Good news ! Hackbusters community is waiting for you !  https://discuss.hackbusters.com
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

Fujitsu wireless keyboard model vulnerable to keystroke injection attacks

Fujitsu-keyboard
Image: SySS GmbH

Fujitsu LX wireless keyboards are susceptible to keystroke injections, SySS GmbH, a German pen-testing firm revealed today.

The attacks allow a threat actor to beam wireless radio signals to the keyboard's receiver (USB dongle) and inject rogue keyboard presses on a user's computer.

Fujitsu was notified of the vulnerability but has not released any firmware patches.

Bug caused by developer blunder

In a report published today, SySS GmbH security researcher Matthias Deeg said the vulnerability is not caused by the keyboard and its USB receiver using weak cryptography. In fact, the two components work via a properly secured communications channel.

Instead, the flaw resides with the USB receiver alone, which besides accepting the keyboard's encrypted communications also accepts unencrypted data packets that use the format described in a demo design kit that Fujitsu devs appear to have left behind on the USB dongle.

Furthermore, Deeg says that if this keystroke...(continued)

View All Trending Stories