#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
State of SaaS

Video Conferencing | Breaking Cybersecurity News | The Hacker News

Category — Video Conferencing
New 'Deep Learning Attack' Deciphers Laptop Keystrokes with 95% Accuracy

New 'Deep Learning Attack' Deciphers Laptop Keystrokes with 95% Accuracy

Aug 07, 2023 Deep Learning / Endpoint Security
A group of academics has devised a "deep learning-based acoustic side-channel attack" that can be used to classify laptop keystrokes that are recorded using a nearby phone with 95% accuracy. "When trained on keystrokes recorded using the video conferencing software Zoom, an accuracy of 93% was achieved, a new best for the medium," researchers Joshua Harrison, Ehsan Toreini, and Maryam Mehrnezhad  said  in a new study published last week. Side-channel attacks  refer  to a class of  security exploits  that aim to glean insights from a system by monitoring and measuring its physical effects during the processing of sensitive data. Some of the common observable effects include runtime behavior, power consumption, electromagnetic radiation, acoustics, and cache accesses. Although a completely side-channel-free implementation does not exist, practical attacks of this kind can have damaging consequences for user privacy and security as they could be weaponize...
Researchers Disclose Unpatched Vulnerabilities in Microsoft Teams Software

Researchers Disclose Unpatched Vulnerabilities in Microsoft Teams Software

Dec 23, 2021
Microsoft said it won't be fixing or is pushing patches to a later date for three of the four security flaws uncovered in its Teams business communication platform earlier this March. The disclosure comes from Berlin-based cybersecurity firm Positive Security, which  found  that the implementation of the link preview feature was susceptible to a number of issues that could "allow accessing internal Microsoft services, spoofing the link preview, and, for Android users, leaking their IP address, and DoS'ing their Teams app/channels." Of the four vulnerabilities, Microsoft is said to have addressed only one that results in IP address leakage from Android devices, with the tech giant noting that a fix for the denial-of-service (DoS) flaw will be considered in a future version of the product. The issues were responsibly disclosed to the company on March 10, 2021. Chief among the flaws is a server-side request forgery ( SSRF ) vulnerability in the endpoint "/urlp...
From $22M in Ransom to +100M Stolen Records: 2025's All-Star SaaS Threat Actors to Watch

From $22M in Ransom to +100M Stolen Records: 2025's All-Star SaaS Threat Actors to Watch

Jan 06, 2025SaaS Security / Threat Detection
In 2024, cyber threats targeting SaaS surged, with 7,000 password attacks blocked per second (just in Entra ID)—a 75% increase from last year—and phishing attempts up by 58%, causing $3.5 billion in losses (source: Microsoft Digital Defense Report 2024 ). SaaS attacks are increasing, with hackers often evading detection through legitimate usage patterns. The cyber threat arena saw standout players, unexpected underdogs, and relentless scorers leaving their mark on the SaaS security playing field.  As we enter 2025, security teams must prioritize SaaS security risk assessments to uncover vulnerabilities, adopt SSPM tools for continuous monitoring, and proactively defend their systems. Here are the Cyber Threat All-Stars to watch out for—the MVPs, rising stars, and master strategists who shaped the game. 1. ShinyHunters: The Most Valuable Player Playstyle: Precision Shots (Cybercriminal Organization) Biggest Wins: Snowflake, Ticketmaster and Authy Notable Drama: Exploited on...
Experts Find a Way to Learn What You're Typing During Video Calls

Experts Find a Way to Learn What You're Typing During Video Calls

Feb 23, 2021
A new attack framework aims to infer keystrokes typed by a target user at the opposite end of a video conference call by simply leveraging the video feed to correlate observable body movements to the text being typed. The research was undertaken by Mohd Sabra, and Murtuza Jadliwala from the University of Texas at San Antonio and Anindya Maiti from the University of Oklahoma, who say the attack can be extended beyond live video feeds to those streamed on YouTube and Twitch as long as a webcam's field-of-view captures the target user's visible upper body movements. "With the recent ubiquity of video capturing hardware embedded in many consumer electronics, such as smartphones, tablets, and laptops, the threat of information leakage through visual channel[s] has amplified," the researchers  said . "The adversary's goal is to utilize the observable upper body movements across all the recorded frames to infer the private text typed by the target." To ach...
cyber security

Advance Your Cybersecurity Career at SANS Security East Baltimore 2025

websiteSANS SecurityCybersecurity Training
Choose from 25+ cutting-edge courses & train in-person to unlock $999. Elevate your skills now!
Expert Insights / Articles Videos
Cybersecurity Resources