via Samuel K. Moore - writing for IEEE Spectrum Magazine - comes this outstanding article published on October 7th, 2019; in which, Mr. Moore details the application of well-known-and-leveraged X-Ray techniques (also known as Ptychographic X-Ray Laminography) to the functional reverse-engineering of chipsets. Today's MustRead! H/T
'Dubbed "SimJacker," the vulnerability resides in a particular piece of software, called the S@T Browser (a dynamic SIM toolkit), embedded on most SIM cards that is widely being used by mobile operators in at least 30 countries and can be exploited regardless of which handsets victims are using.' - via Mohit Kumar, writing at The Hacker News
Exploit of the Month or How Using Smartphones In Speakerphone-Mode Descimates Your Privacy: Spearphone (PDF) (by way of the obviously superlative engineering of S. Abhishek Anand, Chen Wang, Jian Liu, Nitesh Saxena and Yingying Chen), the speech privacy exploitation activity via the device-under-scrutiny's accelerometer detected vibrations emanating via the device's installed speakers. The claim is the use of the device's so-called speakerphone 'erodes' the privacy of the user. Today's Must Read! Hat Tip. Simply astonishing work.
"In particular, we show that by exploiting the affected accelerometer readings and carefully selecting feature sets along with off-the-shelf machine learning techniques, Spearphone can successfully perform gender classification (accuracy over 90%) and speaker identification (accuracy over 80%). In addition, we perform speech recognition and speech reconstruction to extract more information about the eavesdropped speech to an extent." via the Authors (S. Abhishek Anand, Chen Wang, Jian Liu, Nitesh Saxena and Yingying Chen))
via EFF writers Jeremy Gillula & Seth Schoen, comes an outstanding piece on Apple Inc.'s (Nasdaq: AAPL) recent decision to restrict ('limits' was the exact term utilized) device tracking. Today's Interesting Read.
The Weaponization of Yubikey - A Primer..., or, Why (Oh Why) Did I Take The Attractive Golden Key Shaped Device At That Trade Show? via Michael Allen, writing over at the fascinating Black Hills Information Security blog. Enjoy!
"Although the YubiKey is an excellent two-factor authentication device, it’s definitely missing a few features that would make it an ideal USB HID attack tool, and there are other products that already do the job much better. Probably the main strength of the YubiKey as an attack tool is that it looks like a YubiKey." - via Michael Allen, writing over at the always fascinating Black Hills Information Security blog.
From The Video Description: FAX machines, although being a reminiscent of a not-so-far past, are still present in lots of office spaces and can be frequently used for business and legal communications. Most of its technology was developed decades ago and, quite probably, remained mostly unchanged over the years. Legacy boxes, accessible via a phone call through the phone line and, frequently, connected to local networks via Ethernet. It sounds like a good plan for summertime research! - via ZeroNights 2018 Eric Sesterhenn's, Luis Merino's, Markus Vervier's video 'Zero Fax Given'
From the Video Description: USB is one of the most common interfaces supported on modern computers. Modern OSes offer tons of USB drivers to support frequently used USB device classes. For other 3rd party USB devices, Microsoft provides automatic driver downloading and installation via Windows AutoUpdate Service. In this talk, we consider this as a novel attacking surface exposed by Windows. via ZeroNights 2018 and HC Ma's 'Massive Scale USB Device Driver Fuzz WITHOUT Device'
From The Video Description: "Unmonitored and unpatched BMC (remote administration hardware feature for servers) are an almost certain source of chaos. They have the potential to completely undermined the security of complex network infrastructures and data centers. Our on-going effort to analyze HPE iLO systems (4 and 5) resulted in the discovery of many vulnerabilities, the last one having the capacity to fully compromise the iLO chip from the host system itself. This talk will show how a combination of these vulnerabilities can turn an iLO BMC into a revolving door between an administration network and the production network." - via Alexandre Gazet's, Fabien (0xf4b) Perigaud's & Joffrey (@_Sn0rkY) Czarny - 'Turning Your BMC Into A Revolving Door'
Apple Inc. (Nasdaq: AAPL) has quite forcefully denied the (via Reuters, reportedly written by George Stathakopoulos - Apple’s Vice President for Information Security) existence of surreptitious-command-and-control-chip-insertions on system boards within devices manufactured by Super Micro Computer Inc. (NASDAQ: SMCI) under contract with and deployed/implemented by Apple Inc. within the latter's data centers. Interestingly, there is some evidence of security-related issues two years ago betwixt Apple, Inc. and Super Micro Computer Inc.... And then there's The Grugq, whose typically clear and exacting opinions are trusted hereabouts - his view appears here (you'd do well to listen to his take). Regardless of what path you walk in discerning the truth of this particularly murky debacle, one thing is clear - human nature given what it is, there is certainly an abundance of vile perniciousness floating about this scenario that has yet to be revealed.
via Sean Gallagher, writing at Ars Technica, comes this particularly unfortunate news for Apple Inc. (Nasdaq: AAPL) MDM (Mobile Device Management) bits - especially considering there will be a flood of new devices into many orgs. On the plus side, the flaw has been discovered, and now it's Apple's turn-at-bat to clean up their dusty-bits, as it were. Read all about it at everyones' beloved Ars Technica!.
Friend of the Blog Trey Blalock of Firewall Consultants sent a link in yesterday which amgically trasnprted us to Ramtin Amin's Web Blog yesterday (in actuality, a Hardware Security blog of considerable reknown)(gracias Trey!). Ramtin's work is indicative of a curious intellect, and tremendous hardware investigatory chops - (plus, keen eye-hand coordination!). If you are at all fascinated by hardware security (coupled with mobile telephony, femto-cells, cabling/dongles and the like) his blog will come as a refreshing changement de rythme of to-the-point discussions of same. Don't Doddle, Chop-Chop, Enjoy!