When it comes to securing your Wi-Fi network, we always recommend WPA2-PSK encryption. It’s the only really effective way to restrict access to your home Wi-Fi network. But WPA2 encryption can be cracked, too — here’s how.
As usual, this isn’t a guide to cracking someone’s WPA2 encryption. It’s an explanation of how your encryption could be cracked and what you can do to better protect yourself.
Microsoft today deviated from its regular pattern of releasing security updates on the second Tuesday of each month, pushing out an emergency patch to plug a security hole in all supported versions of Windows. The company urged Windows users to install the update as quickly as possible, noting that miscreants already are exploiting the weaknesses to launch targeted attacks.
It’s easy to setup and use; as of August 2014 there had been over 10 million user installs that resulted in 80 petabytes of data transferred. In fact, many folks are using network-attached storage (NAS) systems and BitTorrent Sync “to create a secure, easy-to-manage private cloud that is free of subscription fees.”
The US State Department's unclassified e-mail systems were the victim of a cyberattack in recent weeks, around the same time as White House systems were breached, a senior US official said.
The official, who spoke on condition of anonymity, said no classified systems were compromised. Portions of State's unclassified systems have been shut down to improve security but should be back online shortly.
Researchers at Trend Micro are warning that a new version of the Bashlite malware is using the ShellShock vulnerability (CVE-2014-6271) to gain control of devices using BusyBox.
BusyBox is built on top of the Linux kernel and is used by devices such as routers. According to Trend Micro, recent samples of Bashlite (ELF_BASHLITE.SMB) scan networks for devices and machines running on BusyBox, logs in using a set of usernames and passwords, and then runs a command to download and run bin.sh and bin2.sh scripts to gain control over the BusyBox system.
BlackBerry has unveiled its new mobile-device management and security platform and struck wide-ranging partnerships to bolster its capabilities, sending its shares more than 6 per cent higher.
BlackBerry said it would team up with Samsung to provide a "highly secure mobility solution" for Samsung's Android phones. The system couples the Canadian company's device management capability with the KNOX software embedded on Samsung's Galaxy phones and tablets, and will be available in early 2015, the companies said.
HP held its annual Mobile Pwn2Own competition in Tokyo, Japan from 11-12 November. The purpose of this event was for security researchers, developers and hackers to exploit various phones through some previously unknown bug and then report it to the respective handset maker so the vulnerability could be patched and fixed.
The newspaper Süddeutsche Zeitung reports that the German spy agency BND will spend €28 million on what it calls its 'Strategic Technical Initiative' (SIT) next year, and that it has asked the German government for a further €300 million (original in German). The German edition of the English-language site "The Local" explains how the money will be used:
The aim of the programme is to penetrate foreign social networks and create an early warning system for cyber attacks.
Chinese hackers have attacked the US weather satellite network, causing services to be sealed off for a period.
The US regularly accuses China of state sponsored assaults on its businesses, industries and utilities.
The US is currently talking of a cooling in trade hostilities that would ensure the smooth passage of technology sales, but the cyber attack allegations still keep coming. The Washington Post reported that the weather satellite attacks happened in September, but were not revealed until late October.
A researcher with IBM said that a dangerous bug that existed in every version of Windows from Windows 95 onwards has finally been fixed.
Robert Freeman, manager of IBM X-Force, said that it told Microsoft about the bug in May this year and at last Microsoft is fixing it.
