Security News
Three years after Apple introduced a menu setting called Private Wi-Fi Address, a way to spoof network identifiers called MAC addresses, the privacy protection may finally work as advertised, thanks to a software fix. "To communicate with a Wi-Fi network, a device must identify itself to the network using a unique network address called a Media Access Control address," Apple explains in its documentation.
The popular D-Link DAP-X1860 WiFi 6 range extender is susceptible to a vulnerability allowing DoS attacks and remote command injection. An attacker within the extender's range can set up a WiFi network and deceptively name it similar to something the target is familiar with but include a tick in the name, like 'Olaf's Network,' for example.
Fun technique – but how practical is it? Some smart cookies at institutions in China and Singapore have devised a technique for reading keystrokes and pilfering passwords or passcodes from...
A new attack dubbed 'WiKI-Eve' can intercept the cleartext transmissions of smartphones connected to modern WiFi routers and deduce individual numeric keystrokes at an accuracy rate of up to 90%, allowing numerical passwords to be stolen. The team found that it's reasonably easy to identify numeric keystrokes 90% of the time, decipher 6-digit numerical passwords with an accuracy of 85%, and work out complex app passwords at an accuracy of roughly 66%. While this attack only works on numerical passwords, a study by NordPass showed that 16 out of 20 of the top passwords only used digits.
ALSO: Euro chip maker breached, crims plan to undermine cyber insurance, and this week's critical vulnerabilities Infosec in Brief No one likes malware, but malicious code that tracks your...
Cybercriminals behind the Smoke Loader botnet are using a new piece of malware called Whiffy Recon to triangulate the location of infected devices through WiFi scanning and Google's geolocation API. Google's geolocation API is a service that accepts HTTPS requests with WiFi access point information and returns latitude and longitude coordinates to locate devices that do not have a GPS system. Smoke Loader is a modular malware dropper that has been around for several years, primarily used in the early stages of a compromise to deliver new payloads.
Public Wi-Fi, which has long since become the norm, poses threats to not only individual users but also businesses. According to the Forbes Advisor the majority of people connect to public Wi-Fi networks that don't require a password.
The SmokeLoader malware is being used to deliver a new Wi-Fi scanning malware strain called Whiffy Recon on compromised Windows machines. "The new malware strain has only one operation. Every 60 seconds it triangulates the infected systems' positions by scanning nearby Wi-Fi access points as a data point for Google's geolocation API," Secureworks Counter Threat Unit said in a statement shared with The Hacker News.
Researchers from Italy and the UK have discovered four vulnerabilities in the TP-Link Tapo L530E smart bulb and TP-Link's Tapo app, which could allow attackers to steal their target's WiFi password. TP-link Tapo is a smart device management app with 10 million installations on Google Play.
Ford has suggested owners of vehicles equipped with its SYNC 3 infotainment system disable the Wi-Fi lest someone nearby exploits a buffer-overflow vulnerability and hijacks the equipment. According to [PDF] Texas Instruments, maker of the vulnerable Wi-Fi chipset in Ford vehicles, the flaw merits a 9.6 on the 10-point CVSS severity scale at the worst, and an 8.8 at minimum.