Cybersecurity

Now there are two attack vectors to send commands to voice assistant from distance without anyone in the room hearing: ultrasounds and laser. Audio Hotspot Attack Crosses the Ultrasonic Beams to Send Silent Commands to Voice Assistants https://www.hackster.io/news/audio-hotspot-attack-crosses-the-ultrasonic-beams-to-send-silent-commands-to-voice-assistants-6d386644111b Lasers Can Take Over Voice Assistant Systems From Long Distances, Research Finds https://securitytoday.com/articles/2019/11/06/laser-hack-alexa-voice-assistants.aspx?m=1 https://news.umich.edu/a-laser-pointer-could-hack-your-voice-controlled-virtual-assistant/ From a distance →

This is a pretty interesting hardware hacking article: https://www.bunniestudios.com/blog/?p=3554 Some SD cards contain vulnerabilities that allow arbitrary code execution — on the memory card itself. On the dark side, code execution on the memory card enables a class of MITM (man-in-the-middle) attacks, where the card seems to be behaving one way, but in fact it →

The EU’s cyber security agency ENISA has published “ENISA threat landscape for 5G Networks” report that draws an initial threat landscape and presents an overview of the challenges in the security of 5G networks. It presents 5G architecture, the identification of important assets, the assessment of threats affecting 5G, the identification of asset exposure and →

Just in case… Is the media and government chewing you out because of breach? Worry not! This free excuse generator will help you develop an a breach statement in no time! http://whythefuckwasibreached.com/ →

This posting is here to collect cyber security news in November 2019. I post links to security vulnerability news to comments of this article. If you are interested in cyber security trends, read my Cyber security trends 2019 posting. You are also free to post related links.     →

https://www.zdnet.com/article/the-scariest-hacks-and-vulnerabilities-of-2019/ Since 2019 has been a disaster in terms of cyber-security news, this is a very long list of this year’s biggest and scariest security incidents, data breaches, and vulnerabilities. →

For years there has been prediction when cyber incident will kill someone. It seems that it has happened. “Some of the recent cybersecurity incidents involving industrial control systems (ICS) have resulted in injury and even loss of life, according to a survey conducted by Control Systems Cyber Security Association International (CS2AI).” More: https://www.securityweek.com/some-ics-security-incidents-resulted-injury-loss-life-survey →

There have been many news on a hacked Lightning cables that allow someone to take over a computer as soon as they are plugged into a Mac or PC. There has also been USB cables with hidden Wi-fi.. How about a DIY hack on this? The latest development in the ESP32 world comes is a →

This posting is here to collect cyber security news in October 2019. I post links to security vulnerability news to comments of this article. If you are interested in cyber security trends, read my Cyber security trends 2019 posting. You are also free to post related links.   →

SimJacker is 0-day vulnerability under active attack according to this article: Dubbed “SimJacker,” the vulnerability resides in a particular piece of software, called the S@T Browser (a dynamic SIM toolkit), embedded on most SIM cards. New SIM Card Flaw Lets Hackers Hijack Any Phone Just By Sending SMS https://thehackernews.com/2019/09/simjacker-mobile-hacking.html Huge security issue claims need some →