Every WiFi connection at risk of new “KRACK” WiFi hacking attack

The first new WiFi security vulnerability to be found in 14 years is real a doozey!  

 

The WPA2 encryption protocol which is widely used to secure WiFi traffic is at risk from multiple vulnerabilities, collectively known as “KRACK Attacks”, or Key Reinstallation AttACKs, that were publicly disclosed on October 16, 2017. Every single WiFi connection currently in use is potentially at risk of being hacked security researchers disclosed in a recently released research paper.  These vulnerabilities effect both WiFi Access Points or Routers as well as WiFi enabled devices such as Phones, Laptops, Cameras and any devices connected to and communicating over a WiFi network.

The attacks, which cannot be carried out remotely, allow a malicious individual to replace, or reinstall, one of the security keys used to encrypt the communications on a WiFi network with a key of the attacker’s choosing.  This allows an attacker to gain access to otherwise encrypted data.  This could allow them to view your passwords, credit card numbers, photos and snoop on all traffic sent over the WiFi network.  If your home or business uses a single network for Wired and Wireless communication, as most off-the-shelf routers do, this could even include communications to wired devices as well.  While the attack is not technically easy to complete for all devices, tools are likely to be made available shortly that will allow less technically savvy people to carry out the attack.

As of this time, the only way to fix this flaw would be to manually replace or patch every WiFi device in existence currently, no small feat.  Given that the publication of these vulnerabilities has been withheld, a fix is likely already in the works — or already completed — from major device vendors, but this will only affect those devices that are currently receiving software updates.  Older, abandoned devices, will likely remain vulnerable to these attacks.

Full details on the attacks with P.O.C. demonstrations and further news are available on the following website:

 

KRACK Attacks: Breaking WPA2

Massive Code Breach Worries Security Researchers.

A massive trove of Microsoft’s internal Windows operating system builds and chunks of its core source code have leaked online.

The leaked code is Microsoft’s Shared Source Kit: according to people who have seen its contents, it includes the source to the base Windows 10 hardware drivers plus Redmond’s PnP code, its USB and Wi-Fi stacks, its storage drivers, and ARM-specific OneCore kernel code.

Anyone who has this information can scour it for security vulnerabilities, which could be exploited to hack Windows systems worldwide. The code runs at the heart of the operating system, at some of its most trusted levels.

Netizens with access to Beta Archive’s private repo of material can, even now, still get hold of the divulged data completely for free. It is being described by some as a bigger leak than the Windows 2000 source code blab in 2004.

Spokespeople for Microsoft were not available for comment.

Read more below:

 

New malware tactics on the rise

Beware of new malware seen first in Germany that targets the MBR (Master Boot Record) of your computers hard drive rendering it completely unusable and files difficult to recover.

Unlike “traditional” ransomware, this new method targets specific portions of your hard drive and in doing so it operates extremely quickly compared to encrypting each file.

Users report infection happens when they download the target payload from a shared file service such as dropbox or a link submitted through email posing as a job application.  Once infected, the PC’s MBR file is overwritten and the PC rebooted.  Users report seeing a fake “Check Disk” prompt after reboot whereby the malware encrypts the MFT file (Master File Table) removing all physical links to every file on the hard drive.

After encrypting the MFT, the malware displays the ransom message followed by an ASCII image of a skull and crossbones.