Prototype pollution project yields another Parse Server RCE
Bug Bounty Radar
The latest programs for February 2023
All Day DevOps
AppSec engineer keynote says Log4j revealed lessons were not learned from the Equifax breach
A rough guide to launching a career in cybersecurity
A schedule of events in 2022 and beyond
GhostTouch: Hackers can reach your phone’s touchscreen without even touching it
New research shows how electromagnetic interference can be used to trigger arbitrary behavior on mobile touchscreens, although caveats apply
Some attacks on smartphones require physical access to the device and interactions with the touchscreen. So your phone is more or less safe as long as no one touches it, right? Wrong, according to a new research paper by security researchers at Zhejiang University, China, and the Technical University of Darmstadt, Germany.
To be presented at the Usenix Security Symposium in July, the paper (PDF) introduces GhostTouch, a type of attack that can execute taps and swipes on the phone’s screen from a distance of up to 40 millimeters.
According to the researchers’ findings, an attacker can use GhostTouch to carry out several types of malicious actions, including initiating calls and downloading malware .
Today’s smartphones and tablets use capacitive touchscreens that provide multi-touch capabilities and can measure small electric fields. However, capacitive touchscreens are sensitive to the environmental impact of electromagnetic interference (EMI) and charger noise.
Read more of the latest hacking news from around the world
Previous studies show that EMI can disrupt the user experience of touchscreens and possibly cause random and harmful behavior. In one case, a phone that was placed on a charger booked a very expensive hotel room because of EMI signals.
In creating GhostTouch, the researchers wanted to see if they could use EMI to create controllable touch events and trigger arbitrary behavior on capacitive touchscreens.
Manipulating the touchscreen
The core idea behind GhostTouch is to interfere with the capacitance measurement of touchscreens using electromagnetic signals injected into the receiving electrodes integrated into the touchscreen.
The researchers created a technology stack composed of a waveform generator that creates the EMI signal and an antenna that transmits it to the phone’s touchscreen. A phone locator module determines the exact location of the phone’s screen and calibrates the signals to specific locations.
GhostTouch is a targeted attack . The adversary must know the model and make of the victim’s phone in order to tune the equipment. The attacker might also need extra information about the phone, such as the passcode, which they must acquire through social engineering or ‘shoulder surfing’.
DON’T MISS Dozens of high-traffic websites vulnerable to ‘account pre-hijacking’, study finds
The main scenario for the attack is public places like cafes, libraries, or conference lobbies, where people might place their smartphones face-down on a table. The attacker will have embedded the attack equipment under the table to launch attacks remotely.
The researchers tested several actions with GhostTouch, including answering the phone, pressing a button, swiping up to unlock, and entering a password . For example, if the victim’s phone is on silent mode, an attacker may call the victim and use GhostTouch to answer the call without alarming the victim, and then eavesdrop on a private conversation.
In another scenario, the attacker may send a malicious link to the victim’s phone and use GhostTouch to tap on it and download it.
The researchers tested GhostTouch on 11 widely used phone models. They were able to use the attack with varying degrees of success on nine models. For example, they were able to establish a malicious Bluetooth connection on an iPhone SE.
The researchers conclude that although the capacitive touchscreens of smartphones go through thorough electromagnetic compatibility tests and include anti-interference design elements, they are still susceptible to EMI attacks such as GhostTouch.
Several countermeasures were proposed, including reinforcing the touchscreen to protect it against targeted EMI attacks and using an algorithms to detect abnormal touch points.
RECOMMENDED Cybercriminals use reverse tunneling to launch ‘virtually undetectable’ phishing campaigns
We’re going teetotal – It’s goodbye to The Daily Swig
Indian gov flaws allowed creation of counterfeit driving licenses, related stories, password managers part ii, chromium bug allowed samesite cookie bypass on android devices.
How hackers are getting into your phone without a password: ‘ghosttouch’ expert, social links for emily lefroy.
- View Author Archive
- Get author RSS feed
Thanks for contacting us. We've received your submission.
Even phone hackers can work remotely these days.
Researchers from NordVPN have been warning smartphone users to be careful of crafty cybercriminals, claiming they’re using a new technique that allows them to unlock certain smartphones from a distance.
Typically, when phones are hacked it’s done so by installing malware on the device through a charging cable .
Researchers say smartphone users should be aware of the technique, called GhostTouch — urging cell phone users to look out for phones unlocking by themselves.
“GhostTouch is the newest screen hacking attack that allows criminals to hack a user’s phone remotely,” a researcher told TechRader. “In simple terms, attackers use electromagnetic signals to simulate primary touch events like taps and swipes on targeted locations of the touchscreen.”
The researchers say the goal of the hackers is to take remote control of the smartphone to “manipulate it in potentially dangerous ways,” such as accessing the device’s data and passwords, accessing unsafe services or installing malware.
The scheme, called GhostTouch, was discovered by academics from Zhejiang University (China) and the Technical University of Darmstadt (Germany).
To use the GhostTouch method, the hacker would just have to be in close proximity to their intended victim. They could put their equipment in public places to send electromagnetic signals to phones, which experts warn users “may not even notice.”
“Unfortunately, the most common places for touchscreen hacking are public places like libraries, cafes or conference lobbies, where people place their smartphones face-down on the table,” Adrianus Warmenhoven, a cybersecurity expert at NordVPN explained. “The attackers prepare the equipment under the table in advance and launch the attack remotely.”
According to NordVPN, the attack works from a distance of “up to 40 mm,” and the hardware could be placed under the table and used to access the smartphone.
Once the connection is made, the hackers can hack the target smartphone from wherever they are. NordVPN said nine smartphone models have been confirmed so far to be susceptible to the hack, including iPhone SE (2020), Samsung Galaxy S20 FE 5G, Redmi 8 and Nokia 7.2.
Experts say the best way to protect your information against GhostTouch is to make sure your smartphone has a security mechanism, either a PIN code, a swipe pattern or biometrics.
Share this article:
Something went wrong. Wait a moment and try again.
What Is Screen Hacking and How Can You Protect Yourself?
Hackers could access your device, install malware, and access personal data via lock screen hacking, also known as ghost touch. But what is it?
You may have heard the term "screen hacking" before, but might not be sure what it means. Screen hacking or touch screen hacking is a type of cyberattack that involves taking control of someone's smartphone or computer touchscreen without their permission.
By taking control of your touchscreen, attackers can perform various malicious tasks. Cyberattackers may also use it to gain access to sensitive information such as passwords and usernames.
So what does screen hacking entail? And most importantly, how can you protect yourself from it?
What Is Lock Screen Hacking?
Screen hacking is usually done by taking advantage of a device's touchscreen. Attackers may be able to access the screen remotely, or they may physically interact with it and exploit weaknesses in the hardware or software. This is done by taking advantage of electromagnetic interference (EMI) , the process by which electrical signals can be detected and manipulated. Since touchscreen devices contain a variety of electrical signals, this makes them vulnerable to EMI. Screen hacking may also involve exploiting flaws in the device's operating system or hardware design.
Using EMI, the hackers can remotely introduce false touch points into a touchscreen of the device and can control the device without actually touching it.
Once hackers gain access to your screen, they can perform various malicious activities such as changing your lock screen password, accessing sensitive data, installing malware, and more.
What Is Ghost Touch?
