Latest article on #HackTheBox authored with Ayush Sahay (felamos) from the Hack The Box team. Using Hack The Box machine Wifinetic to explore wireless network vulnerabilities. In this case a WPS PIN attack. WPS PIN attacks: How to crack WPS-enabled Wi-Fi networks with Reaver Level up your Wi-Fi hacking! Understanding WPS and its older vulnerabilities is a good intro to wireless network security and how to detect, exploit, and mitigate them. #hackthebox, #penetrationtesting, #ethicalhacking,#upskilling https://lnkd.in/ghf9vkNC
David Glance’s Post
More Relevant Posts
-
... Moreover, blocking ports 80 (HTTP), 22 (SSH), and 23 (TELNET) on devices that are public facing should be a no-brainer to mitigate this type of attack, Gates notes. "I would never leave one of those ports open on any device — even if they were completely not accessible from the Internet," he says. "When organizations leave them accessible, they are directly contributing to the botnet problem." ... So funny story. I won't name the vendor...but I had this 1 vendor, that whenever they were doing troubleshooting on their public facing nodes for our network, the first step was always "down the firewalls and see if packet filtering is causing the problem." Then forget to bring the FW back up...and we were riddled with cryptomining malware. They were such an incredible PITA to work with. https://lnkd.in/esD5BS4c
Mirai Variant Opens Tenda, Zyxel Gear to RCE, DDoS
darkreading.com
To view or add a comment, sign in
-
“Old Pixie Dust” exploit in early 2023 The ubiquity of Wi-Fi routers and access points in modern computing infrastructure cannot be overstated. However, despite being the most widely used network devices, these devices remain one of the most vulnerable entry points for malicious attacks. The purpose of this article is to highlight the vulnerabilities associated with Wi-Fi routers and access points, with a particular emphasis on one of the most well-known vulnerabilities - the Pixie Dust attack. The Pixie Dust vulnerability has been known for several years, and despite the availability of protection measures, today many routers remain vulnerable to this attack. During last 6 month about 15 thousand access points were detected with Stryker app with actual confirmed vulnerability to Pixie Dust exploit. The statistics for the Pixie Dust vulnerability are alarming, considering that the countermeasures to protect against this vulnerability are simple and regularly addressed by the router manufacturers. Despite this, a significant number of routers remain vulnerable to this attack. The potential consequences of an attacker exploiting this vulnerability include unauthorized access to the network, theft of sensitive information, and the installation of malicious software. Wi-Fi routers and access points are critical components of modern network infrastructure, but they remain one of the most vulnerable entry points for malicious attacks. The Pixie Dust vulnerability is just one example of the well-known vulnerabilities associated with these devices, and it is imperative that router manufacturers, network administrators and users take proactive steps to mitigate these vulnerabilities. This includes regular firmware updates and the implementation of security best practices. Failure to do so could result in serious security breaches and compromise the privacy and security of the network and its users. Following simple steps to limit the possibilities for hackers to attack your routers. 1. Update your router firmware to the latest version form the manufacturer's sites. 2. Turn Off WPS (WiFi protected setup) function on your router, if apart any particular reason you don't need it. Those two simple steps will help you to limit the number of possible threats as through the hack of wifi router attacker could easily reach your entire internal network. strykedef.com #wifi #cybersecurity #pentest
To view or add a comment, sign in
-
Surveillance System Integrator | Lead Technician | IoT security | Local Agency Security Officer (LASO)
CISA cautions against using hacked Ivanti VPN gateways even after factory resets The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed today that attackers who hack Ivanti VPN appliances using one of multiple actively exploited vulnerabilities may be able to maintain root persistence even after performing factory resets. Furthermore, they can also evade detection by Ivanti's internal and external Integrity Checker Tool (ICT) on Ivanti Connect Secure and Policy Secure gateways compromised using CVE-2023-46805, CVE-2024-21887, CVE-2024-22024, and CVE-2024-21893 exploits. The four vulnerabilities' severity ratings range from high to critical, and they can be exploited for authentication bypass, command injection, server-side-request forgery, and arbitrary command execution. https://lnkd.in/gddPz7gr
CISA cautions against using hacked Ivanti VPN gateways even after factory resets
bleepingcomputer.com
To view or add a comment, sign in
-
Botnets continue to exploit a bug in TP-Link's Archer AX21 internet routers that the company issued a patch for in March, according to Fortinet. Security researchers observed attacks on unpatched routers that involved botnet malware including Mirai, Moobot, Gafgyt and Condi. Full Story: Botnets continue to exploit a bug in TP-Link's Archer AX21 internet routers that the company issued a patch for in March, according to Fortinet. Security researchers observed attacks on unpatched routers that involved botnet malware including Mirai, Moobot, Gafgyt and Condi. Full Story: https://lnkd.in/gmTqGfg3
Botnets continue exploiting year-old flaw in unpatched TP-Link routers
therecord.media
To view or add a comment, sign in
-
Carrier Grade Networking Professional | BSc.(Hons) | HCIP-Carrier IP | C&G FTC in (Telecommunication) | NSEx2 | OCIA
if it's really accountable fact, 5G SA with CUPS will be huge nation wide risks when concern with 5G future applications types such as mMTC and uRRLC since Availability is top #1 KPI in future networks...
