Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

The Voice Assistant Gambit →

September 11, 2017 by Marc Handelman in All is Information, Alternate Attack Vectors, Alternate Attack Analysis, Physical Security, Information Security, Signals, Communication Security, Communications, Hardware Flaws, Hardware Security

Nicole Kobie, writing at New Scientist, tells the tale of newly researched voice assistant attack vectors leveraging signalling flaws (via an ultrasound attack) within both Apple Inc.'s (NasdaqGS: AAPL) and Amazon.com Inc.'s (NasdaqGS: AMZN) voice assitant offerings Siri and Alexa, respectively. The 'Dominoe Effect' of the ultrasound flaws in these products/services traverses down the device foodchain to Alexa and soo-to-be Siri enabled third party devices... Perhaps new protective sound generating devices are in order?

All Amazon and Apple Links in this Post are Non-affiliate

September 11, 2017 /Marc Handelman
All is Information, Alternate Attack Vectors, Alternate Attack Analysis, Physical Security, Information Security, Signals, Communication Security, Communications, Hardware Flaws, Hardware Security

DEF CON 25, Dan Petro's & Ben Morris' 'Weaponizing Machine Learning' →

August 15, 2017 by Marc Handelman in All is Information, Alternate Attack Vectors, Conferences, Brilliant, Education, Information Security, Machine Learning
August 15, 2017 /Marc Handelman
All is Information, Alternate Attack Vectors, Conferences, Brilliant, Education, Information Security, Machine Learning

Deoxyribonucleic Acid, Malware Edition →

August 14, 2017 by Marc Handelman in Alternate Attack Vectors, Biomimetic Malware Attack, Malware, Information Security

via the illustrative writing of John Timmer at ArsTechnica, we learn of the latest malware infect vector - encoded malware within the genomic strands of Deoxyribonucleic Acid (DNA). Has the Fear set in?

August 14, 2017 /Marc Handelman
Alternate Attack Vectors, Biomimetic Malware Attack, Malware, Information Security

Le Rogue →

July 12, 2017 by Marc Handelman in Supply Chain Security, Alternate Attack Vectors, Devices, Information Security, Device Security, Attack Vectors, All is Information

Rogue replacement parts concept. H/T

July 12, 2017 /Marc Handelman
Supply Chain Security, Alternate Attack Vectors, Devices, Information Security, Device Security, Attack Vectors, All is Information

Google Complicit In Fake Google Maps Site Listings? →

April 19, 2017 by Marc Handelman in Advertising, All is Information, Alternate Attack Vectors, Crime, Web Security, Information Security

Is Google Inc. aka Alphabet Inc (NasdaqGS: GOOG) complicit in the enormous numbers of fake links (of which, redirect users to false and/or fraudulent sites) in Google Maps? Of course they are, as, by definition, they own it. What's worse, the company possesses the in-built capability to police those links to protect it's users, but does not - in reality - do so.

April 19, 2017 /Marc Handelman
Advertising, All is Information, Alternate Attack Vectors, Crime, Web Security, Information Security
3437692-televizor-tesla-z-r-1957-6.jpeg

Carrier Wave Hack →

April 04, 2017 by Marc Handelman in All is Information, Alternate Attack Vectors, Information Security, Signals

This reported exploit lands solidly embedded in the hard-to-locate-but-you'll-know-it-when-you-see-it genre of the Surreal Attack Vectors, while Dan Goodins' writing of the exploit is this week's inimitable MustRead... The key aspect of this exploit is to note that notwithstanding all is information, in this case, that information utilizes carrier waves to deliver it's payload, so-called air gaps no longer exist as a safety buffer.

April 04, 2017 /Marc Handelman
All is Information, Alternate Attack Vectors, Information Security, Signals