Every WiFi connection at risk of new “KRACK” WiFi hacking attack

The first new WiFi security vulnerability to be found in 14 years is real a doozey!  

 

The WPA2 encryption protocol which is widely used to secure WiFi traffic is at risk from multiple vulnerabilities, collectively known as “KRACK Attacks”, or Key Reinstallation AttACKs, that were publicly disclosed on October 16, 2017. Every single WiFi connection currently in use is potentially at risk of being hacked security researchers disclosed in a recently released research paper.  These vulnerabilities effect both WiFi Access Points or Routers as well as WiFi enabled devices such as Phones, Laptops, Cameras and any devices connected to and communicating over a WiFi network.

The attacks, which cannot be carried out remotely, allow a malicious individual to replace, or reinstall, one of the security keys used to encrypt the communications on a WiFi network with a key of the attacker’s choosing.  This allows an attacker to gain access to otherwise encrypted data.  This could allow them to view your passwords, credit card numbers, photos and snoop on all traffic sent over the WiFi network.  If your home or business uses a single network for Wired and Wireless communication, as most off-the-shelf routers do, this could even include communications to wired devices as well.  While the attack is not technically easy to complete for all devices, tools are likely to be made available shortly that will allow less technically savvy people to carry out the attack.

As of this time, the only way to fix this flaw would be to manually replace or patch every WiFi device in existence currently, no small feat.  Given that the publication of these vulnerabilities has been withheld, a fix is likely already in the works — or already completed — from major device vendors, but this will only affect those devices that are currently receiving software updates.  Older, abandoned devices, will likely remain vulnerable to these attacks.

Full details on the attacks with P.O.C. demonstrations and further news are available on the following website:

 

KRACK Attacks: Breaking WPA2

Dozens of online file converter websites may have been compromised

 

Recently, a security researcher made an alarming discovery when it was found that a server hosting several popular file conversion web sites had been hacked.  The researcher, who asked not to be named for fear of legal repercussions, recently told ZDNet that the attacker behind the hack had obtained “full root access” to the server and it’s contents.

The researcher claimed the level of access would allow an attacker to quietly copy any file uploaded to the sites, but said it was “impossible to tell” what the root shells were being used for, or if they were even in active use.

The Paris-based server hosted sites including combinepdf.com, imagetopdf.com, jpg2pdf.com and many others.  These sites allow users to convert files and documents to other formats.  While they are hardly the most popular sites in the world, it is estimated that thousands of people use the sites every day, based on various traffic metrics and statistics sites.

The server was found by the researcher to be vulnerable to a year-old set of bugs found in the ImageMagick library, a commonly used tool to convert images. The bugs, known collectively as “ImageTragick,” are extremely easy to exploit — in one case, as simple as uploading an image file containing four lines of code to the server. The bug is so serious that Facebook paid a record bug bounty to a researcher who found that the social network was vulnerable, and Yahoo stopped using the software altogether. Countless servers and websites remain unpatched to this day.

As soon as an exploit file is uploaded to a vulnerable server, the code runs.  This opens a bind shell on the server which listens for commands or code from the attacker.  According to the researcher, there were 3 other bind shells open on this server.  Exactly who was using them or what they were doing remains unknown.

“The impact of this incident is concerning to me,” said the security researcher. “All data going in or out of the server was being tampered with for months on end without the server owner noticing it.”

The full list of affected domains includes:

booktitlegenerator.com
combinepdf.com
compressjpeg.com
compresspng.com
coollastnames.com
croppdf.com
cutecatnames.com
cutedognames.com
djvu2pdf.com
dragonnamegenerator.com
ebook2pdf.com
epub2kindle.com
exceltopdf.com
horsenamegenerator.com
html2pdf.com
htmlformatter.com
imagetopdf.com
jpg2pdf.com
jpg2png.com
mobi2epub.com
odt2pdf.com
optimizilla.com
palettegenerator.com
pdf2kindle.com
pdf2mobi.com
pdf2png.com
pdfcompressor.com
pdfepub.com
pdfjoiner.com
pdfmobi.com
pdftoimage.com
pdftotext.com
png2jpg.com
png2pdf.com
pngjpg.com
psd2pdf.com
pubtopdf.com
ringer.org
ringtonecutter.com
ringtonemaker.com
rtftopdf.com
shrinkpdf.com
summarygenerator.com
svgtopng.com
toepub.com
topdf.com
unminify.com
wordtojpeg.com

Read the full article below:

The Man Who Wrote Those Password Rules Has a New Tip: N3v$r M1^d!

