On October 16, 2017, researchers at the University of Leuven released a report regarding vulnerabilities in wireless networking standards: WPA and WPA2. These are the IT industries primary standards and methods for wireless (WiFI) networking communications.
This vulnerability affects a wide range of devices including those running operating systems from Android, Apple, Linux, OpenBSD and Windows.
“Depending on the network configuration, it is also possible to inject and manipulate data,” the researchers continued. “For example, an attacker might be able to inject ransomware or other malware into websites. The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected.”
This vulnerability cannot be exploited remotely. An attacker would need to be in close proximity to the hardware device and the Access Point.
The resolution consists of the creation of software/firmware updates, by hardware manufacturers, for their wireless equipment.
If you are a TCE Company managed services customer, updating of network equipment is included in your MSP agreement, we are already reviewing your environment, and will be reaching out to schedule updates if necessary.
Users of Avast-owned security application CCleaner version 5.33 for Windows have been advised to update their software immediately, after researchers discovered criminal hackers had installed a backdoor in the tool. The tainted application allows for download of further malware, be it ransomware or keyloggers, with fears millions are affected. According to Avast's own figures, 2.27 million ran the affected software, though the company said users should not panic.
The malware would send encrypted information about the infected computer - the name of the computer, installed software and running processes - back to the hackers' server. The hackers also used what's known as a domain generation algorithm (DGA); whenever the crooks' server went down, the DGA could create new domains to receive and send stolen data. Use of DGAs shows some sophistication on the part of the attackers.
Moving Forward: Users can download CCleaner 5.34 from Avast’s website if they haven’t already done so. Previous releases are also still available on the company’s website, but the infected version has been removed from the company’s servers. You’ll also want to perform an anti-virus scan on your computer.