Ghost touch, also called screen tapping or phantom touch, is a type of touch screen hacking that involves using a small device (e.g. a smartphone, tablet, or laptop) to control the activity on another device's screen. This is when a hacker uses EMI to simulate a false finger or object on the touchscreen and can control it without physical contact.By controlling the movements of the touch screen, hackers can access sensitive information like passwords and personal data without leaving any physical traces of their presence. Ghost touch can also be used to initiate hacker attacks, such as making purchases without the owner's knowledge or accessing financial accounts.
Ghost touch problems aren't always due to hackers , but can be indicative of malicious activity.
How Is Screen Hacking Executed?
Here are the steps cyberattackers take to conduct touchscreen hacking successfully.
Step 1: Search for a Suitable Place
Hackers will search for a public place where they have access to a device's screen. This could be in an airport lounge, coffee shop, library, or even on a train. In such places, they are able to use EMI to access the touch screen of the devices which are kept on the table with their screen facing towards the table.
Step 2: Install the EMI Equipment
Once the hacker finds a suitable location, they install their EMI equipment. This consists of an antenna and amplifier, creating magnetic signals that can be used to interfere with the electromagnetic field of the touchscreen device.
Step 3: Send Electromagnetic Signals
The hacker then sends out electromagnetic waves at specific frequencies in order to interfere with the touchscreen's signals and generate false touches on the screen in order to gain control of it. Attackers can inject electromagnetic impulses into the touchscreen's electrodes to cause the events to be recorded as touch events.
Step 4: Access the Device
Once the hacker has captured and interfered with the device's electromagnetic field, they can gain access to it and take control. This allows them to perform various malicious activities.
What Can Attackers Do Using Screen Hacking?
Screen hackers can do a variety of malicious activities on the device, such as:
- Receive or make calls : Hackers can access the device's phonebook and dial numbers to make calls or receive incoming calls.
- Launch malicious websites using the keyboard : The hacker can launch a malicious website or web page and then type out commands on the keyboard.
- Install malware : Intruders can install malware onto the device without the user's knowledge, allowing them to gain access to confidential data.
- Intercept messages : The cyberattacker can use screen hacking to intercept, read, write, and delete messages from the device.
- Access contact information : Attackers can also gain access to a device's contacts, including email addresses and phone numbers.
- Access social media accounts : Screen hackers can access the user's social media accounts and post messages or malicious links.
What Are the Indications of Screen Hacking?
It is difficult to detect screen hacking in its early stages as the hacker does not leave any physical evidence. However, there are some warning signs that you can look out for if you suspect your device has been hacked.
When setting up a new device, for instance, users usually save their preferences and settings. If you notice any changes to these settings, it could indicate that your device has been hacked. Similarly, if you notice any uncharacteristic messages or calls, it is possible that a hacker has accessed your device.
Screen hackers can use up large amounts of data in order to control the device. If you notice unusually high data usage, something malicious might be running.
And if your device is paired with a Bluetooth device you don't recognize, this, too, could be a sign of screen hacking.
How to Protect Yourself From Screen Hacking
Given the dangers of screen hacking, it is important you take steps to protect yourself and your device from such attacks. Here are some tips that can help.
Use a Secure Unlocking Method
The most effective way to protect your device from screen hacking attacks is to use a secure unlocking method. If your phone supports biometric authentication such as fingerprint or face recognition, make sure you use that instead of a pattern or PIN.
Enable Two-Factor Authentication
Two-factor authentication (2FA) is an additional layer of security for your device, which requires you to enter a code sent to your device or phone number in addition to your password. 2FA ensures that even if someone has your password, they will not be able to gain access without the additional code.
Be Careful in Public Places
When using your device in public places, take extra precautions to ensure that your device's screen is not exposed. Avoid leaving your phone unattended and keep it out of sight when you are not using it.
Use Non-Magnetic Cases
When using a smartphone, laptop, or tablet in public, consider investing in a non-magnetic case. This can help to protect your device from malicious actors who may be trying to gain access via screen hacking.
Beware of Lock Screen Hacking
Lock screen hacking can be devastating, so it is important you take steps to protect yourself. It is essential that you use a secure unlocking method, enable two-factor authentication, take extra care in public places, and invest in non-magnetic cases for your devices. By following these tips, you can ensure that screen hacking will not be an issue.
Scientists have found a way to hack smartphones through Ghost Touch
Scientists from Zhejiang University (China) and Technical University of Darmstadt (Germany) have discovered a circuit that allows you to simulate commands for touch displays using electromagnetic signals – it was called GhostTouch, which means “ghost touch”.
Image source: Gerd Altmann / pixabay.com
With GhostTouch, a hypothetical attacker can unlock the phone and access sensitive data stored on it, including passwords and banking applications. They can also install malware. The system also imposes significant restrictions: the equipment for its implementation must be at a distance of up to 40 mm from the victim’s smartphone. If desired, this will not stop the attacker – he can place the device at the back of the table in a library, coffee shop or conference room, i.e. where smartphones are usually laid out. After that, the attack can be carried out from a distance.
At least nine smartphone models were found to be affected by GhostTouch vulnerabilities, including the 2020 iPhone SE, Samsung Galaxy S20 FE 5G, Redmi 8 and Nokia 7.2. It is worth considering that hacking is not entirely elegant: when implementing the scheme, the user sees how the smartphone is unlocked by itself. Therefore, the best protection against such an attack is to set up a PIN or pattern, or use biometrics.
Apple has introduced a cheaper Pencil stylus with a USB-C port – it costs $79
Apple is official demonstrated Apple Pencil stylus with USB Type-C port. Together with the new connector, the device received the most modest price of the series, but lost some of the features that the second generation stylus had. Image source:...
Apple iPhone 15 Pro and Pro Max owners complained about OLED screens burning out quickly
The Apple iPhone 15 Pro and Pro Max smartphones are only a month old, but the internet is already News is circulating about cases of ultra-fast burnout of OLED screens of expensive new products. The problem arose shortly after overheating was...
The third quarter was the worst for the smartphone market in ten years.
Published by specialists Counterpoint research Statistics on smartphone sales in the third quarter of this year suggest that this period was the worst of all third quarters in the last decade. At the same time, smartphone sales, although down 8%...
Apple will unveil updated iPad tablets and the Pencil 3 stylus this week, but that’s not certain
This week Apple could unveil several new products to the general public. According to the release The edgeThe company is preparing to release updated versions of its iPad, iPad Air and iPad Mini tablets. At the same time, the resource is 9to5Mac...
The iPhone 15 recorded its worst sales start in five years in China, while Huawei sales, on the contrary, rose sharply
According to two analyst studies cited by the Bloomberg news agency, demand for iPhone 15 smartphones in China was significantly lower in the first weeks of sales than for their predecessors. With the decline in interest in Apple devices comes an...
About the author
Johnson Smith is interested in Home Theater & Audio, Smart Tech, Google News & Products, How To, Apple News & Products, Cell Phones, Automotive Technology.
Save my name, email, and website in this browser for the next time I comment.
AMD introduced another competitor to the GeForce RTX 4060 – the Radeon RX 6750 GRE starting at $269
NVIDIA has released a driver with DLSS 3 support for Naraka: Bladepoint and Warhammer: Vermintide 2
ASUS ROG Z790 boards have learned to dynamically overclock DDR5 depending on the temperature of the modules
Google and Qualcomm will develop a platform for smartwatches based on RISC-V architecture
Viral video sparks WiFi security debate: ghost touch or hacking?
Is your phone possessed or just glitching decoding the mystery of ghost touches, at a glance.
