The Swiss security research firm Modzero just published a report documenting a grave flaw in HP laptops: an audio-driver made by Conexant that captures every keystroke (to detect volume up/down and mute-button presses) and saves them to an unencrypted file on the local system, which can then be exfiltrated via a debugging API that allows remote parties to see every keystroke in realtime.
At least 28 models of HP laptop are vulnerable.
According to researchers, the keylogger feature was discovered in the Conexant HD Audio Driver Package version 188.8.131.52 and earlier.
This is an audio driver that is preinstalled on HP laptops. One of the files of this audio driver is MicTray64.exe (C:\windows\system32\mictray64.exe).
This file is registered to start via a Scheduled Task every time the user logs into his computer. According to modzero researchers, the file "monitors all keystrokes made by the user to capture and react to functions such as microphone mute/unmute keys/hotkeys."
Security Advisory: Unintended/Covert Storage Channel for
sensitive data in Conexant HD Audio Driver Package. [Modzero]
Keylogger Found in Audio Driver of HP Laptops
[Catalin Cimpanu/Bleeping Computer]
At Defcon, Tencent's Wu HuiYu and Qian Wenxiang presented Breaking Smart Speakers: We are Listening to You, detailing their work in successfully exploiting an Amazon Alexa speaker, albeit in a very difficult-to-achieve fashion.
Josh Mitchell's Defcon presentation analyzes the security of five popular brands of police bodycams (Vievu, Patrol Eyes, Fire Cam, Digital Ally, and CeeSc) and reveals that they are universally terrible, though the Digital Ally models are the least bad of the batch, as Wired's Lily Hay Newman reports.
Adam Guerbuez is a cryptocurrency evangelist whose Youtube channel is full of videos promoting cryptocurrency trading; when he got a Twitter message from a scammer promising to send him free Ethereum coins, he asked the scammer if they could talk about the scam.
Traveling isn’t always the most comfortable experience, but at least you have your music to keep you company on those long flights. That is, until your chatty neighbor and that crying baby three seats over drown out your playlist. These Paww WaveSound 3 Noise-Cancelling Bluetooth Headphones block up to 20 decibels of audio, so you can […]
SEO can be a fickle creature, but it can work in your favor—you just need the right tools. When it comes to getting your site on that coveted first page of Google, SERPstash Premium simplifies the process with 21 user-friendly tools designed to break down your page’s performance and show you where you can improve. Lifetime […]
Running a Shopify store is a great way to net some extra cash on the side or—if you really know what you’re doing—replace your 9-to-5 altogether. However, success doesn’t come naturally, and newcomers tend to receive mixed results when starting on their own. This E-Commerce Bootcamp can help start your Shopify venture off on the right […]