InfoSecBulletin Cybersecurity for mankind
“At the upcoming Black Hat cybersecurity conference in Las Vegas, Sam Beaumont and Larry ‘Patch’ Trowell from NetSPI, a security firm, will showcase their new laser hacking device, the RayV Lite.
They intend to release the design and component list of their tool as open source, enabling anyone to access laser-based techniques for reverse engineering chips, exploiting vulnerabilities, and uncovering secrets. These methods were historically limited to researchers affiliated with well-funded companies, academic labs, and government agencies.”
FBI investigating cyberattack at Oracle, Bloomberg News reports
OpenAI Offering $100K Bounties for Critical Vulns
Splunk Alert User RCE and Data Leak Vulns
CIRT alert Situational Awareness for Eid Holidays
Cyberattack on Malaysian airports: PM rejected $10 million ransom
Micropatches released for Windows zero-day leaking NTLM hashes
VMware Patches Authentication Bypass Flaw in Windows Tool
IngressNightmare
Over 40% of cloud environments are vulnerable to RCE
(CVE-2025-29927)
Urgently Patch Your Next.js for Authorization Bypass
Oracle refutes breach after hacker claims 6 million data theft
Advanced tools for using light for hacking, like the Riscure Laser Station, usually cost around $150,000, and even cheaper versions are close to $10,000. However, Beaumont and Trowell managed to build their own for less than $500 using 3D printing and affordable parts.
The creators aim to show that laser-based hacking techniques are more accessible than many hardware designers think. They want to make it clear that these methods are now more affordable and practical. They hope to give DIY hackers and researchers a new tool while also pushing hardware manufacturers to improve their product’s security against this type of hacking.
The RayV Lite was created by Beaumont and Trowell with a focus on two laser hacking methods. One method, called laser fault injection (LFI), involves using a short burst of light to disrupt the charges of a processor’s transistors. This can cause the bits to change from 1 to 0 or vice versa. By carefully triggering these bit flips, more significant effects can occur. For example, Beaumont tested an automotive chip and discovered that glitching the chip with a laser at a specific moment can bypass a security check that protects the chip’s firmware. This leaves the chip vulnerable and allows her to scan its code for potential weaknesses.
Cryptocurrency wallets can also be vulnerable to LFI, which involves glitching the chip when it asks for a PIN to unlock the cryptographic key and access the owner’s funds. “You take the chip off the crypto wallet, hit it with a laser at the right time, and it will just assume you have the PIN,” says Trowel. “It just jumps through the instructions and gives the key back.”
Laser logic state imaging is a hacking technique that involves using a laser to surveil a chip’s architecture and activity in real time. By bouncing laser light off the chip and analyzing the results, hackers can map out the physical layout of the processor and access sensitive data that the chip is handling. This technique often involves the use of machine learning tools. Full report here.
Source: :Wired
