Security News

A new set of critical vulnerabilities has been disclosed in the Realtek RTL8170C Wi-Fi module that an adversary could abuse to gain elevated privileges on a device and hijack wireless communications. "Successful exploitation would lead to complete control of the Wi-Fi module and potential root access on the OS of the embedded device that uses this module," researchers from Israeli IoT security firm Vdoo said in a write-up published yesterday.

Starting June 8, Amazon will automatically enable a feature on its family of hardware devices, including Echo speakers, Ring Video Doorbells, Ring Floodlight Cams, and Ring Spotlight Cams, that will share a small part of your Internet bandwidth with nearby neighbors - unless you choose to opt-out. Originally announced in September 2019, Sidewalk is part of Amazon's efforts to build a long-range wireless network that leverages a combination of Bluetooth and 900 MHz spectrum to help Echo, Ring, Tile trackers, and other Sidewalk-enabled devices communicate over the internet without Wi-Fi. Sidewalk is designed to extend the working range of low-bandwidth devices, and help devices stay connected even if they are outside the range of a user's home Wi-Fi network.

Aruba announced the Wi-Fi 6E solution set - the 630 Series of campus access points, starting with the AP-635. "With connectivity demands growing exponentially, Wi-Fi 6E can take advantage of up to seven, superwide 160 MHz channels and uncongested bandwidth in the 6 GHz band to deliver unprecedented multi-gigabit and low latency connectivity," said Kevin Robinson, SVP of Marketing at Wi-Fi Alliance.

Edgecore Networks announced the launch of a series of open Wi-Fi access points preinstalled with the Telecom Infra Project OpenWiFi image. Edgecore's TIP OpenWiFi-ready access points offer users an open platform that works straight out of the box and which is also highly customizable.

The boffins' research paper, "Three Years Later: A Study of MAC Address Randomization In Mobile Devices And When It Succeeds," is scheduled to be presented at PETS, the Privacy Enhancing Technologies Symposium, in July, even though it will be four years later than the initial project [PDF]. Written by Naval Academy researchers Ellis Fenske, Dane Brown, Jeremy Martin, Travis Mayberry, Peter Ryan, and Erik Rye, the paper describes the analysis of 160 mobile phones and the extent to which these devices employ MAC address randomization to mitigate tracking vulnerabilities.

Unlucky owners of Eufycam security cameras were horrified earlier today when they opened their app for the equipment and saw video streams from strangers' homes instead of their own. If they haven't already done so, users should unplug and then reconnect their devices, log out of the Eufy security app, and log in again to see the correct feeds.

IEEE 802.11 provides the basis for all modern devices using the Wi-Fi family of network protocols, allowing laptops, tablets, printers, smartphones, smart speakers, and other devices to communicate with each other and access the Internet via a wireless router. Introduced in January 2018, WPA3 is a third-generation security protocol that's at the heart of most Wi-Fi devices with several enhancements such as robust authentication and increased cryptographic strength to safeguard wireless computer networks.

The Orbi Pro WiFi 6 Mini Dual-band Mesh System with its attractive price point is designed for small businesses and home-based offices. With an WiFi 6 multi-node mesh system, the base configuration of an Orbi Pro WiFi 6 Mini system comprises a router and a satellite.

Some bugs date back to 1997, meaning that computers, smartphones or other smart devices as old as 24 years may be vulnerable to attackers in Wi-Fi range. The video below demonstrates three ways attackers can exploit the latest vulnerabilities: By intercepting victims' authentication credentials; abusing insecure internet-of-things devices by remotely flipping a smart power socket on and off; and by serving as a foothold to launch advanced attacks, particularly by hijacking an outdated Windows 7 machine inside a local network.

Newly discovered Wi-Fi security vulnerabilities collectively known as FragAttacks are impacting all Wi-Fi devices going back as far as 1997. "The discovered vulnerabilities affect all modern security protocols of Wi-Fi, including the latest WPA3 specification. Even the original security protocol of Wi-Fi, called WEP, is affected."