Ben Gurion university's Mordechai Guri is a master exfiltrator, a computer scientist who's devised a bewildering array of innovative techniques for getting data off of "airgapped" computers that have been fully disconnected from any kind of network.
Read the rest
Radiflow reports that they discovered cryptojacking software -- malware that mines cryptocurrency -- running in the monitoring and control network of an unnamed European water utility, the first such discovery, and a point of serious concern about the security and integrity of critical infrastructure to both targeted and untargeted attacks.
Read the rest
Martin Kirkholt Melhus's workplace bans connecting his development computer to the internet, so he hacked together a modem using HTML5: by plugging over-the-ear headphones into his laptop's 3.5mm audio jack and then placing the headphones over a network-connected built-in mic, he is able to tunnel a network connection outside the firewall (or that's the theory; as he notes, "This was only ever intended as a gimmick and a proof of concept - not something that I would actually use at work.") Read the rest
In a new paper, researchers from Ben-Gurion University demonstrate a fiendishly clever procedure for getting data off of airgapped computers that have had their speakers removed to prevent acoustic data-transmission: instead of playing sound through the target computer's speakers, they attack its fans, varying their speeds to produce subtle sounds that humans can barely notice, but which nearby devices can pick up through their microphones. Read the rest