Wi-Fi Security Resources on ZDNet

ZDNet Resources

10 Wi-Fi Security tips for road warriors: Road warriors have to be creative. Besides their normal work, they are asked to maintain an almost continuous electronic presence while away from their office or home -- and that can mean dealing with unknown and possibly hostile Wi-Fi networks. Michael Kassner offers some simple tips to help mobile workers...; Tags: Road, Worker, Wi-Fi Security, Michael Kassner, Wireless LANs, Wireless Security, Wi-Fi, Wireless, Security; Download resources 2008-04-09
A free and easy way to test your Wi-Fi Security: A free and easy way to test your Wi-Fi securityDon't Bother...It found 3 critical errors and gave me a 52%:1. No AntiVirus Software. WRONG - I have NOD32 installed and running.2. Windows Update not set to automatic. WRONG - Windows update is indeed set to automatically...; Tags: Wireless security, Wireless LANs, Wi-Fi security, Wi-Fi, Microsoft Windows Update, security, Microsoft Windows; Discussion threads 2008-03-13
A free and easy way to test your Wi-Fi Security: If you're wondering just how secure your home network is, here's an easy way to find out. Pure Networks, makers of the popular Network Magic management tool for home networks, has a free diagnostic scan that will deliver a scorecard on your network's security status. ...; Tags: Router, Network, Network Magic, Wi-Fi, Wi-Fi Security, Networking, Routers & Switches, Rik Fairlie; Blog posts 2008-03-13
OpenBSD team mocked at first ever 'Pwnie' awards: LAS VEGAS -- The OpenBSD team has won an award for the most spectacular "mishandling" of a critical security vulnerability.Here's why:The OpenBSD team refused to acknowledge the bug as a security vulnerability and issued a "reliability fix" for it. A week later Core Security had developed proof of concept code...; Tags: Zero-day attacks, Wireless, Windows Vista, Wi-Fi security, Vulnerability research, Viruses and Worms, Responsible disclosure, Pen testing, Patch Watch, Mozilla, Microsoft, Hackers, Google, Firefox, Exploit code, Data theft, Browsers, Botnets, Apple; Blog posts 2007-08-02
Remembering five years of vulnerability markets: Guest Editorial by David EndlerWhile compiling some stats this week for our Zero Day Initiative two year anniversary, I came across this recent news article by the Associated Press, Researchers Seek Cash for Software Flaws. It's the latest in a long line of media coverage on the launch of...; Tags: Botnets, Black Hat, Apple, Zero-day attacks, Wireless, Windows Vista, Wi-Fi security, Vulnerability research, Viruses and Worms, Symantec, Rootkits, Responsible disclosure, Punditocracy, Pen testing, Patch Watch, Passwords, Open source, Mozilla, Microsoft, Metasploit, Hackers, Google, Firefox, Exploit code, Data theft, Browsers; Blog posts 2007-08-01

Some great security apps are still free: Last week, I wrote dismissively about Symantec adding a $29.99 a year price tag on its new Norton AntiBot technology, calling it a bit of a con job to sell all these different security tools to protect users against malware.Well, it turns out that there are some great FREE security...; Tags: Data theft, Browsers, Botnets, Apple, Digital rights management, Exploit code, Firefox, Hackers, McAfee, Metasploit, Mozilla, Open source, Passwords, Patch Watch, Pen testing, Privacy, Rootkits, Spam and Phishing, Spyware and Adware, Viruses and Worms, Vulnerability research, Wi-Fi security, Zero-day attacks; Blog posts 2007-07-25
Code execution exploit dings iPhone: Apple's iPhone has failed the security smell test.Researchers at Security Evaluators have found what is believed to be the first remote code execution flaw affecting the device -- a bug that can be used to take full control of an iPhone surfing to a rigged Web site.Dr Charlie Miller, a...; Tags: Wi-Fi security, Vulnerability research, Viruses and Worms, Responsible disclosure, Pen testing, Patch Watch, Passwords, Mozilla, Microsoft, Metasploit, Hackers, Firefox, Exploit code, Data theft, Browsers, Botnets, Black Hat, Apple; Blog posts 2007-07-23
