MIT researchers have devised a protocol to flummox man-in-the-middle attacks against wireless networks. The all-software solution lets wireless radios automatically pair without the use of passwords and without relying on out-of-band techniques such as infrared or video channels. Dubbed Tamper-evident pairing, or TEP, the technique is...
A bold new type of malware has been identified. Its attack vector is based on hijacking the DNS settings for devices on a local area network. Any device regardless of operating system that depends on an internal or external name server can be affected. The trojan...
Technical problems with the license management servers at SonicWall Inc. created havoc last week for users of the company's firewall and e-mail security products, leaving many companies temporarily unprotected against spam, phishing and malware threats. The problems resulted in affected enterprise users of the SonicWALL UTM...
Triggerfish, also known as cell-site simulators or digital analyzers, are nothing new: the technology was used in the 1990s to hunt down renowned hacker Kevin Mitnick. By posing as a cell tower, triggerfish trick nearby cell phones into transmitting their serial numbers, phone numbers, and...
Early coverage of the Wi-Fi WPA TKIP Key crack indicated that TKIP keys were broken, but ars technica clears up the details of the attack: They are not. "We only have a single keystream; we do not recover the keys used for encryption in generating the...
Via Slashdot: Researchers Erik Tews and Martin Beck 'have just opened the box on a whole new hacker playground, says Dragos Ruiu, organizer of the PacSec conference. At the conference, Tews will show how he was able to partially crack WPA encryption in order to read...
A national cyber-security strategy that will seek to protect key infrastructure as well as Canadians' identities is on the way , an RCMP executive says. Details of the strategy — a partnership between the public and private sectors — will emerge over the next few months,...
Via Wired: Two security researchers have demonstrated a new technique to stealthily intercept internet traffic on a scale previously presumed to be unavailable to anyone outside of intelligence agencies like the National Security Agency. The tactic exploits the internet routing protocol BGP (Border Gateway Protocol) to let...
Google announced today that it is seeking to develop grass roots support for its "white spaces" campaign at the FCC, its lobbying effort to convert some radio airwaves in order to provide wireless broadband access. The "Free the Airwaves" campaign invites consumers to sign a petition,...
A new driver by Atheros has been released for use in Linux. It is licensed under the ISC license, so BSD users should be able to make use of the drivers as well. The new driver doesn't use a proprietary hardware abstraction layer and no firmware...