A selection of this week’s more interesting vulnerability disclosures and cyber security news. Some horrendous lapses of security this week, all of which I’m going to ignore as they are too obvious. The ones I want to highlight (oh dear, a pun to come, sorry), are in my usual sphere of interest: hardware hacks and IoT.
The first one, and the subject of the pun are IoT light bulbs. Its not a completely new vector but what it does show is the subtly of exfiltration beyond human perception that its happening. Not so sure about the identifying what music or sound the bulb is throbbing along to though! Perhaps knowing what embarrassing music someone listens to in private might be good blackmail?
This one is absolutely fascinating. I’ve read previous research before about using various ‘noise’ to ascertain what is going on, but this is another step beyond that:
Again, not completely new, just evolution of the idea, and with easy online markets for buy cheap chargers how many out there could have an alternative objective?
The really sad stuff: