Tag Archive for: risk
Research hack reveals call security risk in smartphones
/in Computer Security
Advanced smartphone features attract users who want more from their devices, especially in health and entertainment areas, but do these features create a security risk when making or receiving actual calls? A team of academic researchers from Texas A&M University and four other institutions created malicious software, or malware, to answer that question.
The researchers’ malware, called EarSpy, used machine learning algorithms to filter a surprising amount of caller information from ear speaker vibration data recorded by an Android smartphone‘s own motion sensors—and did so without overcoming any safeguards or needing user permissions.
“A standard attack on a cell phone taps the microphone and records the voices,” said Ahmed Tanvir Mahdad, a doctoral student in the Department of Computer Science and Engineering at Texas A&M. “We are recording motion sensor data, which is not directly related to speech, and detecting caller information from that in a side-channel attack.”
Mahdad was the primary author of “EarSpy: Spying Caller Speech and Identity through Tiny Vibrations of Smartphone Ear Speakers,” a paper published in December 2022, on the pre-print server arXiv, that explained the project’s results.
Ear speakers at the top of smartphones are traditionally small and produce low sound pressures during conversations. These vibrations improve clarity when the phone is pressed against the user’s ear.
The speakers are not considered a good source for audible eavesdropping because of their size and how they function. Yet some manufacturers are replacing these small speakers with bigger ones to create the stereo sounds needed for videos and streaming without considering how much vibration data the bigger ear speakers emit. Since smartphones are equipped with motion sensors called accelerometers to record vibration data tracking user…
Computer security experts offer advice to freeze out risk of thermal attacks
/in Computer Security
A team of computer security experts have developed a set of recommendations to help defend against “thermal attacks” which can steal personal information.
Thermal attacks use heat-sensitive cameras to read the traces of fingerprints left on surfaces like smartphone screens, computer keyboards and PIN pads.
Hackers can use the relative intensity of heat traces across recently-touched surfaces to reconstruct users’ passwords.
Last year, Dr. Mohamed Khamis and colleagues from the University of Glasgow set out to demonstrate how easily thermal images could be used to crack passwords.
The team developed ThermoSecure, a system which used AI to scan heat-trace images and correctly guess passwords in seconds, alerting many to the threat of thermal attacks.
Now, Dr. Khamis and colleagues have put together the first comprehensive review of existing computer security strategies, and surveyed users on their preferences on how thermal attacks can be prevented at public payment devices like ATMs or transport ticket dispensers.
Their research, set to be presented as a paper at the USENIX Security Symposium conference in Anaheim, California, on Friday 11 August, also includes advice to manufacturers on how their devices could be made more secure. USENIX Security is widely recognized as one of the leading conferences in the fields of computer security and cybersecurity.
The team identified 15 different approaches described in previous papers on computer security which could reduce the risk of thermal attacks.
Those included ways to reduce the transfer of heat from users’ hands, by wearing gloves or rubber thimbles, or changing the temperature of hands by touching something cold before typing.
Approaches suggested in the literature also included pressing hands against surfaces or breathing on them to obscure their fingerprint heat once they had…
I’m a Wi-Fi expert – don’t make five huge security mistakes that can put security and speed at risk
/in Internet Security
WI-FI users have been urged to not make five security mistakes that can cost them.
It’s no secret that Wi-Fi has greatly improved the way we browse the internet.
But, as with all things technological, Wi-Fi routers are also susceptible to hacking.
By breaking into vulnerable servers, devices, and networks, hackers can steal your data and eventually your money.
To help mitigate this risk, cybersecurity experts have shared with Wi-Fi users some important tips that can help.
PLACE IN CENTRAL LOCATION
Experts recommend placing your Wi-Fi router in a central location in your home.
There are many benefits to this, including improved speeds and better connectivity with devices.
However, what many users aren’t aware of is that this can also keep your Wi-Fi network more secure.
That’s because the signal is not being sent outside of the confines of your home, therefore cannot be accessed by others.
USE A VPN
A virtual private network (VPN) extends a private network across your Wi-Fi network.
This allows users to safely share and receive data without the prying eyes of nefarious third parties.
VPNs work by scrambling your personal information so that without the correct decryption key, it can’t be read by hackers.
As such, enabling VPN software can help to keep your network secure.
CHANGE WI-FI PASSWORD OFTEN
You are likely aware that having stronger passwords keeps you safer from hackers.
But did you know that experts also recommend changing your password often?
Changing your credentials frequently makes it harder for threat actors to hack your system.
What’s more, if your password is compromised or breached without your knowledge, this rectifies that problem.
NOT UPDATING ROUTER FIRMWARE
It’s important to update your router regularly so it runs smoothly and also has the latest security software uploaded.
Generally, you need to find out your router’s IP address and type that into a web browser to access an admin page.
Use your router’s username and password to log in and access the settings.
Check if there are any software updates available and select to download them when…