Russian code that could tamper with industrial machines and toggle RTUs on and off was floating around VirusTotal for years before being noticed. It raises new questions about the state of OT security. Read More
Related Posts
New Acoustic Attack Records Laptop Keystrokes With Nearby Phone
New Acoustic Attack Records Laptop Keystrokes With Nearby Phone
The constant deep-learning advancements, widespread microphones, and online services are actively escalating the threat of acoustic side-channel attacks on keyboards.
An innovative deep learning model uses a nearby phone’s microphone to classify laptop keystrokes with 95% accuracy and 93% accuracy when trained on Zoom recordings, setting new benchmarks for acoustic attack implementation.
While all these findings are recently unveiled by cybersecurity researchers from the following British universities:-
Joshua Harrison from Durham University
Ehsan Toreini from the University of Surrey
Maryam Mehrnezhad Royal Holloway University of London
Data Targeted by the Attack
The targeted acoustic attack compromises data security, potentially leaking the following data to malicious third parties:-
Passwords
Discussions
Messages
Other sensitive information
Unlike other side-channel attacks with limitations, acoustic attacks are now simpler with widespread microphone-bearing devices.
These devices enable high-quality audio captures without special conditions or data rate restrictions.
While rapid machine learning advancements enable feasible and highly dangerous sound-based side-channel attacks, surpassing previous expectations.
Design of the Attack
To initiate the attack, keystrokes are recorded on the target’s keyboard for training the prediction algorithm. This can be done using a nearby microphone or an infected phone with microphone access.
The Zoom-based recording of keystrokes links typed messages to sound recordings by rogue participants. Researchers trained data by pressing 36 keys on a modern MacBook Pro 25 times and capturing the produced sounds.
‘CoAtNet’ trained with spectrogram images, an image classifier that required experimentation with the following elements to achieve optimal prediction accuracy:-
Epoch
Learning rate
Data splitting parameters
While in this experiment following things are used by the security analysts:-
Standard Apple laptop keyboard
iPhone 13 mini (Positioned 17cm from target)
Zoom
Accuracy Achievements
Here below, we have mentioned the accuracy achievements of CoANet:-
From smartphone recordings: 95% accuracy
Zoom: 93% accuracy
Skype captures 91.7% accuracy.
Recommendations
Here below, we have mentioned all the recommendations offered by the cybersecurity researchers:-
Alter typing styles or employ randomized passwords to counter acoustic side-channel attacks.
Additional defense measures involve software-based replication of keystroke sounds, white noise, or audio filters for keystrokes.
Make sure to use biometric authentication where possible.
Ensure the use of robust password managers.
Keep informed about the latest Cyber Security News by following us on GoogleNews, Linkedin, Twitter, and Facebook.
The post New Acoustic Attack Records Laptop Keystrokes With Nearby Phone appeared first on Cyber Security News.
Cyber Security News
Botnet Disrupted by FBI Still Used by Russian Spies, Cybercriminals
Botnet Disrupted by FBI Still Used by Russian Spies, Cybercriminals
[[{“value”:”
A botnet dismantled in January and used by Russia-linked APT28 consisted of more than just Ubiquiti Edge OS routers.
The post Botnet Disrupted by FBI Still Used by Russian Spies, Cybercriminals appeared first on SecurityWeek.
“}]] Read More
SecurityWeek RSS Feed
Sourcegraph Discloses Data Breach Following Access Token Leak
Sourcegraph Discloses Data Breach Following Access Token Leak
Sourcegraph says customer information was breached after an engineer accidentally leaked an admin access token.
The post Sourcegraph Discloses Data Breach Following Access Token Leak appeared first on SecurityWeek.
SecurityWeek RSS Feed