Security News

New Air-Gap Attack Uses SATA Cable as an Antenna to Transfer Radio Signals
2022-07-19 11:09

A new method devised to leak information and jump over air-gaps takes advantage of Serial Advanced Technology Attachment or Serial ATA cables as a communication medium, adding to a long list of electromagnetic, magnetic, electric, optical, and acoustic methods already demonstrated to plunder data. "Although air-gap computers have no wireless connectivity, we show that attackers can use the SATA cable as a wireless antenna to transfer radio signals at the 6GHz frequency band," Dr. Mordechai Guri, the head of R&D in the Cyber Security Research Center in the Ben Gurion University of the Negev in Israel, wrote in a paper published last week.

Bluetooth Signals Can Be Used to Track Smartphones, Say Researchers
2022-06-13 12:36

Researchers warn Bluetooth signals can be used to track device owners via a unique fingerprinting of the radio signal. The paper suggests that minor manufacturing imperfections in hardware are unique with each device, and cause measurable distortions which can be used as a "Fingerprint to track a specific device".

Threat and risk specialists signal post-COVID conference season is back on
2022-06-10 19:25

For the first time in over two years the streets of San Francisco have been filled by attendees at the RSA Conference and it seems that the days of physical cons are back on. The security conference trade has been more cautious than most when it comes to getting conferences back up to speed in the COVID years.

Researchers Find Bluetooth Signals Can be Fingerprinted to Track Smartphones
2022-06-10 07:53

A new research undertaken by a group of academics from the University of California San Diego has revealed for the first time that Bluetooth signals can be fingerprinted to track smartphones. "To perform a physical-layer fingerprinting attack, the attacker must be equipped with a Software Defined Radio sniffer: a radio receiver capable of recording raw IQ radio signals," the researchers said in a new paper titled "Evaluating Physical-Layer BLE Location Tracking Attacks on Mobile Devices."

Attackers Can Use Electromagnetic Signals to Control Touchscreens Remotely
2022-05-27 07:42

GhostTouch, as it's called, "Uses electromagnetic interference to inject fake touch points into a touchscreen without the need to physically touch it," a group of academics from Zhejiang University and Technical University of Darmstadt said in a new research paper. The core idea is to take advantage of the electromagnetic signals to inject fake touch events such as taps and swipes into targeted locations of the touchscreen with the goal of taking over remote control and manipulating the underlying device.

Twitter's New Owner Elon Musk Wants DMs to be End-to-End Encrypted like Signal
2022-04-28 02:57

Elon Musk, CEO of SpaceX and Tesla and Twitter's new owner, on Thursday called on adding support for end-to-end encryption to the platform's direct messages feature. "Twitter DMs should have end to end encryption like Signal, so no one can spy on or hack your messages," Musk said in a tweet.

URL rendering trick enabled WhatsApp, Signal, iMessage phishing
2022-03-25 15:51

A rendering technique affecting the world's leading messaging and email platforms, including Instagram, iMessage, WhatsApp, Signal, and Facebook Messenger, allowed threat actors to create legitimate-looking phishing messages for the past three years. The vulnerabilities are rendering bugs resulting in the apps' interface incorrectly displaying URLs with injected RTLO Unicode control characters, making the user vulnerable to URI spoofing attacks.

Signal vs. Wire: Compare messaging app privacy and security
2022-03-23 20:13

Signal vs. Wire: Compare messaging app privacy and security We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. Both Signal and Wire offer stronger security measures than system default messaging solutions, such as Google Messages, Apple's iMessage or Microsoft's Skype.

Signal CEO Resigns, WhatsApp Co-Founder Takes Over as Interim CEO
2022-01-13 22:41

Moxie Marlinspike, the founder of the popular encrypted instant messaging service Signal, has announced that he is stepping down as the chief executive of the non-profit in a move that has been underway over the last few months. "In other words, after a decade or more, it's difficult to overstate how important Signal is to me, but I now feel very comfortable replacing myself as CEO based on the team we have, and also believe that it is an important step for expanding on Signal's success," Marlinspike said in a blog post on Monday.

Signal CEO Moxie Marlinspike resigns, leaves WhatsApp co-founder to run things until a successor is named
2022-01-11 01:02

Moxie Marlinspike, the creator of the Signal secure messaging app, on Monday announced his resignation as CEO of the company. Marlinspike said he had always intended to grow Signal to the point that it could go on without his direct involvement but that wasn't possible as recently as four years ago when he was writing most of the code, managing employees, and personally handling support.