Category: Threats & Vulnerabilities

Learn about the different types of threats facing our networks and systems

The Sony Pictures Entertainment Hack: A Look at the Evidence We Have

Note: Much of this information comes from an official affidavit, The United States of America vs. Park Jin Hyok, also known as ("aka") "Jin Hyok Park," aka "Pak Jin Hek," (United States District Court for the Central District of Caliornia June 8, 2018). If you want to review the entire 179-page document, it's available at https://www.justice.gov/opa/press-release/file/1092091/download. The ...

Security Researchers Confirm an Additional 7,500 Hacked MikroTik Routers Spying on Network Traffic

MikroTik is a Latvian company which was founded in 1996 to develop routers and wireless ISP systems. The company is predominantly known for its RouterOS software system. With distributors located all around the world, including the United States, MikroTik should sound fairly familiar even though this is primarily a Cisco-dominant networking world. In July, researchers ...

PenTest Edition: Creating an Evil Twin or Fake Access Point Using Aircrack-ng and Dnsmasq [Part 2 – the Attack]

If you haven't already begun the initial startup, you'll need to go back to PenTest Edition: Creating an Evil Twin or Fake Access Point Using Aircrack-ng and Dnsmasq [Part 1 - Setup] and update Aircrack-ng and configure the dnsmasq configuration file. After that, you can come back here and begin the attack. The information provided ...

PenTest Edition: Creating an Evil Twin or Fake Access Point Using Aircrack-ng and Dnsmasq [Part 1 – Setup]

Before I start, I hope you already have a great understanding of 802.11 networks! A "Fake Access Point (AP)" is a type of wireless network attack in which an attacker uses software to create a malicious AP that is live and broadcasting out to wireless clients. Fake APs are rogue, and often times, the Service ...

The Recent 4G LTE Network Vulnerabilities and Attacks

In this blog post, I'll discuss the design and operation of a 4G LTE network. In hindsight, I realize topics such as these can get extremely lengthy. For that reason, I'll limit this discussion down to only the necessary technical details required to understand these new LTE attacks, while excluding any complicating, non-essentials. These new ...