The Swiss security research firm Modzero just published a report documenting a grave flaw in HP laptops: an audio-driver made by Conexant that captures every keystroke (to detect volume up/down and mute-button presses) and saves them to an unencrypted file on the local system, which can then be exfiltrated via a debugging API that allows remote parties to see every keystroke in realtime.
At least 28 models of HP laptop are vulnerable.
According to researchers, the keylogger feature was discovered in the Conexant HD Audio Driver Package version 22.214.171.124 and earlier.
This is an audio driver that is preinstalled on HP laptops. One of the files of this audio driver is MicTray64.exe (C:\windows\system32\mictray64.exe).
This file is registered to start via a Scheduled Task every time the user logs into his computer. According to modzero researchers, the file "monitors all keystrokes made by the user to capture and react to functions such as microphone mute/unmute keys/hotkeys."
Security Advisory: Unintended/Covert Storage Channel for
sensitive data in Conexant HD Audio Driver Package. [Modzero]
Keylogger Found in Audio Driver of HP Laptops
[Catalin Cimpanu/Bleeping Computer]
When security researchers report on the ghastly defects in voting machines, the officials who bought these machines say dismiss their concerns by saying that the tamper-evident seals they put around the machines prevent bad guys from gaining access to their internals.
Medtronic (previously) is a notoriously insecure medical implant manufacturer whose devices have been repeatedly shown to be grossly insecure -- their pacemakers can be hacked before leaving the factory!
Donalddaters.com is an app for people who want to have sex with white supremacists; it launched today and promptly leaked all 1600 of its users' data: "users' names, profile pictures, device type, their private messages — and access tokens, which can be used to take over accounts."
Speed reading isn’t just an innate skill possessed by a lucky few. Anyone can learn to speed read, and the benefits are endless. The brain can process more information than most people have time to soak up, but you can make that time now with the 2018 Award-Winning Speed Reading Bundle. The first half of […]
Sure, you could use the same old PowerPoint templates for your next business presentation. It’s not like you have bosses or investors to impress. Oh wait, you do? Time to augment that slideshow with Slideshop – the presentation tool that can individualize your pitch while saving you time. Compatible with PowerPoint, Keynote and Google Slides, […]
Multinational companies have used the no-nonsense methodologies of Six Sigma and Lean Six Sigma to oil a smooth-running operation for years. What is it? Six Sigma (and its offshoot, Lean Six Sigma) apply the principles of science to business, teaching managers to methodically target waste, maximize output and streamline the flow from producer to consumer. […]