Bill Burr’s 2003 report recommended using numbers, obscure characters and capital letters and updating regularly—he regrets the error

The man who wrote the book on password management has a confession to make: He blew it.

Back in 2003, as a midlevel manager at the National Institute of Standards and Technology, Bill Burr was the author of “NIST Special Publication 800-63. Appendix A.” The 8-page primer advised people to protect their accounts by inventing awkward new words rife with obscure characters, capital letters and numbers—and to change them regularly.

The document became a sort of Hammurabi Code of passwords, the go-to guide for federal agencies, universities and large companies looking for a set of password-setting rules to follow.

The problem is the advice ended up largely incorrect, Mr. Burr says. Change your password every 90 days? Most people make minor changes that are easy to guess, he laments. Changing Pa55word!1 to Pa55word!2 doesn’t keep the hackers at bay.

Read More

Massive Code Breach Worries Security Researchers.

A massive trove of Microsoft’s internal Windows operating system builds and chunks of its core source code have leaked online.

The leaked code is Microsoft’s Shared Source Kit: according to people who have seen its contents, it includes the source to the base Windows 10 hardware drivers plus Redmond’s PnP code, its USB and Wi-Fi stacks, its storage drivers, and ARM-specific OneCore kernel code.

Anyone who has this information can scour it for security vulnerabilities, which could be exploited to hack Windows systems worldwide. The code runs at the heart of the operating system, at some of its most trusted levels.

Netizens with access to Beta Archive’s private repo of material can, even now, still get hold of the divulged data completely for free. It is being described by some as a bigger leak than the Windows 2000 source code blab in 2004.

Spokespeople for Microsoft were not available for comment.

Read more below:

 

Now Offering Remote Android Support

Remote support has long been a staple of the IT world.  Having the ability to remotely connect to a client’s computer and help them fix their issues has become a standard offering in most IT shops.

Power On Computing is pleased to now offer this functionality for our Android device users as well.  Simply download the Inkwire application from the play store, generate an access code to share your screen and we will remotely connect to your device to fix your issues.

Inkwire is available on the Google Play Store for free – https://play.google.com/store/apps/details?id=com.koushikdutta.inkwire&hl=en

Inkwire Screen Share + Assist – Android Apps on Google Play

Scammers can trick Microsoft Edge into displaying fake security warnings

Hopefully, by now, many readers will be aware of the scam messages that can pop up on your computer screen telling you that your computer may be at risk, and to call a special number for “technical support”.

Of course, the scam warnings are not legitimate and the person you are calling is not a real Microsoft support engineer. And yet, many computer users have been fooled into making contact, and ended up either with an expensive and unnecessary bill or granting hackers access to their PC.

The scams are more successful for the fraudsters the more convincing that their warning appears.

Now a security researcher has discovered a way that scammers can subvert a mechanism in the Microsoft Edge browser that was built with the intention of protecting users from dangerous websites – to actually help a scam be committed. . .

 

Continued below

SUPPORT THE RIGHT TO REPAIR!

FriendS,

I wrote a letter for the campaign “Support the Fair Repair Bill in Nebraska”.

As consumers, we have the right to the following from the companies that we support: Information: The documentation, software, and legal ability we need to repair our own products — or choose someone we trust to do it for us. Parts + Tools: Fair access to service parts and tools, including diagnostics. Unencumbered Resale: We should be able resell our products (including the software needed to operate them). Write a letter to your Senator in the Nebraska unicameral now and tell them why this is important to you.

Can you join me and write a letter? Click here: http://nebraska.repair.org/?source=email&

Thanks!