⚠️ 5G and GTP Vulnerabilities 5G has a kind of wormhole: GTP vulnerabilities. This protocol, the backbone of 4G and 5G interconnectivity, is riddled with hidden pitfalls. 🚫 The threat is real and it's present. Our stats show that over 90% of tested networks with exposed GTP contain at least one security vulnerability. With GTP-based attacks ranging from fraud and DoS attacks to user impersonation, the risks are both diverse and dangerous. 💥 The impact? Imagine network transformed into a tool for illicit activities. Sensitive data exposed. Services disrupted. GTP is an inevitable part of mobile networks, but protocol deficiencies combined with a lack of security controls covering this part of the network increase the potential negative impact. 🔗 Why is this so relevant to 5G? The GTP protocol, designed for legacy networks, continues to be used in 4G and 5G networks. Despite some upgrades and changes, these vulnerabilities are carried forward, posing a significant threat to the security and reliability of 5G networks. There were multiple studies on this, a link to recent and interesting one is in the comments ↓. 🛡️ The road to cybersecurity in 5G may be complex, but the first step is understanding the threats we face, what makes them possible, and the likelihood of an incident. The context will be different in public or private networks, so it's important to verify this and decide on efficient protection measures. 📌 In upcoming posts, I'll explain how to protect against these threats and ensure your infrastructure's resilience. But even before that, my colleague Mahmoud EL-Sebai will touch on this type of exposure during a webinar on July 27th. You can find the registration link in the comments below. 👇 #Cybersecurity #GTPvulnerabilities #5G #SecurityGen
To view or add a comment, sign in
-
5G and GTP Vulnerabilities
⚠️ 5G and GTP Vulnerabilities 5G has a kind of wormhole: GTP vulnerabilities. This protocol, the backbone of 4G and 5G interconnectivity, is riddled with hidden pitfalls. 🚫 The threat is real and it's present. Our stats show that over 90% of tested networks with exposed GTP contain at least one security vulnerability. With GTP-based attacks ranging from fraud and DoS attacks to user impersonation, the risks are both diverse and dangerous. 💥 The impact? Imagine network transformed into a tool for illicit activities. Sensitive data exposed. Services disrupted. GTP is an inevitable part of mobile networks, but protocol deficiencies combined with a lack of security controls covering this part of the network increase the potential negative impact. 🔗 Why is this so relevant to 5G? The GTP protocol, designed for legacy networks, continues to be used in 4G and 5G networks. Despite some upgrades and changes, these vulnerabilities are carried forward, posing a significant threat to the security and reliability of 5G networks. There were multiple studies on this, a link to recent and interesting one is in the comments ↓. 🛡️ The road to cybersecurity in 5G may be complex, but the first step is understanding the threats we face, what makes them possible, and the likelihood of an incident. The context will be different in public or private networks, so it's important to verify this and decide on efficient protection measures. 📌 In upcoming posts, I'll explain how to protect against these threats and ensure your infrastructure's resilience. But even before that, my colleague Mahmoud EL-Sebai will touch on this type of exposure during a webinar on July 27th. You can find the registration link in the comments below. 👇 #Cybersecurity #GTPvulnerabilities #5G #SecurityGen
To view or add a comment, sign in
-
🚨🔐 [#Juniper Networks has fixed a critical pre-authentication remote code execution (RCE) #vulnerability (CVE-2024-21591) in Junos OS on SRX #firewalls and EX switches.] A critical security vulnerability (CVE-2024-21591) has been identified, potentially exposing systems to severe risks. Organizations are urged to take immediate action to patch and secure their systems against potential exploitation. https://lnkd.in/ePA-e5Ms #CyberSecurity #Vulnerability #CVE202421591 #InfoSec 🌐🔒
Juniper fixes critical RCE in its SRX firewalls and EX switches (CVE-2024-21591) - Help Net Security
https://www.helpnetsecurity.com
To view or add a comment, sign in
No B.S. brand plays, content & SEO. Subscribe to Brandkenstein. Publicly taking a DTC ecom store from 0-$100,000👇 (Hassan Ud-deen)
6moGreat work on this deep dive David Glance and Ayush Sahay, bringing new levels to HTB🤘