Security Alerts & News
by Tymoteusz A. Góral

History
#2023 Malware lets a drone steal data by watching a computer’s blinking LED
A few hours after dark one evening earlier this month, a small quadcopter drone lifted off from the parking lot of Ben-Gurion University in Beersheba, Israel. It soon trained its built-in camera on its target, a desktop computer’s tiny blinking light inside a third-floor office nearby. The pinpoint flickers, emitting from the LED hard drive indicator that lights up intermittently on practically every modern Windows machine, would hardly arouse the suspicions of anyone working in the office after hours. But in fact, that LED was silently winking out an optical stream of the computer’s secrets to the camera floating outside.

That data-stealing drone, shown in the video below, works as a Mr. Robot-style demonstration of a very real espionage technique. A group of researchers at Ben-Gurion’s cybersecurity lab has devised a method to defeat the security protection known as an “air gap,” the safeguard of separating highly sensitive computer systems from the internet to quarantine them from hackers. If an attacker can plant malware on one of those systems—say, by paying an insider to infect it via USB or SD card—this approach offers a new way to rapidly pull secrets out of that isolated machine. Every blink of its hard drive LED indicator can spill sensitive information to any spy with a line of sight to the target computer, whether from a drone outside the window or a telescopic lens from the next roof over.
Read more
#2027 Criminals monetizing attacks against unpatched WordPress sites
#2026 Android ransomware requires victim to speak unlock code
#2025 Cybercrime and other threats faced by the healthcare industry (PDF)
#2024 Read The Manual - a guide to the RTM banking trojan (PDF)
#2023 Malware lets a drone steal data by watching a computer’s blinking LED
#2022 Bitcoin trader hit by "severe DDoS attack" as bitcoin price nears all-time high
#2021 Blizzard ends support for Windows XP and Vista
#2020 Rogue Chrome extension pushes tech support scam
#2019 New crypto-ransomware hits macOS
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12