AirPatrol study finds almost 100 unauthorized WiFi access points at convention
Of all the events you might attend, you'd think a security convention would be the least likely place to have attendees hopping onto "free public WiFi" and other insecure connections.
Unfortunately, you'd be wrong.
In fact, a network monitoring study conducted at last week's RSA Conference by wireless security vendor AirPatrol turned up 2,792 WiFi client devices, including smartphones, PDAs, and laptops. All were devices that wouldn't have shown up on the scan if they had been properly secured.
Some 94 "unofficial" access points accounted for much of the traffic, according to AirPatrol. These wireless networks were determined to be unsanctioned by show organizers, and some of them may have been "rogues" that were insecure or even built to siphon data from unsuspecting users.
The scan also turnd up 35 "ad hoc" WiFi networks with common Service Set Identifiers (SSIDs), such as Linksys, Free Public WiFi, and hpsetup. Ad hoc networks often have no firewall on the wireless interface, leading to potential security problems, AirPatrol noted.
"Amazingly, some of the world's leading IT security professionals still think of wireless security as an afterthought, and our RSA Conference wireless monitoring results demonstrate there is still a disconnect between what they practice and what they preach," says Ozzie Diaz, CEO of AirPatrol.
Source.
skip to main |
skip to sidebar
netizens left a footprint.
If you're lazy to hack, get all the news here!
= Why =
As a super user of the Information Highway, I hope to share my knowledge, inculcate the security culture, and to create security awareness amongst the less savvy users.
Welcome, if you're lazy to hack. :)
Welcome, if you're lazy to hack. :)
:: Twitter Feed ::
= Latest Virus Alerts =
= Safe Web Browsing Tips =
= Daily Reads =
- Security Focus
- Dark Reading
- SecurityPro News
- Net-Security
- Hacker Journals Newspaper
- MadMark's Blog
- Naked Security (Sophos)
- Sunbelt Blog
- Harry Waldron - IT Security
- Optimal Security : the Lumension Blog
- TrendLabs Malware Blog
- MX Labs - Acquired taste for SPAM viruses
- IT & Security Portal
- CSIRT
- NIST
- SANS Forensics
- HackInTheBox
- BlogSecurity.Net
- RSA: Speaking of Security
- Roger's InfoSec Blog
- Snapcrackerz
- Reverse Engineering (misunderstood)
- Hacking for Windows
- Cybexin Security Blog
- Security Monkey
- High value RSS feeds list
= On the go =
= Archives =
-
▼
2009
(115)
-
▼
April
(15)
- Adobe Reader, hit with another Zero-Day
- Beware of Facebook phishing attack
- At RSA, Security Pros don't practice what they preach
- Spammers piggyback on Swine Flu outbreak
- Company hires hacker kid, kid keeps hacking
- Connecting the dots: Downadup/Conficker Variants
- AVG Releases Free Real-Time Search Virus Scanner
- When Google Search Becomes Malware Trap
- Conficker Becomes 'Downdac', a Waledac Zombie
- New Attack Sneaks Rootkits Into Linux Kernel
- Resurrection Of Conficker?
- Facebook, Privacy and Contracts
- Zero-Day PowerPoint Attacks Under Way
- Public Search Engines Mine Private Facebook Details
- Facebook's hot body dance videos and malware
-
▼
April
(15)
Labels
- 2FA (5)
- Acrobat reader (16)
- Adobe (29)
- Adware (1)
- Aerospace (2)
- AirDrop (1)
- AISP (1)
- Alphabet (1)
- Amazon (5)
- Android (40)
- Anonymous (4)
- anti-phishing (2)
- antivirus (14)
- AOL (3)
- Apple (73)
- Apple Pay (1)
- AppStore (2)
- APT (4)
- Ashley Madison hack (3)
- AsiaPac (2)
- Asus (1)
- AT&T (1)
- Aurora (6)
- Australia (2)
- AVG (3)
- badUSB (3)
- Baidu (1)
- Bank (2)
- Bash Bug (5)
- bebo (1)
- biometric (1)
- BitTorrent (2)
- Blackberry (5)
- Blackhat Asia (1)
- Blackhole (2)
- blogging (4)
- Blu-ray (1)
- bootable CDs (5)
- Bootkit (1)
- bot net (15)
- breach (39)
- brute force (3)
- BSOD (1)
- car alarms (1)
- Care2.com (1)
- CelebGate (7)
- Censys (1)
- Child safety (1)
- China hacking (21)
- Cisco (2)
- clickjacking (4)
- Cloud computing (5)
- Cloud Security (8)
- Conference (1)
- conficker (6)
- Conventions (5)
- cracking (2)
- CryptoLocker (3)
- Cyber Threat Alliance (1)
- CyberSecurity (12)
- Cybersquatting (1)
- D-link (1)
- data theft (34)
- DDOS (9)
- defaced website (7)
- defcon (1)
- Dell (1)
- directory harvesting attack (1)
- DIY (1)
- DNS cache poisoning (2)
- downadup (5)
- Drive-by attack (4)
- Dropbox (2)
- eBay (2)
- education (1)
- email (24)
- encryption (10)
- espionage (3)
- events (9)
- exploit (11)
- facebook (97)
- facebook messenger (1)
- FaceTime (1)
- fake jobs (1)
- fakeAV (1)
- FireEye Optus (2)
- firefox (11)
- Flash (8)
- Fortinet (1)
- fraud (8)
- free download (7)
- freeware (2)
- friendster (14)
- FrP (1)
- Gartner (1)
- Ghost (1)
- GitHub (1)
- gmail (12)
- google (59)
- Google buzz (1)
- google chrome (11)
- google earth (1)
- Google+ (1)
