Threat: Rogue access points and Evil Twins pose risks on open networks. Solution: Users: disable automatic connection to wifi networks. Businesses: use network segmentation and devices that provide intrusion and malware detection. URL: https://www.helpnetsecurity.com/2016/03/14/rogue-access-point-rsa-conference/ In this article the authors set up an open access point at RSA Conference configured to use some common SSID’s. Interestingly […]

Threat: Multiple Passcode Bypass Vulnerabilities Discovered in iOS 9 Solution: Disable the Siri module and Events Calendar without passcode, along with the public Control Panel with the timer and world clock. Users should also activate the weather app to prevent the redirect. URL: http://www.securityweek.com/multiple-passcode-bypass-vulnerabilities-discovered-ios-9 This is a pretty big vulnerability that requires very little technical […]

Threat: DROWN attack places more than 11 million websites at risk. Solution: OpenSSL 1.0.2 users should upgrade to OpenSSL 1.0.2g and OpenSSL 1.0.1 should upgrade to OpenSSL 1.0.1s. If you are using another version of OpenSSL, you should move to the newer versions. You should also ensure SSLv2 is disabled, as well as make sure […]