A video has gone viral, showing a phone apparently operating on its own after connecting to a public WiFi network, which raised concerns about public WiFi security.
"Ghost touch" is a phenomenon where a phone's screen registers touches that the user didn't make. This can be due to various reasons like faulty digitizers, hardware issues, outdated software, or external factors like dirt and overheating.
If someone experiences a ghost touch, they can try several solutions: restarting the phone, removing screen protectors, cleaning the screen, updating the software, performing a factory reset, or seeking professional repair.
The video reignited the debate about the inherent risks of using public WiFi networks. These networks can lack proper security, making it easy for hackers to intercept transmitted data, particularly during sensitive operations like online shopping or accessing bank accounts.
A video that recently went viral on social media is raising alarms about the potential dangers of using public WiFi. The footage shows a phone that seems to operate on its own, tapping and inputting touches without any manual intervention from its owner.
The video's narrator claims that the erratic behavior began after connecting the device to a public WiFi network. The implication is that the phone may have been hacked, with some users who saw the video suggesting that a malicious entity might be controlling the device remotely.
However, I believe that there is a possibility that the phenomenon may actually be a case of "ghost touch." I have experienced this before, and the experience was scary as I thought a hacker was remotely controlling my phone.
Ghost touch is a problem that occurs when your phone screen registers touches that you didn't initiate. This can cause your phone to open apps by itself, randomly tap on buttons, or even scroll through pages without you touching them.
There are a few possible causes of this problem. The most common cause of ghost touch is a faulty digitizer. The digitizer is the part of the phone that detects your touch inputs. If damaged, it can register touches you didn't make. Other hardware problems that can cause ghost touch include a cracked screen, a loose connector, or a bad battery.
In some cases, ghost touch can be caused by a software problem. This is more common on older phones or phones that still need to be updated to the latest software. Software problems can be fixed with a software update or factory resetting your phone.
If dirt or debris is under your phone's screen, it can cause a ghost touch. This is especially common if you have a screen protector. Make sure to regularly clean your phone's screen with a soft, damp cloth.
If your phone overheats, it can cause the digitizer to malfunction and register ghost touches. Please avoid using your phone in hot environments or while charging it.
If you are experiencing ghost touch, there are a few things you can try to fix it:
- Restart your phone. This may fix the problem if a software glitch causes it.
- Remove your screen protector. If you have a screen protector, try removing it to see if that fixes the problem.
- Clean your phone's screen. Use a soft, damp cloth to clean your phone's screen and remove dirt or debris.
- Update your phone's software. If your phone is not up to date, it may have a software problem that is causing ghost touch.
- Factory reset your phone. This will erase all your data but may fix the ghost touch problem.
- Take your phone to a service center. If you have tried all of the above and are still experiencing ghost touch, it may be a hardware problem requiring professional repair.
Back to the viral video. Regardless of the exact nature of the phone's erratic behavior, the viral video has ignited a renewed conversation about the inherent risks of connecting to public WiFi networks. I have been giving warnings in the past about the vulnerabilities of public networks, especially when conducting financial or sensitive transactions.
Public WiFi networks often lack adequate security measures, leaving them more susceptible to breaches and making connected devices potential targets for hackers. Malicious entities can easily intercept data transmitted over unsecured networks. As a result, using public WiFi for tasks like online shopping, accessing bank accounts, or even checking emails can expose users to significant risks.
If you need to use public WiFi, here are the things that you need to consider doing:
Using a VPN: Virtual Private Networks encrypt data, making it more difficult for hackers to intercept sensitive information.
Turning off sharing: Make sure to disable file and printer sharing in the device settings.
Forget the network afterward: Ensure your device doesn't automatically connect to the network in the future.
Always visit secure websites: Ensure that the sites you visit start with 'https' rather than 'HTTP'.
Use Multi-Factor Authentication: Enable MFA for accounts to add an additional layer of security.
While the viral video's claim remains a subject of debate, its broader message resonates with established cybersecurity guidelines. Regardless of whether the depicted incident is a result of hacking or a hardware malfunction, the potential risks of public WiFi should not be underestimated.
- Data Breach
- Cyber Tools
Threat Actors Abuse Discord to Blend Within Organizations’ Network Traffic
Threat actors abusing 404 pages to hide credit card stealing malware, lazarus apt laundered over $900 million worth of cryptocurrency, qakbot threat actors deliver knight ransomware & remcos via lnk files, hackers hijacking microsoft sql servers to compromise azure environments, pro-russia hacker groups exploiting winrar flaw to steal login credentials, toddycat apt hackers exploiting vulnerable microsoft exchange servers, junos os flaw allows attackers to flood system and expose sensitive data, google chrome use-after-free flaw let attackers perform heap exploitation, multiple citrix netscaler flaw leads to dos attack and data exposure, promptmap – tool to test prompt injection attacks on chatgpt instances, researchers uncovered a new flaw in chatgpt to turn them evil, fraudgpt: a new dark side ai tool for cyber criminals, google outlines common red team attacks targeting ai systems, wormgpt: cybercriminals ai tool gained over 5,000 subscribers in just a week, hackers steal user’s database from european telecommunications standards institute, blacktech apt hackers break into cisco firmware to attack the us and japan, millions of newborn registry records were compromised in a moveit data breach, t-mobile app glitch exposes other user’s sensitive data, forever 21 systems hacked: 500,000+ users affected, most important network penetration testing checklist, top 9 best remote desktop software for 2023, 10 best linux distributions in 2023, top 10 best linux distro operating systems for ethical hacking & penetration testing – 2023, 10 best wifi hacking apps for android – 2023 edition, newly discovered tap ’n ghost attack let hackers to remotely control android smartphones.
A new attack dubbed Tap ‘n Ghost targets NFC enabled Android smartphones, let attackers to trigger malicious events on the victim’s smartphone and to take control over the smartphone remotely.
Nowadays, smartphones are used to interact with several networking devices that include wireless headphones, fitness devices, contactless payment systems, and other devices.
To connect with the networking devices smartphones are shipped with a number of cellular networks such as Wi-Fi, Bluetooth, and NFC. The new attack leverages the Near Field Communication (NFC) implementation of the Android OS version 4.1 or later.
Researches from Waseda University proposed the Tap ’n Ghost attacks, and their survey with 300 respondents and a user study involving 16 participants shows that the attack is realistic.
Tap ’n Ghost Attack Techniques
With Tap ’n Ghost, researchers derived two attack techniques which let hackers trigger malicious events on the victim’s smartphone.
Tag-based Adaptive Ploy (TAP)
TAP attack works with a web server, it makes use of device fingerprinting and comprises NFC tag emulator and a single board computer with a Wi-Fi controller installed.
Once the victim phone comes near to the emulator, it reads the tag and launches the browser to open the malicious URL recorded in the NFC tag and the website employees the device fingerprinting about the victim device, based on the information computer determines the tag suited for the victim’s device.
“TAP system performs tailored attacks on the victim’s smartphone by employing device fingerprinting; e.g., popping up a customized dialog box asking whether or not to connect to an attacker’s Bluetooth mouse.”
Ghost Touch Generator
The attack relies on scattering the events around the original touch area, even if the victims want to touch a cancel button to disconnect from malicious Wi-Fi, the attack can make the system recognize as the touch of connect button.
“Ghost Touch Generator forces the victim to connect to the mouse even if she or he aimed to cancel the dialog by touching the “cancel” button; i.e., it alters the selection of a button on a screen,” reads the report .
