penalty is up to 77%. ghostwriteattack.com

SCMagazine: A pair of researchers told #BHUSA attendees of a vulnerability they uncovered dubbed "GhostWrite," capable of allowing an attacker to pull memory contents from RISC-V International chips. #BlackHat2024 #cybersecurity #infosec #ITsecurity bit.ly/3yklRwx

Had a nice talk about #GhostWrite today together with @hetterichlorenz at #BHUSA. Our demos included reading arbitrary memory and escalating privileges. Further, we showed how #GhostWrite can interact with physical devices. Stay tuned for the recording. ghostwriteattack.com

Want to learn how to get root on the T-Head C910 #RISCV CPU within seconds? Visit our website ghostwriteattack.com covering the #GhostWrite vulnerability. #BlackHat #BHUSA

The first #DIMVA25 deadline is on December 4. Check out the CFP: dimva.org/dimva2025/

The first #ACSAC2024 #PaperPreview today is by Weber et al., who show that HW features can be used to stop #SideChannel #attacks almost immediately by monitoring the victim: openconf.org/acsac2024/modu… #cybersecurity Daniel Weber @____salmon____ Jan Reineke Michael Schwarz Cispa (degen)

Got some negative or unrealistic threat model results that still bring interesting insights? A side channel that requires root to leak something from the kernel? Reproducing prior work? Somewhat related to microarchitecture? Here's your venue: uasc.cc

Super excited to present our (L. Niemann, @____salmon____, Jan Reineke, Michael Schwarz) newest paper at #ACSAC2024! We show how modern CPU hardware can be leveraged to stop side-channel attacks almost instantly (~200 CPU cycles)! Code/Paper: github.com/cispa/IRQGuard

CFP for uASC 25 is still open. We have rolling reviews, and 1 submission is already accepted. If you have interesting results on microarchitecture security (incl. weak threat models or reproducing prior work), check out the CFP at uasc.cc The CFP closes **Jan 28**

The uASC registration is open now: uasc.cc Also the uASC deadline is approaching: January 27 AoE. We accept papers, posters, and talks. We have conference proceedings. We're interested in any insights broadly around microarchitecture security.

github.com/google/securit… Our newest research project is finally public! We can load malicious microcode on Zen1-Zen4 CPUs!

The second #DIMVA25 deadline is upcoming: February 12 AoE. If you're planning to submit a paper, register it already: dimva.org/dimva2025/ DIMVA has a great community and is quite visible: 3 out of my 10 top cited papers are DIMVA papers! Hope to see many of you in Austria!

Heading to Black Hat Asia now! Leon Trampert and I will give a briefing about deanonymizing users not only on the web but also in their email clients! #BHASIA

Leon Trampert and I just gave a talk at Black Hat Asia showing how CSS can be abused to deanonymize you when opening an email! cc: Black Hat #BHASIA25

✅ Write constant-time crypto code ☠️ Compiler introduces timing side-channels Do Compilers Break Constant-time Guarantees? fc25.ifca.ai/preproceedings… TL;DR: Yes!🥲 👏👏👏Great work Michael Schwarz & team!

I am chairing the second edition of the microarchitecture security conference (uASC'26). Paper deadline for the first cycle is July 15. Please spread the word, submit, and/or join us in charming Leuven in February 2026! More info: uasc.cc

Thrilled to present our (Lukas G., Leon Trampert ,Youheng L, Jo Van Bulck ,Michael Schwarz) newest paper ("SCASE: Automated Secret Recovery via Side-Channel-Assisted Symbolic Execution") at #USENIX Security this week! 1/n

Registration is open for MICSEC Winter School 2025 (Dec 1–5)! An incredible week in side-channel and microarchitectural security with talks and hands-on sessions from world-class experts. Register now: micsec.wp.imt.fr