KRACK Attack: How serious is this?

KRACK Attack: How serious is this?

What is happening?

We will keep this at a high level, if you want the technical details please read the well written paper published by the researcher who found the issue (listed in the resources section).

Background

Wireless networks work by broadcasting your network communications openly using radio waves.  These radio waves are susceptible to people listening in on them, and even talking over them.

Krack Attack: Everyone who uses WiFi is at risk...Mitigate your risk NOW!

Krack Attack: Everyone who uses WiFi is at risk...Mitigate your risk NOW!

Late Sunday night, it was announced that multiple vulnerabilities were discovered in the widely used Wi-Fi Protected Access II protocol (WPA2) that could make it possible for attackers to eavesdrop on traffic passed between computers and wireless access points. While details are still being released, manufacturers of every wireless router/access point, and every device with wireless access are working towards defining updates that will resolve this vulnerability.

Natural Disasters Bring Out the Best and Worst in People

Natural Disasters Bring Out the Best and Worst in People

Over the past several days, the big story in the US has been Category 4 Hurricane Harvey and the flooding and destruction it is leaving in its wake. As with most disasters, Harvey has stirred up the desire in many people to find a way to help with the relief efforts. Unfortunately, this also opens the doors to scammers who want to exploit the generosity of these people.

Fraudulent ADP email attacks becoming more common

Fraudulent ADP email attacks becoming more common

Popular payroll company ADP is warning of a sophisticated phishing attack using emails that impersonate ADP business. The attack email in question warns of a Past Due invoice. These emails appear as if an ADP.com account was used as the sender. Mytech has most commonly seen “billing.address.updates@ADP.com"; but other addresses including “Francisca.Hopkins@adp.com” are also common.

SUPERVALUE announces intrusion and potential breach of data

SUPERVALUE announces intrusion and potential breach of data

SUPERVALU announced on Thursday (7/14/2014) that it experienced a criminal intrusion into its payment card transaction network.  The intrusion may have resulted in the theft of account numbers, expiration date, and cardholder’s names.  The intrusion was identified by an internal team and quickly contained.  Third-party data experts are assisting in determining the scope of the incident.

Severe "Phishing" Attack Tricks Users Into Giving Up Credentials

Severe "Phishing" Attack Tricks Users Into Giving Up Credentials

Illegitimate spam messages are not just annoying, they often contain threats to your network security. One particularly dangerous form of these threats is what has become known as "phishing" attack. This involves tricking people into clicking a hyperlink in their email that takes them to what appears to be a legitimate website. Once the user arrives at the fake site they are usually prompted to enter personal information, and then that personal information can be used by the attacker in a variety of bad ways.

OpenSSL Releases Critical Updates

OpenSSL Releases Critical Updates

This is an RCE vulnerability in OpenSSL and all versions are technically vulnerable. However this is more of a concern with SSL VPN protocols than with HTTPS. There’s another separate man-in-the-middle (MITM) vulnerability too, and it’s probably worth updating… but really shouldn’t be as bad as both ends of the connection would have to be vulnerable for an exploit to work, and only version 1.0.1 is actually vulnerable on the server side.

Unpatched Zero Day Vulnerability in Internet Explorer 8

Unpatched Zero Day Vulnerability in Internet Explorer 8

Security researchers have released details about a vulnerability in Internet Explorer 8 that could allow bad actors to take control of a computer. At the time of this writing, Microsoft has not released any news of a security update to resolve this vulnerability. While there are some mitigation steps that can be taken to prevent an exploit, Mytech believes that most of our clients are not at elevated risk from an attack.

eBay Data Breach - User Accounts Stolen

eBay Data Breach - User Accounts Stolen

Online auction mega-site eBay recently disclosed a major data breach from earlier this year that exposed personal information of an unknown number of users. While the scale of the breach is a bit fuzzy, the fact that the attackers had almost unrestricted access to the company corporate network for an extended period is very worrisome. eBay maintains that financial data was not accessed, but personal information including physical addresses and date of birth was in the database that was compromised.

Internet Explorer Zero-Day Exploit for all Windows Operating Systems

Internet Explorer Zero-Day Exploit for all Windows Operating Systems

A very severe vulnerability has been recently discovered in all versions of Internet Explorer for all versions of Microsoft Windows. This vulnerability would allow an attacker to execute remote code if a user visits a malicious website. This vulnerability is being actively exploited in the wild, which means that there are confirmed cases of attackers targeting websites right now.