The attack will succeed if it meets the following conditions
- The smartphone comes with Android OS.
- The smartphone is equipped with NFC.
- The victim has enabled the NFC functionality.
- The smartphone’s touchscreen controller is attackable with Ghost Touch Generator.
- The victim has unlocked the smartphone when she or he brings it close to the Malicious Table.
- Ghost Touch Generator attack has succeeded.
Attackers could use this new attack method to launch targeted attacks; a successful attack let hackers steal confidential information from the company.
These attacks can be prevented if the user authentication process is added before the Android OS launches applications recorded in an NFC tag.
Researchers noted that some touchscreen controllers stopped working when a strong electric field was applied. Although these observations are not conclusive, we conjecture that the manufactures of these controllers may have installed mechanisms to stop the controllers upon detection of external noises.
“Our attack is a proof-of-concept; we provide possible countermeasures that will thwart the threats. We believe that the concept of our attacks sheds new light on the security research of mobile/IoT devices,” researchers concluded.
You can follow us on Linkedin , Twitter , Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.
Free tool to Check Website Security, Mobile app, SSL Security & Phishing Test
Hackers Abuse GitHub Service to Host Variety of Phishing Kits to Steal Login Credentials
Google to Block Logins From Embedded Browser Frameworks to Protect From Phishing & MitM Attacks
- Ghost Touch
- Tap ’n Ghost Attack
Centralized Patch Management
Managed WAF Protection
Latest articles, xorddos infects linux devices and uses them to carry out ddos attacks, researchers uncovered the hack of a private power station in israel, agenttesla stealer delivered via weaponized pdf and chm files, microsoft to kill ntlm and expand kerberos authentication, hackers using remote admin tools to compromise organizations with ransomware, container security in a gitops environment.
API Security Webinar
Why api security should be your top priority: critical insights inside.
API security isn't just a priority; it's the lifeline of businesses and organizations. Yet, this interconnectivity brings with it an array of vulnerabilities that are often concealed beneath the surface.Overlooking API security can have monumental repercussions, jeopardizing data integrity, privacy, and even the very existence of your digital infrastructure.
Xorddos infects linux devices and uses them to carry out ddos..., connect with gbhackers on security, join 70,000 security professionals.
Stay safe online with free daily cybersecurity updates. Sign up now!
GBHackers on security is a highly informative and reliable Cyber Security News platform that provides the latest and most relevant updates on Cyber Security News, Hacking News, Technology advancements, and Kali Linux tutorials on a daily basis. The platform is dedicated to keeping the community well-informed and up-to-date with the constantly evolving Cyber World.
[email protected] [email protected] [email protected]
- Identity Theft
- Data Breaches
- Data Privacy
- Public Records
What Is Screen Hacking and How Can You Protect Yourself?
Table of contents.
- Screen Hacking
- EMI Sources
- GhostTouch Hacking Setup
- Touch Injector
- Phone Locator
- Protection From Screen Hacking
- Keeping Your Device Safe
- By Greg Brown
- Mar 06, 2023
Touchscreens revolutionized technology, enabling users to interact with tablets, smartphones, and computers. The first touch screen, invented in 1965, was a capacitive touchscreen. A single layer of glass was coated with a transparent conductor, such as iridium tin oxide, and the user’s finger created an electrical charge. Eric Johnson patented his novel design a year later; the rest is history.
The real value of touchscreen technology has yet to be experienced. Considering where computers and smartphones stand now, think about 10 or 20 years from now.
Touch screens respond to small electrical bits of current, usually from a finger or stylus pen. In the case of screen hacking or ghost touching, hackers control the touches and, therefore, the screen and operating system.
- Capacitive touch is used on tablets, smartphones, and many medical and industrial displays. Capacitive touchscreens react to the static electricity in a person’s fingers. These screens are extremely sensitive and can register a precise touch.
- Resistive touchscreens create an electrical charge between two thin plastic or glass layers. A tap is registered when the two layers meet. Resistive screens react to pressure, making them ideal for environments with high amounts of radiation.
No matter the electronic device or screen, an ingenious hacker can always find a way into the operating system.
Cyberattacks invariably lash out at vulnerable hardware and software systems or unwitting users with the same tactics used by every other attack group. Undoubtedly, the most ingenious and successful hackers use old technology to circumvent new and innovative computer designs.
Screen hacking or ghost touch involves taking control of a user’s smartphone or computer touch screen using EMI or electromagnetic interference .
Most of us have only heard of EMI in science fiction movies when it is time to beam you up or face universal armageddon. EMI, also called radio frequency interference, is an electromagnetic disturbance generated by an external source. The disturbance obstructs or degrades the effective performance of electrical or electronic equipment.
A common occurrence of EMI that most of us have experienced; is when a cell phone is placed near audio equipment which causes static noise or beeps to be heard.
Electromagnetic sources can be natural or man-made. In general terms for the broad category of EMI, there are three primary sources:
- Natural EMI is caused by solar flares, lightning, or rainstorms with enough power to overwhelm electronic devices.
- Inherent EMI is when an electronic device’s internal components generate interference.
- Man-made EMI is generated by a device created by humans, such as radar systems, high-voltage power lines, and telecommunication towers.
Elite hackers use small devices in public places such as airports or shopping malls to take control of a touch screen. Hackers introduce false touch points on the screen, controlling the device without touching it. Once control has been established, the device belongs to the hacker.
The core idea for hackers is to execute essential touch events, such as taps or swipes into specific touchscreen locations. The goal is to take control and steal the device.
Depending on the equipment and the hacker, attacks can work from a distance of 40mm. This distance hinges on the premise that the target capacitive touchscreen is sensitive to EMI. Sensitivity of the screen and the EMI injects electromagnetic signals into transparent electrodes built into the touchscreen. Sensitivity signals register the touch events remotely.
The system has two parts, and hackers have built extreme modularity into the components. Hackers set up these systems in high-traffic areas such as cafes, libraries, and airports. Researchers have found that hackers install equipment underneath tables or chairs to launch cyber attacks .
The touch injector inserts taps, swipes, or multi-taps into a target device. The injector includes a signal generator, signal amplifier, receiving antenna array, and the on/off switch. The on/off switch selects the correct antenna array to emit the EMI signal.
The locator identifies the position of the target touchscreen. This second part includes a sensing array antenna, a data acquisition component, and the location calculator.
In the early stages of screen hacking, it isn’t easy to know if your device has been compromised. It is essential to recognize the telltale signs of a hack, no matter the type or source. Screen hacking is particularly insidious because the predator can control your device without the user knowing.
One of the more apparent signs is unauthorized logins. Usually, the owner has no idea they are being hacked until the device has reached its login limit. Screen Hacking is an imprecise method with the hacker using several attempts at getting into the device. Device owners will often receive notification requests from unfamiliar users trying to log into the account or login attempts from different locations.
Another detection sign is unseen or dropped calls. Hackers block incoming calls because of detection. If you notice calls not going through, have a friend call you and make sure you know the time of the call.
If unfamiliar programs or icons appear on your screen, become suspicious. These icons are usually tools the hacker has installed to send malware to the device or your network. A hacker could be at work if you notice odd changes to the device or altered behavior. There could be changes to programs or settings that may seem off.
There are several protective measures to use that entail primarily common sense. Good cyber hygiene should be adopted sooner rather than when you notice something wrong with the device.
- Use a strong password generator for a secure password and multi-factor authentication whenever possible. Always update the device to the latest OS and use the most robust patching software.
