Posts

Showing posts from November, 2017

Ransomware Prevention Tips

During recent times in last 6 months, we have seen very deadly ransomware attacks across the world -"Wannacry" and "Petya" ransomware. With these 2 ransomwares hiting the market, even a common man has been able to understand the importance of cyber security. Soon android ransomware might also be coming up in which can create a havoc situation for a normal user, where entire phone will be formatted and all data will be lost. While ransomware does only encrypt files/folders and makes it inaccessible, the most important part of the prevention tips here is Backup of Data. Users in organizations will be prevented as organizations do follow strict protection guidelines, but still travelling users will still need to bit cautions. Back Up your Data at regular intervals. This drive should not be connected to infected system, till clean up is done Do not open unknown suspicious mails or attachments. Try not to click on any hyperlinks that are circulated throug

KRACK (Key Reinstallation AttaCK)

Image
KRACK (Key Reinstallation AttaCK) Brief, Impact, Recommendation & References Introduction A severe flaw in most secured WPA2 Protocol of WIFI Standard, successful exploitation of which allow an attacker in range of WIFI enabled devices or network to read data in transit (i.e. such as username, password and credit card details etc.) and is potentially at risk of leakage and can modify depends on WIFI implementations.  The Weakness is in the WI-FI standard itself and thus even secured implemented WPA2 WIFI network can also be prone to attack. KRACK ( K ey R einstallation A tta CK ) exploit a weakness in Four-way handshake process between a user’s device trying to connect and a WI-FI Network. It allows an attacker unauthorized access to the network without knowing the password and the possibility of performing Man-In-The-Middle Attack to sniff or modifying the data. KRACK Attack: Example against 4-way handshake   In a key reinstal