Critical WiFi vulnerability Frag attacks to impact millions of devices
By MYBRANDBOOK
Belgian security researcher specializing in Wi-Fi bugs has unearthed a clutch of new ones, which he called FragAttacks, that affect the Wi-Fi standard itself. The name is short for “fragmentation and aggregation attacks.”
Mathy Vanhoef, the Belgian security researcher who discovered the FragAttacks, said in a post that three of the vulnerabilities are design flaws in the Wi-Fi standard and therefore “affect most devices.” Several other vulnerabilities are caused by “widespread programming mistakes,” he said, with experiments indicating that “every Wi-Fi product is affected by at least one vulnerability,” with most affected by several.
Vanhoef knows his Wi-Fi protocols and how to shred them: He previously discovered the KRACK attack, a devastating weakness in the WPA2 protocol that allows attackers to decrypt encrypted traffic, steal data and inject malicious code, depending on the network configuration. He also found the RC4 NOMORE attack, which helped drive nails into the coffin of the RC4 encryption algorithm, as well as the Dragonblood attack against WPA3 Wi-Fi networks that would allow attackers to steal passwords.
Using a VPN can prevent attacks where an adversary is trying to exfiltrate data, but it won’t prevent an attacker from bypassing your router’s NAT/firewall to directly attack devices.
Vanhoef passed along these general security best practices:
· Update your devices, including IoT/smart devices, which don’t all receive regular updates
· Don’t reuse your passwords
· Back up important data
· Keep off of dicey websites
· Double-check that websites you visit use HTTPS, or better yet, install the HTTPS Everywhere plugin, which forces HTTPS usages on websites that are known to support it
· Manually configure your DNS server to prevent poisoning.
Singapore to remove One-Time Passwords from Bank Accounts
According to the Monetary Authority of Singapore, clients who utilise secur...
Is 375 million Airtel subscribers database breached?
When a hacker claims to have accessed and put up for sale a customer databa...
The government of India intends to construct a single portal f
A single portal will be launched by the Indian government to list all of it...
OpenAI offers GPT-4o, a faster model available to all users at
GPT-4o, a faster and more sophisticated AI model, is made available to all...
BEETEL TELETECH LTD.
BPE INDIA PVT. LTD.
INFOSYS TECHNOLOGIES PVT. LTD.
FIRE BOLTT
Icons Of India : PRATIVA MOHAPATRA
Prativa is a transformational leader with an incredible breadth of exp...
Icons Of India : Debjani Ghosh
Debjani Ghosh is the President of the National Association of Software...
ICONS OF INDIA : RITESH AGARWAL
Ritesh Agarwal is an Indian billionaire entrepreneur and the founder a...
IOCL - Indian Oil Corporation Ltd.
IOCL is India’s largest oil refining and marketing company ...
NSE - National Stock Exchange
NSE is the leading stock exchange in India....
UIDAI - Unique Identification Authority of India
UIDAI and the Aadhaar system represent a significant milestone in Indi...
Indian Tech Talent Excelling The Tech World - NEAL MOHAN, CEO - Youtube
Neal Mohan, the CEO of YouTube, has a bold vision for the platform’s...
Indian Tech Talent Excelling The Tech World - AJAY BANGA, President - World Bank
Ajay Banga is an Indian-born American business executive who currently...
Indian Tech Talent Excelling The Tech World - ARVIND KRISHNA, CEO – IBM
Arvind Krishna, an Indian-American business executive, serves as the C...