Friday, September 28, 2018

The Facebook Security Meltdown Exposes Way More Sites Than Facebook

The social networking giant confirmed Friday that sites you use Facebook to login to could have been accessed as a result of its massive breach.

from
https://www.wired.com/story/facebook-security-breach-third-party-sites

Facebook's Massive Security Breach: Everything We Know

Up to 50 million Facebook users were affected—and possibly 40 million more—when hackers compromised the social network's systems.

from
https://www.wired.com/story/facebook-security-breach-50-million-accounts

Voting Machines Are Still Absurdly At Risk

A new report details dozens of vulnerabilities across seven models of voting machines—all of which are currently in use.

from
https://www.wired.com/story/voting-machine-vulnerabilities-defcon-voting-village

Thursday, September 27, 2018

Wednesday, September 26, 2018

Monday, September 24, 2018

Friday, September 21, 2018

AirCheck G2 gets a v3

You may recall my blog post year lauding the version 2 firmware for the Netscout G2. I’m very pleased that Netscout has continued product development, taking feedback from users (including myself) on ways to further improve the already-awesome AirCheck G2. I’ve been working with the v3 firmware for the AirCheck for a bit over a month now and I’m happy to report in with my new favorite improvements – all delivered via a software update under a current support contract!

1) Improved packet captures

One of the things I didn’t write about last time was the ability to do packet captures that was introduced in v2. Admittedly, it felt somewhat half-baked and there are two very important enhancements that make this the tool I always hoped it would be. Firstly, we get the ability to slice packets. Those of you familiar with packet captures will know that in the vast majority of cases, we’re interested with the beginning of the 802.11 frames (since the payload is commonly encrypted). The ability to slice packets means that we can get very valuable packet-level analysis without capturing the entire frame!

Note the 'Slice Size' link set to 64 B

Packet slicing

Secondly (and leading directly into my next favorite thing) is a *much* easier way to get the actual packet captures off of the AirCheck. In the past (and in addition to dealing with file sizes that were needlessly cumbersome), you’d have to grab the AirCheck G2 Desktop software and hook your AirCheck up to a computer to copy the capture off. Now you can just plug in an ethernet cable and the upload the tests right into the Link-Live service that comes included with your AirCheck! From there, you can download the raw .pcap file for use in your favorite packet capture analysis tool (Omnipeek, CloudShark, WireShark, Wi-Fi Analyzer, etc).

Download your packets here!

.pcap files in Link-Live

2. Cloud (Link-Live all the things)

You may have guessed from my above comments that the Cloud enablement is right up there on my list of awesome things that this update brings. With a notable decrease in reliance on the Windows-only desktop application, the improved Link-Live integration now supports a whole slew of AirCheck uploads including:

  • Full AutoTest results
  • Session files
  • Screenshots
  • Packet captures (mentioned above)
  • Job, location, comments

Further reliance on the Link-Live portal is clearly a huge focus for the AirCheck team and they’ve delivered on many key integrations to help our field teams get data off of the AirCheck G2s in a timely fashion. In addition to being able to pull files off of the AirChecks enabled by Link-Live, the ability to push profiles lands squarely in the ‘awesome to have’ column. Being able to upload pre-configured profiles to your fleet units removes much of the inconsistencies that large teams can sometimes run across. 

3. Over the network firmware updates

Last, but certainly not least of the new features, the ability to do over-the-network firmware updates means that you no longer have to have access to a USB cable and Windows machine just to get all of the future improvements that Netscout is clearly on track to deliver. For an awesome product that continues to get software based improvements that genuinely move the needle, this feature changes the game for getting current software onto our AirChecks. Simply plug the unit into a working network connect and click the ‘Check for Software Updates’ and you’re good to go!

Right from the UI!

