hacking – Page 20 – SSL and internet security news

Another Bloomberg Story about Supply-Chain Hardware Attacks from China

October 11, 2018 infossl

china, hacking, hardware, implants, Security technology, surveillance

Bloomberg has another story about hardware surveillance implants in equipment made in China. This implant is different from the one Bloomberg reported on last week. That story has been denied by pretty much everyone else, but Bloomberg is sticking by its story and its sources. (I linked to other commentary and analysis here.) Again, I … Read More “Another Bloomberg Story about Supply-Chain Hardware Attacks from China” »

New Variants of Cold-Boot Attack

September 24, 2018 infossl

firmware, hacking, hardware, operatingsystems, Security technology

If someone has physical access to your locked — but still running — computer, they can probably break the hard drive’s encryption. This is a “cold boot” attack, and one we thought solved. We have not: To carry out the attack, the F-Secure researchers first sought a way to defeat the the industry-standard cold boot … Read More “New Variants of Cold-Boot Attack” »

Security Risks of Government Hacking

September 13, 2018 infossl

backdoors, hacking, lawenforcement, nationalsecuritypolicy, Security technology

Some of us — myself included — have proposed lawful government hacking as an alternative to backdoors. A new report from the Center of Internet and Society looks at the security risks of allowing government hacking. They include: Disincentive for vulnerability disclosure Cultivation of a market for surveillance tools Attackers co-opt hacking tools over which … Read More “Security Risks of Government Hacking” »

Using Hacked IoT Devices to Disrupt the Power Grid

September 11, 2018 infossl

academicpapers, botnets, hacking, infrastructure, internetofthings, Security technology, vulnerabilities

This is really interesting research: “BlackIoT: IoT Botnet of High Wattage Devices Can Disrupt the Power Grid“: Abstract: We demonstrate that an Internet of Things (IoT) botnet of high wattage devices — such as air conditioners and heaters — gives a unique ability to adversaries to launch large-scale coordinated attacks on the power grid. In … Read More “Using Hacked IoT Devices to Disrupt the Power Grid” »

Using a Smartphone’s Microphone and Speakers to Eavesdrop on Passwords

September 5, 2018 infossl

authentication, cellphones, hacking, passwords, phones, Security technology, sidechannelattacks

It’s amazing that this is even possible: “SonarSnoop: Active Acoustic Side-Channel Attacks“: Abstract: We report the first active acoustic side-channel attack. Speakers are used to emit human inaudible acoustic signals and the echo is recorded via microphones, turning the acoustic system of a smart phone into a sonar system. The echo signal can be used … Read More “Using a Smartphone’s Microphone and Speakers to Eavesdrop on Passwords” »

Hacking Police Bodycams

August 15, 2018 infossl

computersecurity, hacking, police, privacy, Security technology, vulnerabilities

Suprising no one, the security of police bodycams is terrible. Mitchell even realized that because he can remotely access device storage on models like the Fire Cam OnCall, an attacker could potentially plant malware on some of the cameras. Then, when the camera connects to a PC for syncing, it could deliver all sorts of … Read More “Hacking Police Bodycams” »

Hacking the McDonald’s Monopoly Sweepstakes

August 6, 2018 infossl

fraud, games, hacking, Security technology

Long and interesting story — now two decades old — of massive fraud perpetrated against the McDonald’s Monopoly sweepstakes. The central fraudster was the person in charge of securing the winning tickets. Powered by WPeMatico

How the US Military Can Better Keep Hackers

August 3, 2018 infossl

cybersecurity, hacking, military, Security technology

Interesting commentary: The military is an impossible place for hackers thanks to antiquated career management, forced time away from technical positions, lack of mission, non-technical mid- and senior-level leadership, and staggering pay gaps, among other issues. It is possible the military needs a cyber corps in the future, but by accelerating promotions, offering graduate school … Read More “How the US Military Can Better Keep Hackers” »

Hacking a Robot Vacuum

July 31, 2018 infossl

eavesdropping, hacking, physicalsecurity, privacy, robotics, Security technology, surveillance

The Diqee 360 robotic vacuum cleaner can be turned into a surveillance device. The attack requires physical access to the device, so in the scheme of things it’s not a big deal. But why in the world is the vacuum equipped with a microphone? Powered by WPeMatico

Gas Pump Hack

July 13, 2018 infossl

cars, cybercrime, hacking, physicalsecurity, Security technology, theft

This is weird: Police in Detroit are looking for two suspects who allegedly managed to hack a gas pump and steal over 600 gallons of gasoline, valued at about $1,800. The theft took place in the middle of the day and went on for about 90 minutes, with the gas station attendant unable to thwart … Read More “Gas Pump Hack” »