WPA TKIP WI-FI ENCRYPTION CRACKED...AGAIN!!

Does your business or home use WPA TKIP WI-FI Encryption? If it does you must read this.

It has been recently reported that the WI-Fi Protected Access, or WPA type of encryption has been cracked for the second time in as many years. Most businesses have switched over to the WPA style of WI-Fi encryption ever since the WEP (Wired Equivalent Privacy) System was made "...effectively pointless within a few years of its introduction in 1997," as reported by TechSpot.com/news. The WPA system uses a Temporal Key Integrity Protocol and has become the standard in Wi-Fi network security.

In The Beginning...

The first attack in 2008, commonly known as the "Becks-Tews" attack, was researched and orchestrated by Martin Beck and Erik Tews. It worked by intercepting short packets, reading and falsifying the information. This attack had it's limitations. Though the targets were the same WPA TKIP encryption system as the new attack, it needed the support of 802.11e QOS and it would take between 12-15 minutes to execute the attack but by then most users would become aware that the attack was taking place.

Here in the Future...

A duo of Japanese researchers have executed an attack built on the same principles as the Berk-Tews attack, and targets the same WPA system but now can do so in 60 seconds. That's only one minute until your business's precious security information can be intercepted, read and falsified. This new attack works in the same way as the 2008 attack, but the researchers have found a mathematical formula to hack in much quicker. They are "lovingly" calling this attack the "Man in the middle" attack and promise that WPA2 is next. It has also been suggested that the attacks do not threaten the overall encryption of the wireless stream.

But do you really want to take that chance?

Why Are Botnets So Important?

The Botnet and What It Is And Does

What used to be a meaningful piece of software allowing the legitimate sharing of program processing amongst a network of business PC's has now been turned into one of the most exploited and maliciously used pieces of software in the history of the internet.

The Botnet is now being used easily and maliciously for many things including the creation or misuse of SMTP mail relays for spamming (a SPAMbot), spamdexing (the practic of dishonestly manipulating search engines), click fraud, theft of sensitive information like application serial ID's, login ID's and passwords, and financial information like credit card numbers. But the most recent and problematic attacks have been the Denial of Service attacks on Twitter, Google, Facebook and Live Journal, just to name a few. They have been said to be "Massive and sustained (DDOS) attacks...and they are not finished yet!" stated a Security expert from Symantec's Security Technology Response Group.

The twitter attacks were one of the easiest to implement.

A trojan horse called Downloader.Sninfs was using Twitter's @update account to deliver commands to infected PC's. It posted links for web updates just like any account holder would. Then the unsuspecting users clicked on the links and received and spread the commands. After enough people did this, it created the DDOS attack in which we are all familiar with. The account on Twitter has since been disabled and is under investigation.

The botnet works by installing malicious software through what is known as "drive by downloads". These are downloads in which the user has authorized the download without fully understanding the consequences, or maybe unknowingly downloads a virus that is tacked on to an Active X control. The botnet's originator, or "Bot Herder", can then remotely compromise your PC and the network it is on rendering it a zombie.

The scariest thing about a botnet is that you most likely won't even know that you are infected unless you know what you are looking for! This is because most PC's involved in a botnet work normally. They hide their code within legitimate applications and email, and you are spreading them unknowingly but willingly. So what are you supposed to do about it? Tune in next time for solutions and tips and tricks for sniffing out a botnet and removing it from your machine...

Isn't it time to take back your PC?

WINS Security Vulnerability

WHAT IS WINS?

The Windows Internet Name Service, or WINS is Microsoft's answer to the question that no one ever asked. No really, WINS is the core service which translates the names of computers into their numeric IP addresses. This is a necessary service for one computer to be able to talk to another.

WHAT IS THE WINS VULNERABILITY?

The vulnerability found within the WINS service has been classified as critical, and can "...allow remote code execution if a user has received a specially crafted WINS replication packet on a affected system running the WINS service...", states a representative from Microsoft. The replication packet allows the attackers to write arbitrary memory locations and execute the arbitrary code via a modified pointer within the packet sent to TCP Port 42. This attack has been found to be coming form China, and is targeting no less than 70,000 IP addresses daily.

WHAT THIS MEANS TO YOU, THE SMALL BUSINESS OWNER?

What this means is that if you or a member of your team have manually installed this particular WINS component, you WILL be affected. A representative of Shavlik Technologies says that this "...is an unauthenticated server-side attack. The bad guy simply points and shoots some packets at the WINS server and they can execute code of their choice on that server." This could mean that anyone can gain access to all of your sensitive information remotely.
And you would never know!