Software Update

Way to go Netscout team for bring a truck load of features to an already indispensable tool. Making new features that people will actually use (as opposed to the bloat we commonly see) is not only a refreshing take from the Netscout team, but continues to make the AirCheck G2 the best in Wi-Fi handheld triage tools. If you’ve not gotten your hands on an AirCheck G2 by now, you’re missing out.



from
https://sc-wifi.com/2018/09/21/aircheck-g2-gets-a-v3/

Cloudflare Embraces Google Roughtime, Giving Internet Security a Boost

Syncing clocks online is vital to web security.

from
https://www.wired.com/story/clouldflare-google-roughtime-sync-clocks-security

Monday, September 17, 2018

Saturday, September 15, 2018

Kid-Focused Apps Track Location, UK Spying, and More Security News This Week

In security news this week, some apps for children may violate privacy laws, State Department devices might be less secure than your Instagram account, and more.

from
https://www.wired.com/story/location-tracking-apps-target-kids

Tuesday, September 11, 2018

How Hackers Slipped by British Airways' Data Defenses

Security researchers have detailed how a criminal hacking gang used just 22 lines of code to steal credit card info from hundreds of thousands of British Airways customers.

from
https://www.wired.com/story/british-airways-hack-detaeils

Monday, September 10, 2018

Sunday, September 9, 2018

Everything You Should Do Before You Lose Your Phone

Misplacing your smartphone—or worse, having it stolen—is awful. But you can at least minimize the damage with a few easy steps.

from
https://www.wired.com/story/lost-stolen-phone-what-to-do

Friday, September 7, 2018

Fake Beto O'Rourke Texts Expose New Playground for Trolls

Someone hijacked a volunteer tool to make it look like Beto O'Rourke encouraged voter fraud—and that could just be the beginning.

from
https://www.wired.com/story/fake-beto-orourke-texts-expose-new-playground-for-trolls

Popular Mac App Adware Doctor Actually Acts Like Spyware

Adware Doctor has long been one of the top-selling apps in the Mac App Store. But researchers say it harvested browsing data, and sent it to China.

from
https://www.wired.com/story/adware-doctor-mac-app-store-spyware

Thursday, September 6, 2018

Twitter Finally Bans Alex Jones—Over a Publicity Stunt

After years of abuse and spreading conspiracy theories, Alex Jones finally went too far for Twitter with a relatively tame rant.

from
https://www.wired.com/story/twitter-bans-alex-jones-infowars

DoJ Charges North Korean Hacker for Sony, WannaCry, and More

The Department of Justice has taken its first legal action against North Korea's cybercrimes, in a massive complaint made public Thursday.

from
https://www.wired.com/story/doj-north-korea-hacker-sony-wannacry-complaint

Wednesday, September 5, 2018

Facebook and Twitter's Biggest Problems Follow Them to Congress

As Jack Dorsey and Sheryl Sandberg testified before Congress, some of Twitter and Facebook's most notorious trolls and misinformation artists watched on.

from
https://www.wired.com/story/facebook-twitter-congress-testimony-dorsey-sandberg

How Trump Could Trigger Armageddon With a Tweet

Times have changed. The president is being held in check by terrified aides who are trying to keep his worst impulses in check. But disaster may only be a tweet away. Here's how it could happen.

from
https://www.wired.com/story/how-trump-could-trigger-armageddon-with-a-tweet

Tuesday, September 4, 2018

How to Watch Twitter and Facebook Testify Before Congress Wednesday

Twitter CEO Jack Dorsey and Facebook COO Sheryl Sandberg will field questions about foreign interference, perceived bias, and more.

from
https://www.wired.com/story/watch-jack-dorsey-twitter-sheryl-sandberg-facebook-testify-congress

Jon Kyl Will Take McCain's Senate Seat

The governor of Arizona announced Tuesday that Jon Kyl will replace the Senate seat vacated by the late John McCain. He may now further push to regulate tech giants like Facebook.

from
https://www.wired.com/story/jon-kyl-senate-facebook-tech-regulation

How Chrome Spent a Decade Making the Web More Secure

Ten years after Chrome debuted, a look back at how the browser redefined security online.

from
https://www.wired.com/story/chrome-decade-making-the-web-more-secure

Google Wants to Kill the URL

"Whatever we propose is going to be controversial. But it’s important we do something, because everyone is unsatisfied by URLs. They kind of suck."

from
https://www.wired.com/story/google-wants-to-kill-the-url

Senator Mark Warner Is Not Happy With Google

The vice chairman of the Senate Intelligence Committee talks about the search giant's glaring absence at this week's committee hearings, and the White House's #stopthebias campaign.

from
https://www.wired.com/story/mark-warner-senate-committee-hearing-google-facebook-twitter

Saturday, September 1, 2018