How can an organization protect its employees and customers from Wi-Fi attacks such as Karma or man-in-the-middle (MiTM)? The convenience of public Wi-Fi drives people to connect to it in droves, but hackers can take advantage of the lax security practices of most public hotspots to steal people’s information. How can we stop these attacks before they happen? In a … [Read more...]
BB-8 Hacked – Daily Security Byte EP. 204
Today's video covers an Internet of Things (IoT) hack for Star Wars geeks (like me). It's not really dangerous, and probably won't get exploited in the next "cyber war," but its interesting nonetheless. Watch below to learn more. (Episode Runtime: 2:42) Direct YouTube Link: https://www.youtube.com/watch?v=3YREQah6PXQ EPISODE REFERENCES: Researchers blog post on small … [Read more...]
WatchGuard Breaks Logjam and Protects Encrypted Connections
This week, a group of university researchers disclosed a new vulnerability affecting the Diffie-Hellman key exchange. The Diffie-Hellman (DH) key exchange is a cryptographic method for two systems to establish a shared secret over a public communication channel, which they later use to encrypt their communications. Many encryption protocols, including HTTPS, SMTPS, IPSec VPN, … [Read more...]
China’s Great Cannon – Daily Security Byte EP.65
Two weeks ago experts blamed China for a DDoS attack against Github. This week, researchers describe the Great Cannon tool that China allegedly uses for these sorts of attacks. Press play to learn more, and to hear how I think we should combat this threat. (Episode Runtime: 2:30) Direct YouTube Link: https://www.youtube.com/watch?v=stx9IRTcUBo EPISODE REFERENCES: Citizen … [Read more...]
Google vs. CNNIC – Daily Security Byte EP.58
Google has discovered unauthorized digital certificates being used in a SSL man-in-the-middle attacks in Egypt. They tracked the certs to CNNIC and decided to remove the popular Chinese certificate authority from Chrome's trust chain. Watch the video for more details. (Episode Runtime: 2:37) Direct YouTube Link: https://www.youtube.com/watch?v=hKUs-kLKa50 EPISODE … [Read more...]