- Avoid clicking unknown links, and never open attachments from someone you do not know.
- A trusted VPN is always a good idea to keep files encrypted and your online activities private. VPNs are the best way to keep your device safe. All your data is run through an encrypted tunnel making it impossible to hack the screen.
I am a graduate of the University of Georgia with a degree in business. An enthusiasm for the craft of writing has always been a life-long motivation. Literary skills are tailored toward technology, financial markets, and the random odd topic. Two adult sons, one with Down Syndrome, are the passion of my life. Understanding ignorance and defending my family is an essential part of my thinking process. I enjoy reading, researching the topics I write, Alabama Football, hunting with my boys, and a daily fitness routine that is always being revised.
How To Make Your IG Account Private
There are occasions when it makes more sense to have a private Instagram (IG) account. You might w ... Read More
Windows 10 Privacy Settings You Should Change Now
Privacy is a buzzword we hear a lot these days in the wake of data breaches, Wikileaks, and other ... Read More
How to Delete Your Facebook Account
It might seem absurd to some people who live on Facebook, deleting your Facebook account. But, man ... Read More
How to Change Network From Public to Private On Windows
Privacy has become a major concern for many of us after reading about all the data breaches, hacki ... Read More
Twitter Security and Privacy Settings Made Simple
With data breaches and ransomware intrusions in the news daily, privacy is the word on everyone&rs ... Read More
1 in 4 Americans Fall Victim to Identity Theft. Beat the Statistics. Protect Your Information Start by Running a Free Instant Identity Threat Scan
International travelers at risk following air europa credit card hack.
Air Europa is a Spanish airline that serves travelers from all over Europe, North America, the Caribbean, and Tunisia. The airline welcomes over 430 million fliers each year, with 10,000+ daily flights across the globe.
Florida Courts Bleed Data Following Supposed BlackCat Ransomware Assault
Florida's First Judicial Circuit hosts 33 courts in the Northwest of the state. The region serves over 1.4 million residents, most of whom live within areas heavily impacted by the military.
Hackers Break into Flagstar Bank via Fiserv and MOVEit Vulnerabilities
Flagstar Bank is one of the largest national banks in the country. They operate over 430 branches and 120 banking teams from coast to coast.
Voter Information Stolen in D.C. Board of Elections Data Breach
The nation's capital—Washington, D.C., hosts over 700k+ individuals along the shared border of Maryland and Virginia; within Columbia, an estimated 86.9% of inhabitants can actively vote.
Opportunists Use 23andMe to Expose Jewish Ashkenazi Descendants Online
23andMe is a personal genome and biotechnology company that provides genetic reports to interested clients. 23andMe employs over 800 employees and operates in California.
Chicago Medical Center Notifies 216k+ Patients Following Hacker Data Breach
Community First Medical Center (CFMC) is a medical and nursing facility that serves Chicagoland and Illinois broadly. They employ over 300 individuals who preside over a 299-bed hospital campus.
Weekly Cybersecurity Recap October 6
Cybersecurity experts work daily to protect the public from threat actors. This week, we learned about new threats to medical records and gas stations and received updated statuses.
HCA Healthcare’s Hacking Catches the Attention of the Department of Health and Human Services
HCA Healthcare is a national and international healthcare service provider. Their services span over 180 hospitals and thousands of clinics across 20 states.
Opportunists Sneak into Darkbeam: 3.8 Billion Usernames and Passwords Exposed
Darkbeam is a top-performing cyber vulnerability and threat management provider with less than 25 employees. The company has reported over $1 million of revenue in recent years, with numbers as high as $5 million.
$3,000 of Gas Stolen from Hacked Pumps in Detroit
Detroit is Michigan's largest city, hosting a population of more than 630,000 people. The area is called "Motor City" for its contributions to the automobile industry in the 1950s.
Dictionary Attack: What Is It and How Can You Stop It?
Everybody knows that their passwords should be complex. You shouldn't include personal information like your birth month, hometown, or name.
Types Of Consumer Frauds and Ways To Avoid It
Global consumers have suffered many hardships in recent years: pandemics, historic inflation levels, and rising crime everywhere.
MOVEit Hackers Intercept Data and SSNs from Nuance Communications
Nuance Communications is a Microsoft-owned software solutions provider employing more than 6,500 people. Nuance controls industry-defining AI, which professionals may use to fully automate tasks, such as entering and manipulating medical records.
Weekly Cybersecurity Recap September 29
Data breaches are a huge challenge that modern organizations must deal with today. This week, we learned of several education-related breaches, as well as a few financial breaches.
Accounting Firm Brady Martz and Associates Suffers Huge Data Breach
Brady Martz & Associates is an accounting firm in Crookston, Minnesota. The company offers audits, business valuation, forensic accounts, employee benefit plans, and more.
BMO Bank Loses Customer Data in Recent Data Breach Attack
BMO Bank is the 8th largest bank in the United States, employing over 12,000 individuals. The bank manages more than $3 Billion in annual reserves and works with a huge number of customers as it has over 1,000 physical locations across the country.
Lakeland Community College in Ohio Suffered a Major Data Breach
Lakeland Community College is a public school located in Lake County, Ohio. The school serves approximately 8,700 students at one time and provides over 135 different associate degrees and technical certificates.
Delta Dental of California is Another Victim in the String of MOVEit Data Breaches
Delta Dental of California is a major dental insurance provider throughout one of the largest states in the US. The company is well-known for offering PPO dental insurance policies and other varieties of dental insurance options.
The National Student Clearinghouse Breach Exposed Millions of Students
The National Student Clearinghouse is a research facility that gathers data on students from approximately 22,000 high schools and more than 3,600 different colleges.
Pump-And-Dump Scheme: What Is It And How To Avoid It?
There are a few universal methods by which we fantasize about getting rich. We could win the lottery or inherit a fortune from a long-lost relative.
What Is a Rootkit Malware: Definition and Protection
Modern computers and anti-malware programs are incredibly sophisticated. Their power causes users to believe that any threats will be swiftly detected and dealt with.
Atrium and Novant Health Get Attacked and Patients Suffer in 2023
Both Atrium Health and Novant Health are health organizations that work with a large number of hospitals offering services. These v work with data from thousands of patients and enable standard hospital practices to occur.
Weekly Cybersecurity Recap September 22
This week, we noticed that data breach attackers targeted a substantial number of hospitals. north Carolina patients are being impacted the most currently.
Over 50k TransUnion Customers Exposed in Breach
According to a recent data dump on a hacker forum, credit giant TransUnion was recently the victim of a data breach. It's unclear whether the company itself was breached, but it does appear that TransUnion customers have been compromised.
Non-Profit Save the Children Gets Hit By Ransomware Data Attack
Save The Children is an organization that specializes in helping children live healthy lives. The non-profit works in multiple countries, helping to provide for children's needs, especially in areas affected by war or tragedy.
Many North Carolina Hospitals Suffer From Serious Chain of Data Breaches
North Carolina hospitals were under attack from a streak of data breaches back in May of this year. The breaches resulted in some lost medical and personal information for many facilities throughout North Carolina.
Caesars Entertainment Gets Hacked, Exposing Countless Gamblers
Caesars Entertainment is one of the largest casino companies in the United States and is well-known for its loyalty program. The company serves countless customers in Las Vegas and elsewhere throughout the world.
What is Public Key Infrastructure (PKI)?
