Category: Security

Stuff and Things...

xkcd Password Generator

xkcd Password Generator

I had a conversation with my in-laws this past week we got into a conversation about their wifi password. Basically, they have an ATT router setup where the password is on the underside of the modem. This password is something like “7%b6c9m4k”. No one can ever remember it. The best you can do is take…
Read more

'Siri, I'm getting pulled over'

‘Siri, I’m getting pulled over’: A new shortcut for iPhones can automatically record the police

This is quite interesting and I’m pretty amazed it has taken so long for this to be created. (via businessinsider.com) tl;dr A big new feature for iPhones this year is Shortcuts, an app that lets you write scripts for the iPhone. One widely shared shortcut is called Police, which records police interactions and texts a…
Read more

Why Gets You Root

Why “blank” Gets You Root

In case you haven’t heard the new there is a massive security flaw in macOS, which allows anybody to log into the root account with a blank password. The flaw was discovered by Lemi Orhan Ergin (@lemiorhan): Read the whole article

Key Reinstallation Attacks Breaking WPA2 by forcing nonce reuse

Key Reinstallation Attacks Breaking WPA2 by forcing nonce reuse

Researcher Mathy Vanhoef of imec-DistriNet hax found a critical flaw in the current WPA2 protocol. We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to…
Read more

Equifax+Hacked

massive Equifax Hack blowback

of course you can “check yourself” at their site A team of lawyers, including former Georgia Gov. Roy Barnes, has filed a class-action lawsuit against Equifax over the massive data breach that has compromised the personal information of more than 140 million U.S. consumers. The lawsuit filed in U.S. District Court in Atlanta faults Equifax…
Read more

Tractor Hacking

Tractor Hacking

Motherboard takes a look into the now common practice that many of America’s farmers are getting into, Tractor Hacking. To avoid the draconian locks that John Deere puts on the tractors they buy, farmers throughout America’s heartland have started hacking their equipment with firmware that’s cracked in Eastern Europe and traded on invite-only, paid online…
Read more

Distributed Denial of Service Attacks: Four Best Practices for Prevention and Response

Distributed Denial of Service Attacks: Four Best Practices for Prevention and Response

Good read on new DDoS methods and response from Carnegie Mellon. “We have recently seen more sophisticated attacks, such as the recent Dyn attack. As IEEE Spectrum recently reported, “Attacking a DNS or a content delivery provider such as Dyn or Akamai in this manner gives hackers the ability to interrupt many more companies than…
Read more