Author: Enoch Root | Kaspersky official blog

SLAP and FLOP vulnerabilities in Apple CPUs

SLAP and FLOP: Complex vulnerabilities in Apple CPUs

New research demonstrates for the first time how hardware vulnerabilities in modern CPUs can be exploited in practice.

BadRAM: attack using malicious RAM module

BadRAM: an attack using a malicious RAM module

European researchers have discovered a vulnerability in AMD processors that can be exploited by modifying RAM modules.

Data exfiltration using RAMBO and PIXHELL

New ways data can be stolen from air-gapped systems

Two fresh papers on the art of data exfiltration in scenarios where it seems utterly impossible.

A scientific approach to eavesdropping via HDMI

A paper from Uruguayan scientists lays out a highly technical and impractical method of spying on computer monitors.

EM Eye: data theft from surveillance cameras

An unusual method of stealing data from surveillance cameras

We explain in simple terms research demonstrating a vulnerability in modern digital video cameras.

Apple CPU encryption hack

We review a recent research paper highlighting a major hardware vulnerability in Apple M1, M2, and M3 CPUs.

Eavesdropping on keyboard keystrokes

A recent study shows how it’s possible to identify typed text from the sound of keystrokes — even in far-from-ideal environments.

PrintListener: remote fingerprint theft

Researchers claim to have found a way to recover a fingerprint by… eavesdropping on a user swiping a finger across the screen!

Ambient light sensor as a spy tool

A fresh study of some unexpected properties of a standard feature of all modern smartphones and tablets.

LogoFAIL attack via image substitution in UEFI

LogoFAIL attack: using image files to attack computers

A serious vulnerability in UEFI firmware relevant to a large number of modern computers, and even servers.

Reptar: a vulnerability in Intel processors

How a recently discovered bug in Intel processors threatens cloud providers.

Side Eye attack: Eavesdropping through video stabilization

Side Eye: eavesdropping using a smartphone’s video camera

How and why did American researchers try to extract sound from a video signal, and was it worth it?

GPU.zip: deft theft of secrets from video chips

We look at a new sophisticated attack on AMD and Intel integrated graphics cards.

Zenbleed: hardware vulnerability in AMD CPUs

Zenbleed: new hardware vulnerability in AMD CPUs

Explaining an issue in popular PC and server CPUs in simple terms.

RowPress RAM attack

New attack method that bitflips memory cells.

Data exfiltration via observing light emitting diode (LED) activity.

LED data exfiltration

Researchers have come up with a way to exfiltrate confidential data by observing LED activity.

New hardware vulnerability in Intel processors

A brief, plain-language explanation of an advanced method of data theft using features of modern CPUs.

Neural networks reveal the images used to train them

How AI can leak your private data

Image-generating neural networks are already everywhere. What privacy risks do they pose?

Three reasons not to use smart locks

Better put them on something not very valuable or necessary. Here we explain why.

Data exfiltration — through a built-in PC speaker

A method of stealing data from an air-gapped system through a speaker you may not even know is there.

How long does it take to close serious vulnerabilities?

Major Android vulnerability goes unclosed for… almost six months!

One of the most curious and menacing bugs in Android smartphones, and the problems they had closing it.

Privacy & Kids

Enoch Root