Most people navigate the internet with little to no anxiety despite not knowing what goes on behind the scenes. Public Key Infrastructure is one of these background processes that allows everyday users to feel safe online.
What is FISMA Compliance?
The Federal Information Security Management Act (FISMA) was introduced as part of the E-Government Act of 2002. This act required Federal Organizations to implement an information security accreditation process designed to protect government data more efficiently.
Travel Technology Company Sabre Suffers a Vast Data Breach
Sabre is a huge technology company that serves as a powerful travel reservation system for many of the major hotels and airlines in the United States.
Weekly Cybersecurity Recap September 15
This week, data breaches were particularly bad, with attacks impacting travel technology giant Sabre, production giant Johnson and Johnson, and medical company Amerita.
Infusion Company Amerita Suffers a Data Breach Exposing Countless Patients
Amerita and Pharmerica are medical companies that offer services to nursing facilities, hospitals, individuals, and seniors. These companies specialize in infusion treatments but also provide additional medical services.
Popular Gaming Trading Platform Traderie Breached Losing User Data
Traderie is a special trading platform dedicated to enabling Animal Crossing: New Horizons, Roblox, Elden Ring, Diablo, and Rocket League players to buy and sell in-game items with one another.
Johnson and Johnson's Healthcare Service Gets Breached Exposing Many
Johnson and Johnson is a large-scale manufacturing company that provides pharmaceuticals and medical products to companies throughout the world.
What is an SSID and How to Protect It?
In this digital age, staying connected is not just a luxury but an absolute necessity. And at the heart of every wireless connection lies something called an SSID.
What Is a Packet Sniffing and How to Prevent It?
It's difficult to fathom how much information passes through a single website daily. On the extreme side of things, Google, YouTube, and Facebook had 28 billion combined visits in June 2023 alone.
Millions of Users on Freecycle are Compromised in Data Breach
Freecycle is an online platform dedicated to helping its users exchange free goods with one another. Freecycle is designed to help reduce waste by helping people give away their unwanted items instead of throwing them away.
UnitedHealthcare Patients Exposed in An Unexpected Data Breach
UnitedHealthcare is a large insurance company that serves more than 8 million Americans throughout the United States. The company gathers health, personal, and financial information and utilizes all those different data points to provide reliable insurance services.
Weekly Cybersecurity Recap September 8
Each week, new data breaches plague the public. This week, significant healthcare and retail breaches led to substantial data losses for customers and patients throughout the United States.
Cognizant Customers and Select Medicaid and Medicare Patients Exposed in Recent Breach
Cognizant is a massive IT services company with over 300,000 employees and more than $15 Billion in annual revenue. The company helps major corporations with IT services.
Over 700K Indiana Medicaid Recipients Exposed in Data Breach
The Indiana Medicaid program helps state residents who fall into a lower income bracket. These individuals use the program to obtain medical care.
More than 1 Million Callaway Customers at Risk From Security Vulnerability
Topgolf Callaway is a powerful golf company that offers modern golfing entertainment, as well as selling golf equipment in most areas of the world.
Over 500K Customers Exposed in Forever 21 Breach
Forever 21 is a large fashion company that spans across many different countries. Forever 21 has over 540 retail outlets worldwide and approximately 43,000 employees.
What is Segregation of Duties (SoD)?
Far too many businesses today experience issues with fraud or costly mistakes. Learning to prevent these issues makes your business look more professional and stops preventable financial losses from occurring.
What is Data Sovereignty and How to Use It?
Unlocking the potential of data is essential for businesses in today's digital age. However, as companies collect and store vast amounts of valuable information, a critical question arises: Who has control over this data?
Weekly Cybersecurity Recap September 1
Data breaches are becoming more and more of a problem worldwide, and this week, it's especially obvious that they're causing trouble for serious companies.
Medical Food Company Mom’s Meals Suffers Serious Data Breach Exposing More than 1M
Mom's Meals is a food service company that helps provide meals to people who are in need of help. This meal service organization works to deliver food to the homes of individuals who need help with food.
16 Hospitals Lose Data in Prospect Medical Holdings Breach
Prospect Medical Holdings is an umbrella company with over 16 separate hospitals throughout Pennsylvania, California, Rhode Island, and Connecticut.
Millions Potentially Impacted by Blue Cross of Illinois Breach
Blue Bross and Blue Shield of Illinois is the largest insurance company in Illinois, serving over 8.9 million individuals. The company handles a huge amount of medical information and is responsible for ensuring that millions of people have the medical and dental insurance they need.
Over 7 Million Alumni Hit in the University of Minnesota Data Breach
The University of Minnesota is a large research school based in Saint Paul and Minneapolis. The school works with more than 50,000 students annually and protects data from them over time.
What Is An Intrusion Detection System?
Criminals are constantly improving their security probing and penetration tactics. Their efforts make traditional cybersecurity measures more obsolete with every passing day.
What Is a Data Catalog?
A data catalog is a powerful research tool that brings together all the informational resources and stored data that a company has into one easy database that can be searched.
TMX Finance Suffers a Breach Exposing Nearly 5 Million
TMX Finance and related companies are all involved in crisis loans and emergency lending programs. The companies handle financial data for a huge number of individuals throughout the United States, and the different individuals involved with the company could be at risk for this reason.
Weekly Cybersecurity Recap August 25
Data breaches are quickly becoming one of the most damaging crimes committed today and one of the most common. Hackers are stealing valuable information from organizations at a rapidly growing rate, which means your data isn't safe for anyone.
Over 2.6 Million DuoLingo Customers Lose Data to Breach
DuoLingo is a massive language learning service that provides lessons to more than 74 million users around the world. The service offers short language lessons via a set of apps and is designed to help users learn new languages.
Over 95k M&T Bank Customers Lose Data in Recent Breach
M&T Bank was established in 1856 and is one of the largest banks in the US. It is based in Buffalo, New York, and currently has over 1,000 branches in 12 separate states.
Missouri's Medicaid Program and Mizzou Impacted By Recent Data Breaches
The state of Missouri's low-income Medicaid program through the Department of Social Services is responsible for offering medical insurance to Missourans in need.
More than 134K UMass Chan Medical Students Suffer from Recent Breach
UMass Chan Medical School is a public medical school located in Worcester, Massachusetts. The school was founded in 1962 and is part of the University of Massachusetts college system.
Two Tesla Employees Expose Confidential Company Data
Tesla, an Austin-Texas-based automaker specializing in electric vehicles, employs more than 127,000 workers worldwide today. The automaker has an annual revenue of 53.8 Billion USD and is a significant company that employees rely on to protect their data.
What is Cross-Site Scripting (XSS)?
Microsoft engineers coined the phrase Cross-Site Scripting in early 2000, and the attacks have grown to nearly 30% of all web application assaults.
What is Bluesnarfing and How to Prevent It?
We hate cables. Because of this, Bluetooth has rapidly become an integral part of daily life. Wireless headphones and smartwatches are prominent examples, but today, even our washing machines and light bulbs can connect to our phones.
Weekly Cybersecurity Recap August 18
Financial institutions and state government agencies were the main targets of hackers this week. Major organizations like Bank of America and Hospitality Staffing Solutions were hit hard resulting in huge data losses for citizens, and the states of Pennsylvania, Vermont, and Tennessee each experienced major data losses in their regulatory bodies or programs.
Tennessee Employees Lose Their Data to Consolidated Retirement System Breach
The Tennessee Consolidated Retirement System is a retirement and benefits program administered to many full-time employees throughout the state.