- Government Initiatives (5)
- GPS (1)
- GSM (3)
- hack (2)
- hacked (40)
- hardware (1)
- Hi5 (2)
- hoax (8)
- hotmail (5)
- HTTPS (1)
- iCloud (11)
- identity theft (70)
- illegal software (2)
- infection (47)
- Instagram (2)
- Internet (2)
- internet explorer (25)
- Internet of Things (4)
- Investment (1)
- iOS (19)
- IoT (4)
- iPad (6)
- IPcam (1)
- iphone (45)
- iPhone 5 (2)
- iPhone 6 (6)
- ISIS (2)
- ISP (1)
- ITSC (1)
- iTunes (6)
- iWorm (1)
- jailbreak (4)
- Japan (1)
- Japan Airlines (1)
- Java (1)
- javascript (8)
- Kaspersky (1)
- keylogger (1)
- kids (1)
- Kindle (1)
- koobface (1)
- leaked (3)
- Legacy (1)
- Lenovo (2)
- LinkedIn (1)
- Linux (18)
- Lizard Squad (1)
- Lollipop (2)
- Lulzsec (2)
- Lumia (1)
- Mac OS (12)
- Malaysia Airlines (1)
- malicious code (36)
- Malware (27)
- megaupload (1)
- microsoft (39)
- microsoft office (3)
- MITM attack (1)
- mobilephone (41)
- mouse (1)
- MPAA (1)
- msn (3)
- myspace (11)
- myyearbook (1)
- NAS (1)
- NASDAQ (1)
- Natural disaster (5)
- Netflix (1)
- NICs (1)
- Nokia (3)
- North Korea (2)
- NSA (2)
- Online shopping (3)
- opera (1)
- Operation Pawn Storm (1)
- OS X (2)
- Osama bin Laden (1)
- P2P (1)
- password (22)
- Paypal (2)
- pcAnywhere (1)
- phishing (51)
- Photoshop (1)
- Pinterest (2)
- piracy (1)
- Playstation (3)
- Political (2)
- powerpoint (1)
- privacy (25)
- PwC (1)
- Pwn2Own (4)
- Quicktime (1)
- ransomware (7)
- RIAA (2)
- rootkit (8)
- Routers (2)
- RSA (4)
- safari (8)
- samsung (2)
- scam (54)
- scareware (4)
- Search Engine Optimization (1)
- Search engine poisoning (10)
- security awareness (8)
- Security Operation Centre (4)
- self muse (1)
- seminar (1)
- SEO (1)
- ShellShock (5)
- Shodan (1)
- Shortened URL (1)
- Silent Circle (1)
- Singapore (9)
- Singtel (2)
- Siri (1)
- skype (6)
- Smartphone (23)
- sms (6)
- SnapChat (1)
- Snappening (2)
- social engineering (13)
- social networking (70)
- Sony (7)
- Sony Ericsson (2)
- SOPA (1)
- spam (29)
- spoofing (1)
- spyware (7)
- SQL (6)
- SQL injection (4)
- SSH backdoor (2)
- Stagefright (3)
- Steam (1)
- Stratfor (2)
- SuperFish (2)
- surveillance (2)
- Symantec (9)
- Techdays (2)
- terrorist (1)
- thoughts (2)
- ThuderBolt (1)
- tips (1)
- Tor (1)
- TorLocker (2)
- training (1)
- trojan (46)
- tumblr (2)
- Twitch (1)
- twitter (44)
- typosquatting (1)
- U2 (1)
- Unix (6)
- USB (9)
- virus (30)
- visibility (1)
- VOIP (1)
- vulnerability (12)
- war texting (1)
- Web Application Scanner (1)
- web browser (19)
- Whatsapp (5)
- WiFi (5)
- Windows (8)
- Windows 10 (1)
- Windows 7 (9)
- Windows 8.1 (2)
- Windows Live (1)
- Windows mobile (3)
- Windows Phone (1)
- Windows Vista (2)
- wireless (2)
- WireLurker (4)
- word (2)
- WordPress (9)
- worm (8)
- WormHole (1)
- Xbox (2)
- Xcode (1)
- XSS (4)
- yahoo (12)
- Yahoo Messenger (1)
- Youtube (6)
- zero day (12)
- zero day plus one (1)
netizens left a footprint.
= Disclaimer =
The author is not responsible for the actions, content or accuracy of the opinions expressed in Lazy2Hack, nor for privacy policies, products or services or for any damages or losses, directly or indirectly, caused or alleged to have been caused as a result of your use or reliance on such information. The views, conclusions, findings and opinions of the author are solely those of the author and do not necessarily reflect the views of the government of the author's local precinct or any other organization which the author may represent.
This website/blog includes links to other sites operated by third parties. These links are provided as a convenience to you and as an additional avenue of access to the information contained therein. The author has not reviewed all of the information on other sites and are not responsible for the content of any other sites or any products or services that may be offered through other sites. The inclusion of these links in no way indicates their endorsement, support or approval of the contents of this site or the policies or positions of Lazy2Hack.
The author reserves the right to edit, remove or deny access to content that is determined to be, in his sole discretion, unacceptable.
This website/blog includes links to other sites operated by third parties. These links are provided as a convenience to you and as an additional avenue of access to the information contained therein. The author has not reviewed all of the information on other sites and are not responsible for the content of any other sites or any products or services that may be offered through other sites. The inclusion of these links in no way indicates their endorsement, support or approval of the contents of this site or the policies or positions of Lazy2Hack.
The author reserves the right to edit, remove or deny access to content that is determined to be, in his sole discretion, unacceptable.