Determining Key Shape from Sound

Its not yet very accurate or practical, but under ideal conditions it is possible to figure out the shape of a house key by listening to it being used. Listen to Your Key: Towards Acoustics-based Physical Key Inference Abstract: Physical locks are one of the most prevalent mechanisms for securing...

CVE-2018-12130

A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer...

Experts Find a Way to Learn What You're Typing During Video Calls

A new attack framework aims to infer keystrokes typed by a target user at the opposite end of a video conference call by simply leveraging the video feed to correlate observable body movements to the text being typed. The research was undertaken by Mohd Sabra, and Murtuza Jadliwala from the...

Experts Find a Way to Learn What You're Typing During Video Calls

A new attack framework aims to infer keystrokes typed by a target user at the opposite end of a video conference call by simply leveraging the video feed to correlate observable body movements to the text being typed. The research was undertaken by Mohd Sabra, and Murtuza Jadliwala from the...

CentOS 8 : firefox (CESA-2019:0966)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2019:0966 advisory. - Mozilla: Proxy Auto-Configuration file can define localhost access to be proxied CVE-2018-18506 - Mozilla: Memory safety bugs fixed in Firefox 66 and...

Eavesdropping on Phone Taps from Voice Assistants

The microphones on voice assistants are very sensitive, and can snoop on all sorts of data: In Hey Alexa what did I just type? we show that when sitting up to half a meter away, a voice assistant can still hear the taps you make on your phone, even in presence of noise. Modern voice assistants ha...

hw: Fast forward store predictor

A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU...

hw: Fast forward store predictor

A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU...

hw: Fast forward store predictor

A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU...

CVE-2020-8694

A flaw was found in the Linux kernel's implementation of Intel's Running Average Power Limit RAPL implementation. A local attacker could infer secrets by measuring power usage and also infer private data by observing the power usage of calculations performed on the data. Mitigation A temporary...

Zoom Snooping: How Body Language Can Spill Your Password

You’ve heard of Zoom Bombing, but have you heard of Zoom Snooping? Researchers contend they can extract keystroke data from participants in a video call simply by tracking shoulder movements. A recently published study warns malicious actors might use the technique to decipher personal passwords...

Determining What Video Conference Participants Are Typing from Watching Shoulder Movements

Accuracy isnt great, but that it can be done at all is impressive. Murtuza Jadiwala, a computer science professor heading the research project, said his team was able to identify the contents of texts by examining body movement of the participants. Specifically, they focused on the movement of...

CVE-2020-15666

When trying to load a non-video in an audio/video context the exact status code 200, 302, 404, 500, 412, 403, etc. was disclosed via the MediaError Message. This level of information leakage is inconsistent with the standardized onerror/onsuccess disclosure and can lead to inferring login status ...

CVE-2020-15214

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted. Code assumes that the segment ids are in increasing order, using the last element of the tensor holding them to determine the...

PYSEC-2020-129

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's SavedModel protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using tensorflow-servin...

CVE-2020-15666

When trying to load a non-video in an audio/video context the exact status code 200, 302, 404, 500, 412, 403, etc. was disclosed via the MediaError Message. This level of information leakage is inconsistent with the standardized onerror/onsuccess disclosure and can lead to inferring login status ...

Traffic Analysis of Home Security Cameras

Interesting research on home security cameras with cloud storage. Basically, attackers can learn very basic information about what's going on in front of the camera, and infer when there is someone home. News article. Slashdot thread...

Cryptogs Security Breach

Cryptogs is an ethereum-based digital currency. A security vulnerability exists in the 'endCoinFlip' and 'throwSlammer' functions in Cryptogs' smart contract implementation. An attacker could use the vulnerability to infer random values and win the game...

hw: L1D Cache Eviction Sampling

A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents which were expected to be blank can be inferred usi...

How to transform your revolutionary idea into a reality: $100K Nokia Bell Labs Prize

Revolutionary ideas in science, technology, engineering, and mathematics don't occur every day. But when those "eureka" moments happen, we need to provide a forum to explore those ideas, judge them on their merits, and distinguish the extraordinary from the merely good. Once a year, Nokia Bell La...