COMSEC has two presentations this week at the annual USENIX Security conference.
CellIFT shows a novel approach for scalable Information Flow Tracking (IFT) in RTL. CellIFT is open source and ready to be used on in many new projects that can benefit from IFT, such as finding hardware vulnerabilities.
Retbleed shows that return instructions leak information in speculative execution which means that certain deployed mitigations against Spectre have unfortunately been incomplete.Intel gave Retbleed a bounty reward and AMD offered swags since they do not yet have a bounty program!