You Are Here: Home » Articles posted by Liviu ARSENE

Air-Gapped Systems Vulnerable to Data Exfiltration via Fan-Controlling Malware, According to Israeli Researchers

New research into data exfiltration by compromising air-gapped systems has proven that malware can control the acoustic waveform emitted by a CPU’s cooling fan to transmit audio binary data to a remote microphone up to eight meters away. While previous vulnerabilities in air-gapped systems have been reported and suspected to have been used in the wild, Fansmitter (as it’s called by the researchers) poses ne...

FBI Free to Hack into Suspects’ Computers, Court Rules

The US District Court of Virginia ruled in favor of the FBI in a case involving hacking a suspects’ computer without a warrant. Fearing this might infringe on basic privacy rights, privacy advocacy groups have expressed deep concerns over the ruling. Judge Henry Morgan argued that the suspect’s IP address is not private information, as it’s something given out by internet service providers and mandatory for...

Ad Network Pays $950,000 in Penalties for Tracking Millions without Permission

Advertising company InMobi agreed to pay $950,000 in penalties after the US Federal Trade Commission (FTC) concluded the company was collecting users’ geolocation information without expressed permission. The FTC said InMobi also violated the Children’s Online Privacy Protection Act (COPPA) by collecting information from applications for children, including thousands of applications with millions of downloa...

Bank Indonesia, Bank of Korea Face Alleged Anonymous Attacks

After hacking group Anonymous announced last month it’s planning a wave of cyberattacks on world banks, Bank Indonesia and the Bank of Korea have been under constant fire, according to officials. Blocking more than 149 regions from accessing their website, Bank Indonesia believes this will plug Distributed Denial of Service (DDoS) attacks, a preferred attack method of the cybercriminal group. Other central...

290,000 US Driver’s License Records Leaked

Some 290,000 US driver’s license records have been allegedly put up for sale on the Dark Web by a hacker going by the name of NSA. The data dump is said to contain information regarding dates of birth, driving offenses, fines, full names, addresses, state, ZIP codes, phone numbers and email addresses. Claiming that the information was gathered after breaching network systems from Louisiana locals, the hacke...

51 Million iMesh Accounts for Purchase on the Dark Web

More than 51 million iMesh accounts are allegedly available for purchase on the Dark Web for 1 bitcoin – about $590 – containing data such as salted MD5 passwords, usernames, IP addresses, registration date and other account information. While the iMesh peer-to-peer service was recently shut down, the breach is believed to have occurred in September 2013, as the most recent information in the database seems...

Top 5 Wi-Fi Hotspot Locations to Avoid on Your Holiday

Whenever you go on holiday, you end up taking all your personal data. The information on your personal phone, laptop or other smart device is at more risk of being compromised or stolen on holiday than when you’re at home or work. While vacations are all about family time, the digital evolution has opened up new to your privacy and data, especially since we’ve become so addicted to posting photos on social...

FBI To Get Browser History Access without Court Order

The pending review of the ECPA (Electronic Communications Privacy Act) Amendments Act of 2015 should allow the FBI to gain access to a target’s "electronic communication transactional records" without a court order, using just a National Security Letter (NSL). While the amendment introduced by Senator John Cornyn would allow the FBI to obtain information such as visited domains and IP addresses, the FBI has...

Three Samsung KNOX Vulnerabilities Dropped by Israeli Researchers

Two Israeli researchers have recently found three vulnerabilities in Samsung’s KNOX involving the way its services are shared with user applications. The vulnerabilities in Samsung’s enterprise containerization solution aimed at boosting BYOD data privacy have been dubbed CVE-2016-1919, CVE-2016-1920, and CVE-2016-3996. Although all three have been timely reported to Samsung and patches have been issued to...

Power Plant Controllers Deemed Vulnerable Beyond Repair

Power plant controllers have been deemed vulnerable to remote exploits, allowing potential attackers to gain control of the networks and modify system configurations. The flaw, publicly reported and documented by independent researcher Maxim Rupp, affects the Environmental Systems Corporation 8832 data controller for versions 3.02 and older. Because the affected systems do not support additional code space...

© 2012 Powered By Bitdefender

Scroll to top