If you use a Netgear router, you'll want to disable remote administration. In today's video, I talk about two zero day vulnerabilities the Shellshock Labs found in a line of popular Netgear broadband routers. In a nutshell, if an attacker can access the administrative web page, she can gain complete control of your router. Press play to learn more about these flaws, and what … [Read more...]
The Hazards of Using Public WiFi Access Points
Editor's note: I'm excited to share a cool new security site with you. Pulitzer prize winning journalist, Byron Acohido, has launched a fresh site dedicated to keeping consumers and businesses informed about emerging information security (infosec) and privacy issues. I first met Byron while he was doing a USA Today story on Java's security risk, and I'm excited to see him … [Read more...]
DarkHotel & iOS Masque – WSWiR Episode 129
MS Patch Day, DarkHotel, and iOS Masque Too much Information Security (InfoSec) news, too little time? I sometimes feel the same way. If you don't have time to keep up yourself, why not watch our weekly InfoSec video to catch the highlights. This week, I share the highlights from Microsoft Patch Day, talk about a targeted attack preying on executives in hotels, and warn of a … [Read more...]
Wi-Fi Protected Setup (WPS) Undermines Wireless Security
Over the years, we've had to deal with vulnerabilities and weaknesses in wireless security protocols, such as the deprecation of the WEP protocol due to design flaws. Now, a standard that was designed to make wireless security easier, actually makes it less secure. For those of you who haven't heard of Wi-Fi Protected Setup (WPS) — which frankly included me until recently … [Read more...]