What if a hacker could gain total control of your smartphone, not via malware, but the hardware itself? The @DonjonLedger discovered a potentially unpatchable flaw impacting MediaTek Dimensity 7300 - a popular Android phone SoC - enabling arbitrary code execution in minutes.

The absolute highlight? An exclusive tour of the *Ledger Donjon* 🛡️. This is Ledger's top-secret lab where their white-hat hackers relentlessly attack their own hardware (and competitors') using side-channel attacks, fault injection, and more. Their goal: Find vulnerabilities

Struggling to explore waveforms with millions of points? Discover TurboPlot ⚡ 👉 https://t.co/8qtvylIaCY

🚨At Ledger Donjon, we don’t just secure our own products, we help make the entire crypto ecosystem safer. As part of our ongoing security research and responsible disclosure efforts, we identified an important vulnerability in Tangem’s Android app. 👇🧵

Security leaves no room for error, a single variable mishandled, and the entire security model can collapse. We're excited to share an illustration of this through our recent research on the Tangem card. Big thanks to the @Tangem team for their responsiveness and collaboration!

DevOps practices are all well and good, but beware of the configuration of the tools that access your production. Find out more about Argo CD misconfiguration in this new blog post. ⏬ https://t.co/56FTTAuR3C #argocd #security #devops #devsecops

Last week at @hardwear_io NL 2024, we showcased some of our attack tools we use in the Donjon, and a live demo of a double fault injection ⚡️⚡️ with the transportable laser bench! Our tools are open-source and presented on our webpage: https://t.co/ulu1YsAxZu

🔬 Live Fault Injection Demonstration! Join @mickm111 at #hw_ioNL2024 as he showcases lightweight test bench utilizing laser injection and simple optical hardware. See fault injection methodology in action 🤓⚙️ 👉 https://t.co/aHPpdlCpST #faultinjection #hardware #donjon

This week the Donjon brought its transportable laser bench to the https://t.co/xrCRQEAv2a conference in Rennes by train 🚄. A proof that a functional Laser Fault Injection bench is not that impossible to see anywhere. Next step in the Village @hardwear_io NL 2024 conference!

During next @hardware_io conference, @DonjonLedger will showcase tools developed and used for Fault Injection Attacks! Pass by in the Village to see a part of our Tool Suite: Scaffold, Silicon Toaster, Laser Studio, QuickLog, Curmea… operating on our transportable laser bench!

Ledger will be in Nashville for @TheBitcoinConf this week! We’re eager to spend a week fully immersed in the Bitcoin world, with leading speakers, educators, and inspiring keynotes. Stay tuned for an exciting announcement of our own! Scroll down to learn more about how you can

Exciting news from @DonjonLedger! Introducing cargo-checkct, our cutting-edge tool to protect against timing attacks. Curious about what timing attacks are & why typical solutions don’t quite cut it in crypto? Dive into our latest article to learn more!

We are thrilled to have open-sourced cargo-checkct, to help bridge the gap between academic research and industry practices for the early detection of timing vulnerabilities in cryptography libraries. Read more about it in our blog post.

Don't let the bull run away with your beer, catch it with NanOpener - the bulles market's best friend! https://t.co/YkIWHPm7dT

The wait is officially OVER. Our brand new #ledgerplex in @thesandboxgame is live! Let the learning commence!

Ever wondered about the basics of side-channel attacks? In the late @MISCRedac edition (in French), you can learn the underlying principles of such threats, and discover how to use our 🌈 Rainbow tool to assess the security of your code!

Olivier will be present in https://t.co/QsHhtdEuyU next week to present his huge work on the ATECC608B: a Triple Exploit Chain done with our laser benches in the @DonjonLedger! #hw_ioNL2023 #hardwaresecurity #Conference

The video of the presentation on the hardware vulnerability identification (T-test) and exploitation (double laser fault injection) is finally out! You can view it there: https://t.co/mHwhM2YSTA

"Security is not static, it is a journey - you always try to break your own product, and that forms the foundation of what you are going to work on next." -@p3b7_ Check out @danheld's security journey to the @donjonledger with our CTO @p3b7_.

Podcast 🎙️ The Laws of Stan - Understanding the Mathematics behind Blockchain https://t.co/Y4CHWYnzMk