Tag Archive for: poses

EV Charger Hacking Poses a ‘Catastrophic’ Risk

/in


Such cracks could conceivably permit hackers to access vehicle data or consumers’ credit card information, says Ken Munro, a cofounder of Pen Test Partners. But perhaps the most worrying weakness to him was that, as with the Concordia testing, his team discovered that many of the devices allowed hackers to stop or start charging at will. That could leave frustrated drivers without a full battery when they need one, but it’s the cumulative impacts that could be truly devastating.

“It’s not about your charger, it’s about everyone’s charger at the same time,” he says. Many home users leave their cars connected to chargers even if they aren’t drawing power. They might, for example, plug in after work and schedule the vehicle to charge overnight when prices are lower. If a hacker were to switch thousands, or millions, of chargers on or off simultaneously, it could destabilize and even bring down entire electricity networks. 

“We’ve inadvertently created a weapon that nation-states can use against our power grid,” says Munro. The United States glimpsed what such an attack might look like in 2021 when hackers hijacked Colonial Pipeline and disrupted gasoline supplies nationwide. The attack ended once the company paid millions of dollars in ransom.

Munro’s top recommendation for consumers is to not connect their home chargers to the internet, which should prevent the exploitation of most vulnerabilities. The bulk of safeguards, however, must come from manufacturers.

“It’s the responsibility of the companies offering these services to make sure they are secure,” says Jacob Hoffman-Andrews, senior staff technologist at the Electronic Frontier Foundation, a digital rights nonprofit. “To some degree, you have to trust the device you’re plugging into.”

Electrify America declined an interview request. With regard to the issues Malcolm and the Kilowatts documented, spokesperson Octavio Navarro wrote in an email that the incidents were isolated and the fixes were quickly deployed. In a statement, the company said, “Electrify America is constantly monitoring and reinforcing measures to protect ourselves and our customers and focusing on risk-mitigating station and…

Source…

Are Voice Authentication Security Systems Effective? Deepfake Attack Poses Alarming Threat

/in


Computer scientists from the University of Waterloo have made a concerning discovery regarding the effectiveness of voice authentication security systems. 

They have identified a method of attack that can successfully bypass these systems with an alarming success rate of up to 99% after only six attempts.

COLOMBIA-AVIATION-BIOMETRIC-MIGRATION-SYSTEM-EL DORADO-FEATURE

(Photo : JUAN BARRETO/AFP via Getty Images)
Passengers use BIOMIG, the new biometric migration system, at El Dorado International Airport in Bogota on June 2, 2023. Colombian Migration launched a new biometric migration system for foreigners.

Deepfake Voiceprints

Voice authentication has become increasingly popular in various security-critical scenarios, such as remote banking and call centers, where it allows companies to verify the identity of their clients based on their unique “voiceprint.”

During the enrollment process of voice authentication, individuals are required to replicate a designated phrase, which is then used to extract and store a distinct vocal signature or voiceprint on a server. 

In subsequent authentication attempts, a different phrase is utilized, and the extracted characteristics are compared against the stored voiceprint to ascertain access.

However, the researchers at the University of Waterloo have found that voiceprints can be manipulated using machine learning-enabled “deepfake” software, which can generate highly convincing copies of someone’s voice using just a few minutes of recorded audio. 

Hence, developers introduced “spoofing countermeasures” to differentiate between human-generated speech and machine-generated speech.

The research team have created a method that bypasses these spoofing countermeasures, enabling them to deceive most voice authentication systems within only six attempts. 

They have identified the markers in deepfake audio that expose its computer-generated nature and have created a program to take out these markers, rendering the fake audio indistinguishable from real recordings.

During a evaluation conducted on Amazon Connect’s voice authentication system, the researchers accomplished a 10% success rate within a brief four-second attack, which escalated to over 40% in under thirty…

Source…

EU’s Proposed CSAM Bill Poses Hacking Risks

/in


Endpoint Security
,
Governance & Risk Management
,
Legislation & Litigation

Hackers Would Exploit Client-Side Scanning, LIBE Committee Hears

Akshaya Asokan (asokan_akshaya) •
April 13, 2023    

EU's Proposed CSAM Bill Poses Hacking Risks

Members of a European Parliament committee heard Thursday an assessment warning them that a bill intended to fight child sexual abuse material would instead weaken online security.

See Also: Webinar | The Evolution of Network Architecture: What You Don’t Know Can Hurt You

The Child Sexual Abuse Material proposal unveiled by the European Commission in May 2022 faces a barrage of opposition from industry and civil liberty groups concerned that its mandate for digital communication services such as instant messenger apps to scan for CSAM is incompatible with end-to-end encryption.

Bart Preneel, a cryptography professor at Catholic University of Leuven in Belgium, told the Committee on Civil Liberties, Justice and Home Affairs, or LIBE, the only way mandatory scanning is compatible with end-to-end encryption by scanning for images on devices before they’re transmitted across the web. Preneel is co-author of an assessment of the CSAM proposal commissioned by the committee.

“The only way you could actually detect CSAM would be by scanning on the device of the user. You would have to insert additional software in the user device, and such a software will create new vulnerabilities that are open to attack and abuse,” he said.

Scanning communications would violate a right to confidential communications while client-side scanning “violates the essence of the right of protection…

Source…

New ransomware poses trans-Atlantic cyber threat

/in


French and Italian cybersecurity agencies have warned of a new ransomware scheme targeting thousands of computer networks in their countries, as well as the United States and Canada, using a two-year-old vulnerability in a widely used virtual machine package.

The National Cybersecurity Agency of Italy warned of a “massive” potential threat using vulnerabilities in VMware ESXi, used to deploy virtual computers. VMware issued patches in early 2021.

HOW BIDEN CAN DETER MAJOR RUSSIAN CYBERATTACKS

With the VMware ESXi package a popular product, organizations should be “very concerned” about this new ransomware attack, said Harmandeep Singh, director at Cyphere, a cybersecurity services provider. Organizations running VMware ESXi should patch the software immediately if they have not already done so, he advised.

“This attack has the potential to cause significant damage,” he added. “It has already been used to target computer systems in multiple countries and, if left unchecked, could lead to the loss of data and financial resources. Additionally, it could allow malicious actors to gain access to confidential information and potentially cause disruption to critical systems.”

There’s a risk beyond ransomware with this new attack, added Chris Jacob, global vice president of the Threat Intelligence Engineers group at ThreatQuotient. The vulnerabilities could be used to gain access to computer systems and look around, he said.

“Ransomware is a quick indicator that you have been attacked, and hopefully, this will serve as a call to action,” Jacob told the Washington Examiner. “However, you have to wonder how many more advanced adversaries are using this as an attack vector for a more long-term reconnaissance play.”

The warnings of the attacks seem to indicate that many ESXi servers are still running the vulnerable service found more than two years ago, he added: “How many attackers over those two years have gained access and haven’t exposed themselves over the last two years?”

The two cybersecurity agencies didn’t name a suspect…

Source…