InfoSec Faculty @ #CISPA. Side-channel attacks. Exploiting microarchitectures. #Meltdown #Spectre #ZombieLoad #SGX #JavaScript #Rowhammer
Joined March 2014
- Tweets 690
- Following 456
- Followers 7,181
- Likes 2,248
45 Photos and videos
Pinned Tweet
9 Jan 2024
Getting tenure was a great journey. I want to thank my students, collaborators, and colleagues for their help! This wouldn't have been possible without them.
19
1
70
8,758
Michael Schwarz retweeted
Apr 17
After an embargo of 256 days, I'm happy to reveal our newest work: we present TREVEX, a black-box CPU fuzzer that detects transient execution vulnerabilities in an automated manner. Running TREVEX on AMD, Intel, and Zhaoxin CPUs discovered multiple new CPU vulnerabilities!
1
63
316
30,216
Michael Schwarz retweeted
Jan 15
New StackWarp Attack Threatens Confidential VMs on AMD Processors securityweek.com/new-stackwa…
7
4
1,772
Michael Schwarz retweeted
Jan 15
We're [1] disclosing StackWarp, a CPU vulnerability allowing complete AMD SEV VM takeovers!
The project was lead by @Rayiizzz, who is also on the academic job market, so hit him up if u want research like this on your campus!
[1] @Rayiizzz, T. Hornetz, me, @fth0mas, @misc0110
1
4
7
989
Jan 15
StackWarp: A new CPU vulnerability affecting AMD SEV-SNP (Zen 1-5). A malicious host can manipulate the stack pointer inside the confidential virtual machine, breaking integrity and confidentiality guarantees.
/cc @Rayiizzz
stackwarpattack.com/
9
46
4,368
Michael Schwarz retweeted
Jan 15
Today we reveal StackWarp: a new CPU vulnerability exploiting a synchronization bug in AMD’s stack engine across Zen 1–5 CPUs. It enables deterministic manipulation of Confidential VM's stack pointer, allowing RCE and privilege escalation via both control- and data-flow hijacking
16
176
1,355
150,080
Michael Schwarz retweeted
Jan 15
New StackWarp Attack Threatens Confidential VMs on AMD Processors: Researchers have disclosed technical details on a new AMD processor attack that allows remote code execution inside confidential VMs.
The post New StackWarp Attack Threatens… securityweek.com/new-stackwa…
2
229
Michael Schwarz retweeted
Jan 14
I‘ll be joining the Microarchitecture Security Conference (uasc) in Leuven this February - come by and say hello. 👋
4
2
14
893
8 Sep 2025
Registration is open for MICSEC Winter School 2025 (Dec 1–5)!
An incredible week in side-channel and microarchitectural security with talks and hands-on sessions from world-class experts.
Register now: micsec.wp.imt.fr/
2
464
Michael Schwarz retweeted
12 Aug 2025
Thrilled to present our (Lukas G., @LTrampert ,Youheng L, @jovanbulck ,@misc0110) newest paper ("SCASE: Automated Secret Recovery via Side-Channel-Assisted Symbolic Execution") at #USENIX Security this week!
1/n
2
3
7
646
Michael Schwarz retweeted
20 May 2025
I am chairing the second edition of the microarchitecture security conference (uASC'26). Paper deadline for the first cycle is July 15. Please spread the word, submit, and/or join us in charming Leuven in February 2026! More info: uasc.cc
1
7
15
1,525
Michael Schwarz retweeted
23 Apr 2025
✅ Write constant-time crypto code
☠️ Compiler introduces timing side-channels
Do Compilers Break Constant-time Guarantees?
fc25.ifca.ai/preproceedings/…
TL;DR: Yes!🥲
👏👏👏Great work @misc0110 & team!
ALT oh yeah, oh no meme. oh yeah: "Implementing constant-time crypto algorithm." oh no: "Compiler introduces timing side-channels."
1
7
22
1,768
Michael Schwarz retweeted
3 Apr 2025
@LTrampert and I just gave a talk at Black Hat Asia showing how CSS can be abused to deanonymize you when opening an email!
cc: @BlackHatEvents #BHASIA25
1
1
1
328
Michael Schwarz retweeted
30 Mar 2025
Heading to Black Hat Asia now! @LTrampert and I will give a briefing about deanonymizing users not only on the web but also in their email clients! #BHASIA
3
5
578
Michael Schwarz retweeted
10 Feb 2025
The second #DIMVA25 deadline is upcoming: February 12 AoE. If you're planning to submit a paper, register it already: dimva.org/dimva2025/
DIMVA has a great community and is quite visible: 3 out of my 10 top cited papers are DIMVA papers!
Hope to see many of you in Austria!
1
5
6
1,337
Michael Schwarz retweeted
3 Feb 2025
github.com/google/security-r…
Our newest research project is finally public! We can load malicious microcode on Zen1-Zen4 CPUs!
12
270
800
123,946
Michael Schwarz retweeted
21 Jan 2025
The uASC registration is open now:
uasc.cc/
Also the uASC deadline is approaching: January 27 AoE.
We accept papers, posters, and talks. We have conference proceedings. We're interested in any insights broadly around microarchitecture security.
8
9
2,434
Michael Schwarz retweeted
5 Jan 2025
CFP for uASC 25 is still open. We have rolling reviews, and 1 submission is already accepted. If you have interesting results on microarchitecture security (incl. weak threat models or reproducing prior work), check out the CFP at uasc.cc
The CFP closes **Jan 28**
1
6
13
1,525
Michael Schwarz retweeted
11 Dec 2024
Super excited to present our (L. Niemann, @____salmon____, @jan__reineke, @misc0110) newest paper at #ACSAC2024! We show how modern CPU hardware can be leveraged to stop side-channel attacks almost instantly (~200 CPU cycles)!
Code/Paper: github.com/cispa/IRQGuard
2
14
59
4,176
Michael Schwarz retweeted
1 Dec 2024
Got some negative or unrealistic threat model results that still bring interesting insights? A side channel that requires root to leak something from the kernel? Reproducing prior work? Somewhat related to microarchitecture? Here's your venue: uasc.cc/
1
18
27
3,844
Michael Schwarz retweeted
28 Nov 2024
The first #ACSAC2024 #PaperPreview today is by Weber et al., who show that HW features can be used to stop #SideChannel #attacks almost immediately by monitoring the victim: openconf.org/acsac2024/modul…
#cybersecurity
@weber_daniel @____salmon____ @jan__reineke @misc0110 @cispa
ALT Weber et al.'s "No Leakage Without State Change: Repurposing Configurable Cpu Exceptions To Prevent Microarchitectural Attacks"
2
6
815