Security News
Covert Wi-Fi signals generated by DDR SDRAM hardware can be leveraged to exfiltrate data from air-gapped computers, a researcher claims. In a newly published paper, Mordechai Guri from the Ben-Gurion University of the Negev in Israel details AIR-FI, a new data exfiltration technique in which malware installed on a compromised air-gapped system can generate Wi-Fi signals that a nearby device intercepts and sends to the attacker, over the Internet.
A security researcher has demonstrated that sensitive data could be exfiltrated from air-gapped computers via a novel technique that leverages Wi-Fi signals as a covert channel-surprisingly, without requiring the presence of Wi-Fi hardware on the targeted systems. Dubbed "AIR-FI," the attack hinges on deploying a specially designed malware in a compromised system that exploits "DDR SDRAM buses to generate electromagnetic emissions in the 2.4 GHz Wi-Fi bands" and transmitting information atop these frequencies that can then be intercepted and decoded by nearby Wi-Fi capable devices such as smartphones, laptops, and IoT devices before sending the data to remote servers controlled by an attacker.
Guidewire Software announced a new Remote Desktop Protocol, Exposure Signal, for its Guidewire Cyence for Cyber product. Cyberattacks against Internet-exposed RDP servers are surging, and Exposure Signal is designed to detect on-demand whether a company's RDP has been exposed to the internet and a potential cyberattack.
As the economic fallout of the COVID-19 crisis continues to unfold, a research from Next Caller, reveals the pervasive impact that COVID-related fraud has had on Americans, as well as emerging trends that threaten the security of contact centers, as we head towards what may be another wave of call activity. Rising reports of fraud activity signal not only that fraudsters are eager to replicate their initial success, but that some of those early schemes may just be getting started.
Content delivery network provider Fastly announced on Thursday that it has agreed to acquire web application security firm Signal Sciences for approximately $775 million in cash and stock. Founded in 2014, California-based Signal Sciences provides web application firewall and runtime application self-protection technologies designed to protect applications, APIs and microservices.
Chinese state security agencies will also operate in Hong Kong for the first time, and the local police force will be able to intercept communications and spy on suspects, with the approval of Hong Kong's chief executive. The legislation will apply not just within inside Hong Kong but overseas too, meaning foreign nationals who speak against Beijing could be prosecuted upon entering Hong Kong or mainland China.
Privacy-focused communications application Signal this week announced a new feature meant to enhance user privacy amid social turmoil in the United States: a blur tool. Available in the image editor, the functionality is meant to help protect the privacy of the people in the photos shared over Signal.
Amid nationwide protests over the death of George Floyd, secure comms biz Signal has deployed a blur tool in its messaging and calling app to allow users to obscure faces in app-captured snapshots. Since not everyone always does so, the latest versions of Signal for Android and iOS include a blur feature in the image editor menu that can be used to degrade image details.
We've never bothered with Signal for the reason that signing up means handing over your phone number. As we mentioned you don't need to use a PIN to secure your Signal account - you can just use your phone number alone, as before, or choose a proper pass-phrase that's as long as you like.
Encrypted messaging service Signal has announced the introduction of a new feature that allows users to recover their data if they switch to a new device. The new feature, Signal PINs, is based on Secure Value Recovery, which the company introduced in December, and is meant to help users import data such as profile, settings, and blocked users when switching to a new device.