Category: Uncategorized

The Persistent Myth of the Air Gap The “air gap” has long been considered an effective solution to protect sensitive environments. By physically separating critical systems from corporate and public networks, operators believed they had closed off the most dangerous attack vectors. This confidence, however, rests on an outdated assumption: that attackers only operate through wired networks or internet connections. Modern adversaries no longer need to penetrate traditional networks to reach their targets. With the widespread use of wireless technologies…

By Luke Whiting — 18 July 2025 A security flaw disclosed last month in Air Keyboard, an iOS app that turns iPhones into wireless keyboards & mice for computers, remains unresolved on Apple’s App Store. The vulnerability allows anyone connected to the same Wi-Fi network to inject keystrokes onto a victim’s device without a password prompt, according to a technical advisory published on 13 June by the vulnerability archive CXSecurity. The persistence of the vulnerability was confirmed this week by the mobile security…

Introduction AI data centers are becoming the backbone of modern innovation, powering everything from generative AI applications to high-performance analytics and data processing. These facilities process massive volumes of sensitive data and operate with strict requirements for uptime and security. Historically, operators relied on physical barriers, wired firewalls, and endpoint controls to protect infrastructure. But in an AI-driven environment, the traditional perimeter is no longer enough. Wireless devices, from IoT sensors to unauthorized hotspots, create an invisible layer of risk…

When responders opened an innocuous cabinet at a regional branch of an international bank this spring, they found a Raspberry Pi single‑board computer that should never have been there. LightBasin operators had slipped the board into place, paired it with a 4G USB modem, and plugged its USB‑C power lead into the nearest outlet. The improvised kit offered a clean cellular path straight into the bank’s internal network, quietly sidestepping every perimeter firewall and NAC control the institution relied on…

August 20, 2025 — San Diego The U.S. Attorney’s Office (S.D. Cal.) announced today that Jinchao “Patrick” Wei, 25, an active‑duty U.S. Navy sailor assigned to the USS Essex, was convicted by a federal jury on six counts, including conspiracy to commit espionage, espionage, and multiple Arms Export Control Act/ITAR violations for exporting defense technical data.  According to trial evidence, Wei sold thousands of pages of technical and operational information, photographs, videos, and ship location data to a PRC intelligence…

This year has had its share of noteworthy stories touching upon wireless threats. Below is the top 10 most interesting stories for the first half of 2025, along with any relevant updates. 1:  Chinese park‑bench bugs and mobile spying on UK officials UK Security sources reported Chinese intelligence operatives have been planting covert listening devices in and around Westminster. UK sources previously reported that military doctors received warnings of adversaries targeting their phones to extract information on medical personnel. Officials…

The Growing Wireless Attack Surface Corporate environments now host thousands of unmanaged wireless devices, ranging from tablets, wireless headphones, Bluetooth-enabled coffee mugs, and wireless peripherals to employee phones and smart building controls, each of which is a potential threat vector. Unmanaged radios now outnumber managed assets in many enterprises. Meanwhile, as wireless communications technologies evolve, so do the vulnerabilities they contain. In 2024 alone, researchers identified more than 700 new wireless vulnerabilities, representing a 25% increase in new wireless CVEs…

Industrial environments and critical infrastructure operators are increasingly dependent on Operational Technology (OT) networks, including Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA) systems, and Internet of Things (IoT) devices. These systems form the backbone of essential services, such as energy, water, transportation, emergency warning systems, and manufacturing. Although OT networks have traditionally focused on safety, reliability, and availability, many of these environments were not originally architected to withstand modern cyber threats. Wireless connectivity has become a cornerstone…

A fast-moving Android remote-access Trojan known as PlayPraetor has breached more than 11,000 smartphones in under three months, giving financially motivated criminals real-time control of victims’ devices and a direct path into nearly 200 mobile-banking and cryptocurrency apps. Researchers at Cleafy, who traced the infrastructure behind the attack, say the campaign is no ordinary operation. PlayPraetor relies on a Chinese-language command-and-control (C2) panel with multi-tenant support that lets dozens of affiliates rent malware, spin up convincing Google Play look-alike pages,…

San Francisco, CA — A federal grand jury has unsealed a three‑count indictment charging two men with acting as unregistered agents of the People’s Republic of China (PRC), conspiring to recruit U.S. Navy personnel while funneling cash payments through clandestine communication systems and ordinary mobile phones. Yuance Chen, 38, a legal permanent resident living in Happy Valley, Oregon, and Liren “Ryan” Lai, 39, who arrived in Houston from China in April on a tourist visa, are accused of working under the direction…