Firefox raises barrier to cross-site scripting attacks: Mozilla has quietly fitted a new security feature into the latest Firefox update, adding the ability for the browser to prevent cross-site scripting attacks.The change, which was not officially announced, implements httpOnly cookies in Firefox 2.0.0.5, the most recent refresh of the open-source browser.Web application security experts are welcoming the...; Tags: Zero-day attacks, Windows Vista, Wi-Fi security, Vulnerability research, Viruses and Worms, Spyware and Adware, Spam and Phishing, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Passwords, Open source, Mozilla, Microsoft, Hackers, Google, Firefox, Exploit code, Digital rights management, Data theft, Browsers, Botnets, Apple; Blog posts 2007-07-19
Mac worm rumors swirl; Dai Zovi ships unofficial Mac OS X patch: Amidst unconfirmed rumors that anonymous hackers have created a worm that exploits an unpatched code execution flaw in Mac OS X (Intel), a team of researchers have come up with a way to completely disable a buggy portion of the Mac code base.Led by Mac security guru Dino Dai Zovi...; Tags: Zero-day attacks, Wi-Fi security, Vulnerability research, Spyware and Adware, Spam and Phishing, Rootkits, Punditocracy, Pen testing, Patch Watch, Passwords, Open source, Microsoft, Metasploit, Google, Firefox, Exploit code, Data theft, Browsers, Botnets, Apple; Blog posts 2007-07-18
Blocking (Internet Explorer) drive-by malware downloads: Last week, I wrote about Haute Secure, a new browser toolbar promising to to block drive-by exploits from compromising Windows computers.The company, founded by four former Microsoft employees, has fitted behavior-based profiling algorithms into an Internet Explorer toolbar to identify and intercept malicious files in real-time.Currently available as a free...; Tags: Zero-day attacks, Windows Vista, Wi-Fi security, Vulnerability research, Viruses and Worms, Spam and Phishing, Rootkits, Responsible disclosure, Punditocracy, Pen testing, Passwords, Oracle, Microsoft, Hackers, Google, Firefox, Exploit code, Data theft, Browsers, Botnets; Blog posts 2007-07-17
Stepto leaves MS security, goes gaming: Stephen (Stepto) Toulouse is leaving Microsoft's security unit.Toulouse (left) , who served as the public face of Redmond's security response during some of the biggest hacker attacks, is exiting Redmond's Building 27 to join the Windows Live Services Group.A passionate gamer, Toulouse says he will join the Xbox LIVE team...; Tags: Wi-Fi security, Vulnerability research, Spam and Phishing, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Open source, Microsoft, Metasploit, Hackers, Google, Firefox, Exploit code, Data theft, Browsers, Botnets, Apple; Blog posts 2007-07-17
Patch Watch: Critical updates from Adobe, Cisco, Symantec, McAfee: Patch Tuesday is no longer an exclusive Microsoft event. Slowly but surely, it's beginning to look like more and more big-name software vendors are piggybacking on Microsoft's scheduled patch day to roll out critical software fixes.This week, in addition to Microsoft's six bulletins, computer users should also pay attention to...; Tags: Open source, Microsoft, McAfee, Hackers, Exploit code, Data theft, Cisco, Browsers, Botnets, Apple, Passwords, Patch Watch, Pen testing, Responsible disclosure, Rootkits, Viruses and Worms, Vulnerability research, Wi-Fi security, Zero-day attacks; Blog posts 2007-07-11
As goes Ohio, so goes the country: * Ryan Naraine is on vacation.Guest Editorial by Paul F. RobertsWhat do 225,000 Ohio taxpayers, 64,000 state employees and 600 lucky holders of winning lottery tickets have in common? They were all unlucky enough to have some of their personal information -- names, social security numbers, and bank account numbers...; Tags: Zero-day attacks, Wi-Fi security, Vulnerability research, Viruses and Worms, Responsible disclosure, Privacy, Pen testing, Patch Watch, Passwords, Open source, Microsoft, McAfee, Hackers, Google, Firefox, Data theft, Browsers, Botnets; Blog posts 2007-07-04
