airgapped computer | Breaking Cybersecurity News | The Hacker News

It may sound creepy and unreal, but hackers can also exfiltrate sensitive data from your computer by simply changing the brightness of the screen, new cybersecurity research shared with The Hacker News revealed. In recent years, several cybersecurity researchers demonstrated innovative ways to covertly exfiltrate data from a physically isolated air-gapped computer that can't connect wirelessly or physically with other computers or network devices. These clever ideas rely on exploiting little-noticed emissions of a computer's components, such as light, sound , heat , radio frequencies , or ultrasonic waves , and even using the current fluctuations in the power lines. For instance, potential attackers could sabotage supply chains to infect an air-gapped computer, but they can't always count on an insider to unknowingly carry a USB with the data back out of a targeted facility. When it comes to high-value targets, these unusual techniques, which may sound theoretica...

Dr. Mordechai Guri, the head of R&D team at Israel's Ben Gurion University, who previously demonstrated various methods to steal data from an air-gapped computer, has now published new research named " BeatCoin ." BeatCoin is not a new hacking technique; instead, it's an experiment wherein the researcher demonstrates how all previously discovered out-of-band communication methods can be used to steal private keys for a cryptocurrency wallet installed on cold storage, preferably an air-gapped computer or Raspberry Pi. For those unaware, keeping your cryptocurrency protected in a wallet on a device which is entirely offline is called cold storage. Since online digital wallets carry different security risks, some people prefer keeping their private keys offline. Air-gapped computers are those that are isolated from the Internet, local networks, Bluetooth and therefore, are believed to be the most secure devices and are difficult to infiltrate or exfiltrate. ...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...

Do you think it is possible to extract data from a computer using its power cables? If no, then you should definitely read about this technique. Researchers from Israel's Ben Gurion University of the Negev—who majorly focus on finding clever ways to exfiltrate data from an isolated or air-gapped computer—have now shown how fluctuations in the current flow "propagated through the power lines" could be used to covertly steal highly sensitive data. Sound something like a James Bond movie? Well, the same group of researchers has previously demonstrated various out-of-band communication methods to steal data from a compromised air-gapped computer via light , sound , heat , electromagnetic , magnetic and ultrasonic waves . Air-gapped computers are those that are isolated from the Internet and local networks and therefore, are believed to be the most secure devices that are difficult to infiltrate or exfiltrate data. "As a part of the targeted attack, the adve...

A team of security researchers—which majorly focuses on finding clever ways to get into air-gapped computers by exploiting little-noticed emissions of a computer's components like light, sound and heat —have published another research showcasing that they can steal data not only from an air gap computer but also from a computer inside a Faraday cage. Air-gapped computers are those that are isolated from the Internet and local networks and so, are believed to be the most secure devices that are difficult to infiltrate. Whereas, Faraday cages are metallic enclosures that even blocks all electromagnetic signals, such as Wi-Fi, Bluetooth, cellular and other wireless communications, making any device kept inside the cage, even more, isolate from outside networks. However, Cybersecurity Research Center at Israel's Ben Gurion University, directed by 38-year-old Mordechai Guri, has developed two techniques that helped them exfiltrate data from computers placed inside a Faraday...

Air-gapped computers that are isolated from the Internet and physically separated from local networks are believed to be the most secure computers which are difficult to infiltrate. However, these networks have been a regular target in recent years for researchers, who have been trying to demonstrate every possible attack scenarios that could compromise the security of such isolated networks. Security researchers from Ben-Gurion University in Israel have previously demonstrated several ways to extract sensitive information from air-gapped computers. Now, the same University researchers have discovered another way to steal confidential information from air-gapped computers – this time with the help of infrared-equipped CCTV cameras that are used for night vision. Researchers have developed a new attack scenario, dubbed aIR-Jumper, which includes an infected air-gapped computer (from which data needs to be stolen) and an infected CCTV network (that has at least one CCTV insta...

Air-gapped computers that are isolated from the Internet or other networks and believed to be the most secure computers on the planet have become a regular target in recent years. A team of researchers from Ben-Gurion University in Israel has discovered a way to extract sensitive information from air-gapped computers – this time using radio frequency transmissions from USB connectors without any need of specialized hardware mounted on the USB. Dubbed USBee , the attack is a significant improvement over the NSA-made USB exfiltrator called CottonMouth that was mentioned in a document leaked by former NSA employee Edward Snowden. Unlike CottonMouth , USBee doesn't require an attacker to smuggle a modified USB device into the facility housing the air-gapped computer being targeted; rather the technique turns USB devices already inside the facility into an RF transmitter with no hardware modification required. Must Read: BadUSB Code Released – Turn USB Drives Into Undete...