11K Bank of America Customers Lose Data to Breach
Ernst and Young is one of the leading consulting companies that helps with strategic and transactional taxes. The company offers excellent services to other major companies and handles a large amount of financial and personal data for all the customers impacted by them.
Thousands Impacted By PA Child Care Works Breach
The Pennsylvania Child Care Works program helps low-income families pay for their childcare costs. The program offers a portion of the childcare payment amount, and the families pay the rest.
Vitality MOVEit Data Breach Impacts GuidePoint
The Vitality Group, LLC, a business-to-business vendor that provides employee benefit services to GuidePoint Security, experienced a security vulnerability on May 30, 2023 relating to the third-party file transfer program called MOVEit.
Hospital Staffing Solutions Suffers a Data Breach Exposing Over 100K Individuals
Hospitality Staffing Solutions is a short-term employment provider or temp agency that sends workers to a variety of hospitality-related organizations.
What Is Data Enrichment and How Does It Work?
Manipulating massive amounts of raw data takes on greater significance as targeted technology develops new enrichment capabilities.
What Is Data Migration?
The rapid growth of big data has given rise to a new set of challenges when moving massive amounts of data from one computer system to another.
The Vermont Dept of Financial Regulation Gets Breached, Exposing 42K Residents
The Vermont Department of Financial Regulation is an organization that oversees the financial sector within the state. The department is split into four divisions: Securities, Banking, Captive Insurance, and Insurance.
Prudential Insurance Hit By MOVEit Breach Involving Over 320k Customers
Prudential Insurance Company of America is one of the largest financial services and insurance companies in the United States today.
Weekly Cybersecurity Recap August 11
New companies are hurt by significant data breaches every week, especially in the United States. This week insurance companies were the big target.
Progressive Insurance Hit By a Data Breach Putting 347,100 Customers at Risk
Progressive is a large insurance company based in Mayfield Village, Ohio. The company is known throughout the United States and other parts of the world and is responsible for insuring many US citizens.
Colorado Public School Students at Risk Because of Department of Education Breach
The Colorado Department of Higher Education is the government organization responsible for overseeing public education throughout the state.
Allegheny County PA the Latest MoveIT Data Breach Victims on the List
Allegheny County is the second largest county in Pennsylvania, behind Philadelphia County. It is located in Southwest Pennsylvania and has approximately 1.2 million residents.
What is Cryptography and How Does It Work
The cryptocurrency phenomenon began in 2008 with the introduction of Bitcoin. Along with the young digital currency, other digital technologies were brought to the media forefront.
What is Data Governance?
Decision-makers have always relied on information to make the best choice. However, never in history have they had so much data to draw from.
1.7 Million Oregon Health Users Lose Their Data to a PH Tech Breach
PH Tech is a specialized services company that works with health insurance companies providing some of their business and administrative services.
Fairfax Oral and Maxillofacial Surgery Gets Hacked Losing Data for Over 208k
Fairfax Oral and Maxillofacial Surgery, or Fairfax OMS, is a dental practice that first opened in Burke, Virginia, in 1980. The organization offers a mix of dental surgery services, such as bone grafting, wisdom tooth extraction, dental implants, and more.
Weekly Cybersecurity Recap August 4
Each week we look at the data losses, hacker attacks, and the state of security in the United States and around the world. This week things seem to be particularly bleak.
MSU Students Could Lose Data in MOVEit Data Breaches
Michigan State University is a large school located in East Lansing, Michigan. This public university has more than 49,000 students per semester and is set over a location spread across 5,300 acres.
PokerStars Suffers Serious Data Breach Exposing 110k People
PokerStars is one of the largest online poker rooms in the world and has millions of registered customers that use the platform to play remotely with others from different areas of the world.
Account Takeover (ATO) Fraud: What Is It and How It Happens
The impacts of account takeover fraud are genuine. According to the Javelin 2022 Identity Fraud Study, 22% of U.S. adults have been victims of account takeover attacks.
Corporations are Losing Login Credentials at an Alarming Rate, Says Flare
Major businesses from around the world are losing valuable login credentials at a rapid rate. Huge corporations are going through applications with platforms like Hubspot, Salesforce, AWS, Google Cloud Platform, DocuSign, and so many others, and during the process, they are losing valuable login credentials.
What is Steganography and How Does It Work?
We can all remember the old war stories of secret agents and the unbreakable messages back to headquarters. One of the most popular means of evil messaging secrecy was recording the text backward on a rock and roll record.
What is Data Backup?
For most businesses, data is their most valuable asset. When that data is managed correctly, it keeps an organization running smoothly with the correct information always close at hand.
Government Programs Exposed to Data Loss Because of Maximus Federal Services Breach
Maximus Federal Services is a significant government contractor that helps administrate many different US government programs.
Weekly Cybersecurity Recap July 28
Near the end of July, the MOVEit data breaches that occurred back in May are still doing serious damage and hurting major companies.
450k 1st Source Bank Customers Lost Personal Data in a Breach
1st Source Bank is a major financial institution located in Indiana and Michigan. The bank is headquartered in South Bend, Indiana, but there are 81 branches in the two states.
Businesses Lose Data in Office 365 Targeted Cyber Attacks
Microsoft is a large tech company based in the United States with operations in many other parts of the world. The organization is best known for its computer operating systems and its Microsoft 365 suite of business applications.
The National Student Clearinghouse Gets Hacked, Compromising Thousands of Students
The National Student Clearinghouse is a verification tool used by educational establishments around the country to verify students are who they say they are.
1.2 Million Patients Lose Data to Tampa General Hospital Breach
Tampa General Hospital is a mid-sized medical facility that caters to locals in the Tampa area. The hospital has 1,040 beds available and serves as a research and academic center, along with offering tertiary care to its patients.
What is Pay to Delete Scam?
A lot of scams float around the internet that some people jump at or take a little coaxing to overcome the rejections. A few scams have ready-made targets more than willing to take advantage of the possibilities the scam offers.
What is Server Message Block Protocol?
Server protocols are a set of established rules that specify how to format packets of data to send and receive from endpoint to endpoint.
Over 1 Million Impacted By Milliman Solutions Breach
Milliman Solutions is a risk-assessment company that works with life insurance providers to explain to them the total risks involved with investing in any one individual.
Weekly Cybersecurity Recap July 21
It's been a few months since the MOVEit data breach occurred, and more than 130 companies have been reported as being hit and exposed by the connected attacks.
Hillsborough County, FL is Among MOVEit File Breach Victims: More than 70k Impacted
Hillsborough County is a location in the middle of Florida, with a current population of approximately 1.4 million. The county is tasked with managing and protecting the information of a huge number of people, and it failed to do so recently.
HCA Healthcare Loses Data for Over 11 Million in Recent Breach
HCA Healthcare is one of the largest health systems in the United States today. The company has millions of patients and manages data for countless hospitals, private practices, specialty offices, and more.
Seven Idaho Colleges Suffer Breaches: Students and Staff Impacted
Idaho is home to many popular universities that serve millions of students annually. Seven of the schools in Idaho were recently impacted by a data breach that resulted in a substantial amount of lost information.
What is the NIST Cybersecurity Framework
Created in 1901, the National Institute of Standards and Technology (NIST) was established to remove several challenges to US Industrial competitiveness.
How to buy a house with bad credit.
Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.
How Secure Is Your Password? Tips to Improve Your Password Security
Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.
Top 10 Senior Scams and How to Prevent Them
Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.
