News & Press

Submitted by Mordechai Guri on Wed, 29/06/2016 - 23:45

Fansmitter: Acoustic Data Exfiltration from (Speakerless) Air-Gapped Computers

Because computers may contain or interact with sensitive information, they are often air-gapped and in this way kept isolated and disconnected from the Internet. In recent years the ability of malware to communicate over an air-gap by transmitting sonic and ultrasonic signals from a computer speaker to a nearby receiver has been shown. In order to eliminate such acoustic channels, current best practice recommends the elimination of speakers (internal or external) in secure computers, thereby creating a so-called 'audio-gap'.

Submitted by Cyber Security ... on Mon, 23/03/2015 - 14:31

BitWhisper: The Heat is on the Air-Gap

UPDATE 30 Mar 2015: A draft of the research paper is available for download here

Submitted by Cyber Security ... on Sun, 02/11/2014 - 20:23

Can We Rely on an Air-Gap to Secure our Critical Systems?

Following our recent disclosure on how to breach air gap security with a simple mobile phone and RF emitted from the air-gapped computer we wanted to provide some overview on the topic.

The following is a lecture by Prof. Yuval Elovici, the head of the cyber security research labs, on air gap security, latest threats and developments.

Submitted by Cyber Security ... on Tue, 28/10/2014 - 09:22

How to leak sensitive data from an isolated computer (air-gap) to a near by mobile phone - AirHopper

Security researcher Mordechai Guri with the guidance of Prof. Yuval Elovici from the cyber security labs at Ben-Gurion University in Israel presented at the 9th IEEE International Conference on Malicious and Unwanted Software (MALCON 2014), at Puerto Rico, a breakthrough method (“AirHopper) for leaking data from an isolated computer to a mobile phone without the presence of a network. In highly secure facilities the assumption today is that data can not leak outside of an isolated internal network.

Submitted by Cyber Security ... on Tue, 11/03/2014 - 15:20

Mobile Malware Detection through Analysis of Deviations in Application Network Behavior

Recently an exciting research on the topic of malware detection based on mobile networking activities analysis has been accepted to the lucrative Computers & Security journal. The paper was written as part of a project sponsored by Telekom Innovation Labs which dealt with different Android security solutions.

In simple words (though you'll need to get the full version to see all the exciting revelations and achievements) we built a technology which is able to detect malware activity based only on analyzing the network traffic coming out from a mobile handset (Android).

Submitted by Cyber Security ... on Mon, 03/03/2014 - 15:24

Titanium, a Brain-Child of the Cyber Security Research Center @ Ben-Gurion University Won 1 Million$ in JVP's Cyber Competition on RSA Conf.

JVP, Israel's leading VC firm and the largest early-stage cyber-security investor in Israel, announced today that Titanium Core, an innovative startup that protects mission-critical infrastructure, has won JVP's first ever “Cybertition” cyber-security startup competition. Titanium will receive a $1M Investment and a spot in JVP Cyber Labs incubator based in the growing cyber epicenter in Beer-Sheva.

Submitted by Cyber Security ... on Tue, 18/02/2014 - 13:33

Pictures from Cybertech 2014

Here are some nice pictures from our booth at the Cybertech show:

Submitted by Cyber Security ... on Mon, 27/01/2014 - 14:12

Active VPN Bypass on Android KitKat - Disclosure Report

Following our second vulnerability report where we demonstrated an active VPN bypass on Android Jelly Bean 4.3 we have decided to further investigate the existence of the vulnerability on Android KitKat 4.4. At first we could not reproduce it with the original vulnerability code since KitKat has a modified security implementation.