Cisco AP Skyjacking

This latest vulnerability on Cisco WLAN (AP Skyjacking) points out the importance for customers to deploy overlay WIPS to have a zero day response capabilities in place. Making changes to your WLAN controller, APs, and firewalls takes time and new vulnerabilities like this will continue to surface.  A dangerous exploit that can be carried out using this vulnerability… Read More

Is skyjacking a mere DoS threat against Cisco WLAN?

Skyjacking vulnerability which allows Cisco LAP to be diverted to connect to rogue controller by manipulating OTAP could be more dangerous than what has been clarified by Cisco in its advisory. The advisory says that “An exploit could prevent the device from functioning properly, resulting in a DoS condition. There is no risk of data loss… Read More

Cell Phone Jamming in Prisons – Could it be done?

I recently read a statement put out by Senator Kay Bailey Hutchison urging support for her bill, ” The Safe Prisons Communications Act creates a framework for the FCC to test and approve jamming equipment and to review applications from corrections facilities seeking to install cell phone jammers. Most importantly, to ensure the integrity of… Read More

SSLstrip: Even Careful Users Can Be Trapped by Wireless Honeypots

Moxie Marlinspike presented SSLstrip at Blackhat early this year. The author made observation as to how most people initiate access to secure (HTTPS) websites using insecure connection (HTTP) which creates opportunity for the man-in-the-middle (MITM) attacker to get into the middle of the connection without flashing certificate mismatch message on the user’s machine. It is… Read More

WiFish Finder: WiFi Honeypot vulnerability assessment made simple

What % of WiFi laptop users in your organization are vulnerable to WiFishing attacks? The odds are very high that you don’t have an exact answer.   WiFish Finder is a tool for assessing whether WiFi devices active in the air are vulnerable to ‘Wi-Fishing’ attacks. Assessment is performed through a combination of passive traffic… Read More