What is the Dark Web: Things You Need To Know Before Accessing The Dark Web
The dark web, also known as the "darknet", is a portion of the internet that lies outside the boundaries of traditional search engines.
Secure Wi-Fi and Wireless Technology Security Tips
Your Wi-Fi network is another handy access point that hackers use to infiltrate your computers, steal your identity, and grab your personal details.
Adult Friend Finder Hacked, 412 Million Accounts Exposed
Six databases that were owned by Friend Finder Networks, Inc. suffered a massive data breach in 2016, which cost 412 million users their accounts.
How to Erase Yourself from the Internet
In this highly digital age, it is near impossible to erase all information online about yourself, but you can do a lot to remove online information and minimize your risk of identity theft or worse.
Credit Freeze vs. Lock: What’s the Difference?
With all our technology and connectedness comes a price, vulnerability. Now more than ever before, our credit and identities are at risk from cybercriminals, thieves, and hackers.
Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.
ghost touch or hacked?
It has happened couple of times that I click on the home button, and I find a ghost touch clicking on several apps but not opening them, mainly viber, whataspp, settings, photos. Can I be that someone has remotely cloned my iphone and reading up to date my communications, or that it is some kind of glitch?anyone else have this with an iphone8?
I dont think it has happened since I installed the 12.2. and put a passcode.
iPhone 8, iOS 12
Posted on Apr 17, 2019 11:35 AM
- Hacked or Ghost touch My phone is opening applications and completing actions without being touched. I have reset the phone to factory settings and it is still doing this. How do I fix this? 283 1
- Ghost touch on my iPhone XR I’m currently experiencing this thing called ghost touch on my iPhone XR and I don’t know what to do. For those who don’t know what ghost touch is, it’s when your phone clicks and types random things without you touching it. It also won’t let me touch my top left or right corner and idk why. I’ve updated it, reset it, and restart it. I don’t know anything else to do. can someone help or give me tips? [Re-Titled by Moderator] 310 2
- Ghost touch I’m facing the automatic touch like opening some random apps and all like ghost in my iphonex 425 2
Loading page content
Page content loaded
Apr 17, 2019 11:37 AM in response to Nova2020
Your phone has not been "hacked".
That's symptomatic of a failing touch-screen.
Apr 17, 2019 11:38 AM in response to KiltedTim
Ok, then how come it hasnt happened since? If its symptomatic of a failing touch-screen, I am assuming it would be getting worse.
Apr 17, 2019 11:49 AM in response to Nova2020
Not necessarily, it may stay at that level for some time. If you have jailbroken your iPhone it is possible it was hacked. Have you done that?
Apr 17, 2019 11:54 AM in response to deggie
No I havent, however once I did a hard reset the problem went away. Are you saying that its not possible for someone to hack an iphone and click on different apps without opening them?
Apr 17, 2019 11:57 AM in response to Nova2020
I'm saying it is not possible if you are up to date with your iOS version and you have not jailbroken your iPhone. So are you saying since you did the forced restart the problem has not returned?
- Executive Team
- Cyber-Security And Compliance
- VoIP Phones
- Access Control And Camera Systems
- Co-Managed IT
- Our Clients
- Cyber-Security For Small to Midsize Businesses
- ThreatLocker Cybersecurity Webinar
- Support Center
- (877) 358-9388
-or- call the location near you
- Alpharetta – (404) 424-8585 1720 Windward Concourse, Suite 300, Alpharetta, GA 30005
- Marietta – (404) 424-8585 757 Franklin Rd, Marietta, GA 30067
- Milledgeville – (478) 387-0157 286 Jones Dr, Milledgeville, GA 31061
- Vidalia – (912) 325-3120 308 Maple Dr, Vidalia, GA 30474
- Athens – (706) 389-1890 675 Pulaski St, Unit #900, Athens, GA 30601
- Metter - (912) 685-8324 30 S Rountree St, Metter, GA 30439
- Raleigh – (919) 832-5553 3141 John Humphries Wynd, Ste 136, Raleigh, NC 27612
- Roanoke – (540) 265-1200 6711 Peters Creek Rd, Suite 204, Roanoke, VA 24019
- Clearwater – (727) 489-9820 2963 Gulf to Bay Boulevard, Suite 323, Clearwater, FL 33759
- Tampa – (813) 444-4640 5005 W Laurel St, Suite 112, Tampa, FL 33607
to talk to an expert today!
Researcher from Zhejiang University in China and the Technical University of Darmstadt in Germany have recreated hacking techniques known as Ghost Touch, which enables the hacker to control a touch screen without actually touching it. One experiment involves the use of charging cables, others with electromagnetic field interference. All with the goal of utilizing the touch screen from a distance.
In the case of electromagnetic signals, a device might be planted underneath a tabletop to target phones being placed on the surface.
“As many as nine different smartphone models have been found vulnerable to GhostTouch, including Galaxy A10s, Huawei P30 Lite, Honor View 10, Galaxy S20 FE 5G, Nexus 5X, Redmi Note 9S, Nokia 7.2, Redmi 8, and an iPhone SE (2020), the latter of which was used to establish a malicious Bluetooth connection.” (The Hacker News).
There may be ways to prevent vulnerability to real life scenarios.
“To counteract the threat, the researchers recommend adding electromagnetic shielding to block EMI, improving the detection algorithm of the touchscreen, and prompting users to enter the phone's PIN or verify their faces or fingerprints prior to executing high-risk actions.” (The Hacker News).
Attacks through charging cables are known as WIGHT: Wired Ghost Touch.
“In a newly published paper titled ' WIGHT: Wired Ghost Touch Attack on Capacitive Touchscreens ' the researchers say they had success when tested on a Samsung Galaxy S20 FE and Apple iPhone SE (2020) as well as devices from Huawei, LG, and Xiaomi.” (Forbes).
WIGHT has three main attack modes. “An injection attack that creates a ghost touch without a user physically touching the screen at all, an alteration attack that can change the actual position of a physical touch to another determined by the hacker, and a denial-of-service attack that totally prevents the targeted smartphone from being able to detect any legitimate, physical, touch.” (Forbes).
The use of USB data blockers is still recommended.
Have any questions about cyber-security? Responsive Technology Partners is the leading cyber-security expert in the Athens, Metter, Milledgeville, Vidalia, and Atlanta, Georgia areas. We also have locations in Tampa, Florida, Roanoke, Virginia, and Raleigh South Carolina. Service offerings include I.T. support, cyber-security and compliance, telephony, cloud services, cabling, access control, and camera systems. Our company’s mission is to provide world-class customer service through industry leading I.T. solutions that make every customer feel as if they are our only customer. Please visit our website to learn more: https://www.responsivetechnologypartners.com/ .
The Hacker News. https://thehackernews.com/2022/05/attackers-can-use-electromagnetic.html?_m=3n%2e009a%2e2748%2egn0ao443h6%2e1r73
How cybercriminals are exploiting the silicon valley bank shutdown, large scale okta phishing campaign targets many organizations, the best way to keep your company secured today..., several new issues being seen with apple’s latest ios, strengthening your business’s security: best practices for password protection, eliminate all it worries today.
Do you feel unsafe with your current security system? Are you spending way too much money on business technology? Set up a free 10-minute call today to discuss solutions for your business.
Schedule Your Call Today!
Booking.com Multistep Phishing Campaign
October 14th, 2023
The Benefits of IaaS for Business
October 13th, 2023
Facebook LinkedIn Instagram