Researchers at the School of Cyber Security at Korea University, Seoul, have presented a new covert channel attack named CASPER can leak data from air-gapped computers to a nearby smartphone at a rate of 20bits/sec. The CASPER attack leverages the internal speakers inside the target computer as the data transmission channel to transmit high-frequency audio that the human ear cannot hear and convey binary or Morse code to a microphone up to 1.5m away. The receiving microphone can be in a smartphone recording sound inside the attacker’s pocket or a laptop in the same room.
Lending protocol Euler Finance was hit by a cryptocurrency flash loan attack on Sunday, with the threat actor stealing $197 million in multiple digital assets. The cryptocurrency theft involved multiple tokens, including $8.75 million worth of DAI, $18.5 million in WBTC, $33.85 million in USDC, and $135.8 million in stETH. The attacker‘s ETH wallet used to store the stolen funds is being tracked, so it will be challenging for the perpetrator to move the stolen funds around and convert them to a usable form.
The Housing Authority of the City of Los Angeles (HACLA) is warning of a “data security event” after the LockBit ransomware gang targeted the organization and leaked data stolen in the attack. HACLA is a state-chartered agency that provides affordable housing to low-income individuals and families in Los Angeles, California. The government agency, which operates on an annual budget of $1 billion, also provides job training and education to help eligible families achieve self-sufficiency and improve their quality of life.
Ring, a home security and smart home company owned by Amazon, has reportedly suffered a ransomware attack by Russia-linked ALPHV group, according to a tweet by VX-Underground. The ALPHV ransomware group, also known as BlackCat, has posted the company’s logo on its website along with a message that reads, “There’s always an option to let us leak your data.” The group has threatened to leak the stolen data if the company refuses to pay the ransom.
On the face of it, the Twitter profile of a person calling herself Sara Shokouhi looks like any other earnest Middle East-focused researcher. Her tweets are a litany of retweets of various voices protesting the Iranian government. Her bio claims she’s completed a PhD from Northwestern State University of Louisiana. At the top of her profile, the person calling herself Sara Shokouhi peers into the camera with her hands folded over a stack of books.
India’s Enforcement Directorate is investigating “several” crypto cases for money-laundering schemes and has seized $115.5 million to date in such crimes, the Ministry of Finance said, the latest in a series of crackdown by the authorities on the nascent space that is already reeling from the tremulous market conditions. The Indian crime fighting agency has also arrested five individuals in crimes abetted by cryptocurrency and in the past sent a show cause notice to local exchange WazirX and its directors for crypto transactions exceeding $338 million, the ministry said.