Wi-Fi Networks to Receive a Massive Security Upgrade: Wi-Fi Alliance Launches WPA3

Yesterday, the Wi-Fi Alliance announced the long-awaited, next generation in Wi-Fi security, WPA3. After 15 years, WPA3 will now begin to replace the existing WPA2 protocol, which is currently used by billions of wireless devices every day. For quite some time, WPA2 has long been considered insecure. It has always been vulnerable to brute force ...

PenTest Edition: Capture Images That Network Users Are Looking at Using Driftnet and WebSploit

WebSploit is an advanced MitM framework of penetration testing tools used to assess wired/wireless network security, web vulnerabilities, and exploitation techniques. This demonstration uses the network/mitm module to set up a Man-in-the-Middle (MitM) attack between the target and the gateway in addition to using Driftnet to steal any unencrypted (and possibly encrypted) images that the ...

Over 3,000 iOS and Android Apps Leak 100 Million User Sensitive Records via Misconfigured Firebase Backends

When building an app that needs to store and share data from a server, software developers can rely on Google's Firebase Realtime cloud-hosted database. This Infrastructure as a Service (IaaS) removes serious time constraints by providing app developers with maintenance and support, offline support, and real-time synchronization of data with clients in real-time. And, since ...

KRACK Attacks: Key Reinstallation AttaCKs that Break WPA2

This is something I covered last year, but I wanted to go more in-depth in this topic now that there is more information on it. Our Wi-Fi wireless networks are currently protected by a security encryption protocol called "Wi-Fi Protected Access 2 (WPA2)." In the previous decades before, our wireless networks depended on a legacy ...