Using a hardware security device (e.g. USB cryptowallet)? You’ll probably want to check if any updates are available…:
The duo, made up by Gabriel Campana and Jean-Baptiste Bédrune, said they reported the findings to the HSM maker, which “published firmware updates with security fixes.”
The two did not name the vendor, but the team behind the Cryptosense security audit software pointed out that the vendor may be Gemalto, which issued a security update last month for its Sentinel LDK, an API for managing hardware keys on HSM components.
Here is the original paper (in french) for this talk: https://t.co/WpMn6ogrSG The HSM vendor is not disclosed, but its SDK apparently uses a struct named CK_BIP32_CHILD_DERIVE_PARAMS… https://t.co/IFABDlCwFx
— sam280 (@sam280) June 7, 2019