#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

wireless attack | Breaking Cybersecurity News | The Hacker News

Category — wireless attack
Snoopy Drone Can Hack Your Smartphones

Snoopy Drone Can Hack Your Smartphones

Mar 25, 2014
The use of unmanned aerial vehicles (UAVS) called Drones is rapidly transforming the way we go to war. Drones were once used for land surveillance, Delivering Pizza's, then equipped with bombs that  changed the way nations conduct war and  now these hovering drones are ready to hack your Smartphones. London-based Sensepoint security researchers have developed a drone called ' Snoopy ' that can intercept data from your Smartphones using spoofed wireless networks, CNN Money reported. The Drone will search for WiFi enabled devices and then using its built-in technology, it will see what networks the phones have accessed in the past and pretends to be one of those old network connections. Spoofing WiFi networks that device has already accessed allows Snoopy Drone to connect with targeted Smartphone without authentication or interaction. In technical terms, The Drone will use ' Wireless Evil Twin Attack ' to hack Smartphones. Once connected...
Hackers targeting non-browser applications with Fake SSL Certificates

Hackers targeting non-browser applications with Fake SSL Certificates

Feb 13, 2014
Having SSL Certification doesn't mean that the website you are visiting is not a bogus website. SSL certificates protect web users in two ways, it encrypts sensitive information such as usernames, passwords, or credit card numbers and also verify the identity of websites. But today hackers and cyber criminals are using every tantrum to steal your credentials by injecting fake SSL certificates to the bogus websites impersonating Social media, e-commerce, and even bank website. Netcraft Security Researchers have discovered dozens of fake SSL Certificates being used to enact financial institutions, e-commerce site vendors, Internet Service Providers and social networking sites, which allegedly allows an attacker to carry out man-in-the-middle attacks. When you will visit a bogus website from any popular web browser; having self signed fake SSL Certificate, you will see a foreboding warning in the web browser, but the traffic originates from apps and other non-browser software fail...
7 PAM Best Practices to Secure Hybrid and Multi-Cloud Environments

7 PAM Best Practices to Secure Hybrid and Multi-Cloud Environments

Dec 04, 2024Risk Management / Zero Trust
Are you using the cloud or thinking about transitioning? Undoubtedly, multi-cloud and hybrid environments offer numerous benefits for organizations. However, the cloud's flexibility, scalability, and efficiency come with significant risk — an expanded attack surface. The decentralization that comes with utilizing multi-cloud environments can also lead to limited visibility into user activity and poor access management.  Privileged accounts with access to your critical systems and sensitive data are among the most vulnerable elements in cloud setups. When mismanaged, these accounts open the doors to unauthorized access, potential malicious activity, and data breaches. That's why strong privileged access management (PAM) is indispensable. PAM plays an essential role in addressing the security challenges of complex infrastructures by enforcing strict access controls and managing the life cycle of privileged accounts. By employing PAM in hybrid and cloud environments, you're not...
Chainfire's Pry-Fi Android App released to defend against NSA Spying under Public Wi-Fi

Chainfire's Pry-Fi Android App released to defend against NSA Spying under Public Wi-Fi

Feb 01, 2014
Turn your face in any direction, someone is always trying to spy on you; doesn't matter who and what you are? Just yesterday we reported that Communications Security Establishment Canada (CSEC) in Canada and NSA are together, running a spying program called ' game-changer '. It was revealed that the agencies are tracking all the travelers who passed through the airport terminal, and could be tracked throughout the country by referencing it with the intercepted information from Wi-Fi in cafes, libraries and other public places. Today XDA Senior Recognized Developer ' Chainfire ' has released a new Android app called Pry-Fi , that allow a user to disable Wi-Fi completely, including the background network scanning.  Pry-Fi will prevent your device from announcing all the networks it knows to the outside world, but it will still allow background scanning and automatically connecting to Wi-Fi networks. ' Retailers, crooks, the government, and other...
cyber security

The AppSec & R&D Playbook: How to Align Security and Innovation

websiteBackslashApplication Security
AppSec vs. R&D? Bridge the gap with clear steps to streamline workflows and foster collaboration.
Hacking Wireless DSL routers via Administrative password Reset Vulnerability

Hacking Wireless DSL routers via Administrative password Reset Vulnerability

Jan 04, 2014
If you want to hack a Netgear and Linkys Wireless Routers , there is a quick backdoor entry available, that allow an attacker to reset the admin panel password to defaults. Eloi Vanderbeken , a hacker and reverse-engineer from France has discovered an administration password Reset vulnerability in many Netgear and Linkys Routers. In a blog post , Eloi said that During Christmas Holidays he forgot the admin interface password of his Linksys WAG200G router and in an effort to gain access back of its administration panel, he first scanned the Router and found a suspicious open TCP port i.e. 32764. To do further research on this port service, he downloaded a copy Linksys firmware and reverse-engineered it. He found was a secret backdoor interface that allowed him to send commands to the router from a command-line shell without being authenticated as the administrator. Then he blindly tested commands, but doing so flips the router's configuration back ...
Smartphone wireless chipset vulnerable to DoS attack

Smartphone wireless chipset vulnerable to DoS attack

Oct 25, 2012
Security researcher Andres Blanco from CoreSecurity discovered a serious vulnerability in two Wireless Broadcom chipsets used in Smartphones. Broadcom Corporation, a global innovation leader in semiconductor solutions for wired and wireless communications. Broadcom BCM4325 and BCM4329 wireless chipsets have been reported to contain an out-of-bounds read error condition that may be exploited to produce a denial-of-service condition. Other Broadcom chips are not affected. The CVE ID given to issue is  CVE-2012-2619 . In advisory they reported that this error can be leveraged to denial of service attack, and possibly information disclosure. An attacker can send a RSN (802.11i) information element, which causes the Wi-Fi NIC to stop responding. Products containing BCM4325 chipsets: Apple iPhone 3GS Apple iPod 2G HTC Touch Pro 2 HTC Droid Incredible Samsung Spica Acer Liquid Motorola Devour Ford Edge (yes, it's a car) Product...
Expert Insights / Articles Videos
Cybersecurity Resources