Air-Gapped Networks Vulnerable to Acoustic Attack via LCD Screens

In the "PixHell" attack, sound waves generated by pixels on a screen can transmit information across seemingly impenetrable air gaps. [TechWeb]( Follow Dark Reading: [RSS]( September 12, 2024 LATEST SECURITY NEWS & COMMENTARY [Air-Gapped Networks Vulnerable to Acoustic Attack via LCD Screens]( In the "PixHell" attack, sound waves generated by pixels on a screen can transmit information across seemingly impenetrable air gaps. [Hackers Proxyjack & Cryptomine Selenium Grid Servers]( A vendor honeypot caught two attacks intended to leverage the tens of thousands of exposed Selenium Grid Web app testing servers. [Remote Access Sprawl Strains Industrial OT Network Security]( A veritable grab bag of tools used to access critical infrastructure networks are wildly insecure, and they're blobbing together to create a widening attack surface. [Amateurish 'CosmicBeetle' Ransomware Stings SMBs in Turkey]( With an immature codebase and a "rather chaotic encryption scheme" prone to failure, the group targets small businesses with custom malware. ['Ancient' MSFT Word Bug Anchors Taiwanese Drone-Maker Attacks]( An attack dubbed "WordDrone" that uses an old flaw to install a backdoor could be related to previously reported cyber incidents against Taiwan's military and satellite industrial supply chain. [How Law Enforcement's Ransomware Strategies Are Evolving]( The threat of ransomware hasn't gone away. But law enforcement has struck a blow by adjusting its tactics and taking out some of the biggest adversaries in the ransomware scene. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Mustang Panda Feeds Worm-Driven USB Attack Strategy]( A fresh wave of attacks on APAC government entities involves both self-propagating malware spreading via removable drives and a spear-phishing campaign. [Cyber Staffing Shortages Remain CISOs' Biggest Challenge]( Besides operational issues connected to a talent shortage, the cost of running security platforms — and their training costs — also keeps CISOs up at night. [Platform Engineering Is Security Engineering]( For modern applications built on Kubernetes and microservices, platform engineering is not just about building functional systems but also about embedding security into the fabric of those systems. [MORE]( PRODUCTS & RELEASES [Poppy Gustafsson to Step Down As CEO of Darktrace; Jill Popelka Appointed Successor]( [Xiphera Develops Quantum-Resilient Hardware Security Solutions for Space]( [AppCD Closes $12.3M Seed Round and Rebrands to StackGen]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Microsoft Discloses 4 Zero-Days in September Update]( This month's Patch Tuesday contains a total of 79 vulnerabilities — the fourth largest of the year. LATEST FROM THE EDGE [UnDisruptable27 Project Wants to Shore Up Critical Infrastructure Security]( The Institute for Security and Technology's UnDisruptable27 project connects technology firms with the public sector to strengthen US cyber defenses in case of attacks on critical infrastructure. LATEST FROM DR TECHNOLOGY [SOAR Is Dead, Long Live SOAR]( Business intelligence firm Gartner labels security orchestration, automation, and response as "obsolete," but the fight to automate and simplify security operations is here to stay. LATEST FROM DR GLOBAL [Dark Reading Expands Its Coverage to the Asia-Pacific Region]( The latest step in a journey to serve cybersecurity professionals in other regions of the world. WEBINARS - [Harnessing the Power of Automation to Boost Enterprise Cybersecurity]( - [How to Evaluate Hybrid-Cloud Network Policies and Enhance Security]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [The Anatomy of a Ransomware Attack]( - [Evolve Your Ransomware Defense]( - [RevealX Catches Ransomware Within Days of Deployment at WCH]( - [SANS 2024 Security Awareness Report]( - [How to Use Threat Intelligence to Mitigate Third-Party Risk]( - [Ten Elements of Insider Risk in Highly Regulated Industries]( - [Decode the New SEC Cybersecurity Disclosure Ruling]( [View More White Papers >>]( FEATURED REPORTS - [Managing Third-Party Risk Through Situational Awareness]( - [2024 InformationWeek US IT Salary Report]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=125668&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_09.12.24&sp_cid=55039&utm_content=DR_NL_Dark%20Reading%20Daily_09.12.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#d5 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)