Collaborate Disseminate
This is interesting research and data: With Google accounts as a case-study, we teamed up with the University of California, Berkeley to better understand how hijackers attempt to take over accounts in the wild. From March 2016 to March 2017, we analyzed several black markets to see how hijackers steal passwords and other sensitive data. […] Our research tracked several…
The post Google’s Data on Login Thefts appeared first on Security Boulevard.
Google removed a rogue version of the WhatsApp Messenger application from Google Play that had been installed by more than 1 million people. A subsequent search by users and researchers revealed that it was one of many similar fake apps hosted on the a… Continue reading Fake WhatsApp on Google Play Shows How Easy Users Can Be Tricked
Researchers demonstrated a really clever hack: they hid malware in a replacement smart phone screen. The idea is that you would naively bring your smart phone in for repair, and the repair shop would install this malicious screen without your knowledge. The malware is hidden in touchscreen controller software, which is trusted by the phone. The concern arises from research… Continue reading Hacking a Phone Through a Replacement Touchscreen
Spyware isn’t the preserve of foreign militaries and script kiddies Continue reading Fired employee caught by keylogger wins case
This is a weird story: researchers have discovered that an audio driver installed in some HP laptops includes a keylogger, which records all keystrokes to a local file. There seems to be nothing malicious about this, but it’s a vivid illustration of how hard it is to secure a modern computer. The operating system, drivers, processes, application software, and everything… Continue reading Keylogger Found in HP Laptop Audio Drivers
Sensors in phones running both iOS and Android reveal all kinds of sensitive info. Continue reading Meet PINLogger, the drive-by exploit that steals smartphone PINs
Interesting research: "Don’t Skype & Type! Acoustic Eavesdropping in Voice-Over-IP": Abstract: Acoustic emanations of computer keyboards represent a serious privacy issue. As demonstrated in prior work, spectral and temporal properties of keystroke sounds might reveal what a user is typing. However, previous attacks assumed relatively strong adversary models that are not very practical in many real-world settings. Such strong models… Continue reading Eavesdropping on Typing Over Voice-Over-IP
This is interesting research: "Keystroke Recognition Using WiFi Signals." Basically, the user’s hand positions as they type distorts the Wi-Fi signal in predictable ways. Abstract: Keystroke privacy is critical for ensuring the security of computer systems and the privacy of human users as what being typed could be passwords or privacy sensitive information. In this paper, we show for the… Continue reading Keystroke Recognition from Wi-Fi Distortion
Most of them are unencrypted, which makes them vulnerable to all sorts of attacks: On Tuesday Bastille’s research team revealed a new set of wireless keyboard attacks they’re calling Keysniffer. The technique, which they’re planning to detail at the Defcon hacker conference in two weeks, allows any hacker with a $12 radio device to intercept the connection between any of… Continue reading Security Vulnerabilities in Wireless Keyboards
Hundreds of accounts’ details popped up on Pastebin, with some users locked out and some seeing unheard songs on recently played lists. Continue reading Spotify denies hack; users subjected to weird music beg to differ