Patch Tuesday: Critical IE, Vista patches on deck: Next Tuesday, Microsoft plans to ship six bulletins with patches for a wide swathe of vulnerabilities in Windows, Internet Explorer, Outlook Express, Windows Mail, Office and Visio.Four of the six bulletins will be rated "critical," Microsoft's highest severity rating. One will be rated "important" and one will carry a...; Tags: Zero-day attacks, Windows Vista, Wi-Fi security, Vulnerability research, Viruses and Worms, Responsible disclosure, Pen testing, Patch Watch, Passwords, Open source, Microsoft, Metasploit, Hackers, Exploit code, Data theft, Browsers, Botnets; Blog posts 2007-06-07
iDefense puts $16,000 bounty on critical infrastructure app flaws: Verisign's iDefense is putting up a $16,000 prize for any hacker who can find a remotely exploitable zero-day flaw in six critical Internet infrastructure applications.The flaw bounty is the largest ever offered by the company's VCP (Vulnerability Contributor Program), which buys the rights to vulnerability information from hackers and handles...; Tags: Botnets, Browsers, Data theft, Digital rights management, Exploit code, Hackers, McAfee, Metasploit, Microsoft, Open source, Passwords, Patch Watch, Pen testing, Responsible disclosure, Vulnerability research, Wi-Fi security, Zero-day attacks; Blog posts 2007-05-18
Do you know what's leaking out of your browser?: Information seeping out of your Web browser could provide a gold mine for hackers doing reconnaissance for targeted attacks.At the ToorCon Seattle (beta) conference, Web application security specialist Robert Hansen (RSnake) demoed Mr-T (Master Recon-Tool), a new utility that combines information disclosure flaws in Internet Explorer and Firefox to collect...; Tags: Firefox, Exploit code, Data theft, Browsers, Botnets, Black Hat, Google, Hackers, Metasploit, Microsoft, Open source, Passwords, Patch Watch, Pen testing, Privacy, Responsible disclosure, Spam and Phishing, Spyware and Adware, Vulnerability research, Wi-Fi security, Zero-day attacks; Blog posts 2007-05-14
News to know: Microsoft vs. open source; Wi-Fi Security; AMD; Halo 3: Notable headlines:Mary Jo Foley: Microsoft: Free and open source software violates 235 Microsoft patents. Report: Microsoft says open source violates 235 patents. Fortune: Microsoft takes on the free world.AMD goes quad-core with Phenom.George Ou: Why VPN cant replace Wi-Fi security.Ryan Naraine: Hacker demos how to defeat Citibank’s virtual keyboard.David...; Tags: General, News to know; Blog posts 2007-05-14
Why VPN can't replace Wi-Fi Security: VPN security shouldn't be a substitute for good Wi-Fi security, but some VPN supporters continue to argue for a VPN-only alternative. George Ou looks at the details of VPN and Wi-Fi security and explains the role each architecture is designed to play. This information is also available online in...; Tags: Wi-Fi, Wi-Fi Security, Wireless Security, VPNs, Network Security, Wireless LANs, Telecommunications, Networking, Security, Wireless; Download resources 2007-05-14
Why VPN can't replace Wi-Fi Security: Why VPN can't replace Wi-Fi securityYou mean people who say VPN is the only way to go?You mean people who say VPN is the only way to go? Ah they're extremely common. In fact they're probably the ones that voted this blog down.I was about to mention EAP-TLS,...; Tags: VPNs, Wireless LANs, Wireless security, Network security, password, VPN, Wi-Fi, security, VPN IS, Wi-Fi security; Discussion threads 2007-05-12
Why VPN can't replace Wi-Fi Security: Every time the subject of wireless LAN security comes up, people ask me about VPN as a solution for securing Wi-Fi (Wi-Fi is the common marketing name for 802.11 wireless LANs). Ive always told people that VPN security shouldnt be a substitute for good Wi-Fi security and I even...; Tags: Wireless LANs, Wireless security, VPNs, Network security, WIRELESS, Wi-Fi, VPN, Wi-Fi security, WPA, WEP; Blog posts 2007-05-12