Here’s something you probably didn’t know existed. With SanDisk’s iXpand iPhone base, you’ll never have to worry about losing your memories again. Every time you charge your iPhone with the iXpand Base, it automatically backs up your photos, videos and contacts. The iXpand Base offers plenty of room to save your files in their original quality with no worry about recurring monthly fees for Internet-based storage. Designed for everyday use with a soft rubber top, a sturdy base, and a wrap-around groove to keep your Apple Lightning to USB cable tidy. Its typical list price has been discounted, for now, to $129.99. See this deal on Amazon.To read this article in full or to leave a comment, please click here https://www.cio.com/article/3233277/mobile/35-off-sandisk-256gb-ixpand-base-for-iphone-charging-and-backup-deal-alert.html#tk.rss_consumerelectronicsMicrosoft Office 2010 Warning: Invalid argument supplied for foreach() in /home1/mylifeco/public_html/pricecutterstore.com/admin/models/api/amazon.class.php on line 88
Fatal error: Call to a member function xpath() on a non-object in /home1/mylifeco/public_html/pricecutterstore.com/admin/models/api/affiliate_window.class.php on line 129
Krack Attack: Security Flaw Puts Every Wi-Fi Connection at Risk
Thanks to a newly discovered security flaw, your home Wi-Fi is completely hackable, giving cyber thieves a front row seat to everything from your private chats to your baby monitor. And there’s not much you can do about it — yet.
“When I woke up this morning and saw this one, I was taken aback,” Bob Rudis, chief data scientist at Rapid7, a security data and analytics company, told RENBC News. “We try to make sure if something is talked about in a bad way, it actually is bad.”
Called Krack, the attack takes advantage of the four-way handshake, a process between a device and a router that has been around for 14 years and is designed to deliver a fresh, encrypted session each time you get online.
During the third step in the process, hackers can resend a key in such a way that it resets the encryption key to zero. Encryption is the process that makes your data uncrackable to anyone who might intercept it.
With an unencrypted session, hackers are then free to pry on whatever you and your devices are doing on Wi-Fi.
“The one saving grace is the attackers need to be within range of Wi-Fi networks,” said Rudis. “But someone can sit outside your office or the apartment next door and do this attack from there.”
The Krack attack was discovered by researchers Mathy Vanhoef and Frank Piessens of KU Leuven in Belgium and was revealed on Monday.
It’s a common practice in the security world to notify vendors of an exploit before it is publicly released. On their website, the researchers said they notified vendors of the products they tested on July 14. After realizing they were dealing with a protocol weakness instead of a set of bugs, the duo alerted the United States Computer Emergency Readiness Team (CERT), who began contacting vendors in August.
CERT disclosed the exploit on Monday and included a list of vendors, when they were notified, and whether they are affected. As of Monday afternoon, many were listed as “unknown.”
It’s difficult to determine if any cyber criminals have used the exploit “in the wild” or are currently using it, the researchers said on their website. A demo video showed how they were able to use the attack to hack into an Android 6.0 smartphone.
Google, which develops the Android operating system, is aware of the issue and “will be patching any affected devices in the coming weeks,” a spokesperson said.
Robert Siciliano, CEO of IDTheftSecurity.com, told NBC News “it’s hard, if not impossible to say” if this attack has ever been used. However, given the amount of time the four-way handshake has been around, he believes it’s possible someone has used it.
“This vulnerability has been in existence, some say, for up to 14 years — which means that it’s entirely possible someone has already determined this flaw in the past and has exploited it,” he said.
How to Protect Yourself
Fixing such a gaping problem with Wi-Fi protocol is going to require making sure your smartphone and laptop are up to date with the latest patches.
You’ll also want to check for any firmware updates to your wireless router. If you’re using equipment provided by your internet service provider, Rudis recommends checking with the company for the latest information on updates. If you own your router, you’ll want to check to make sure you’ve downloaded any patches.
Since virtually every device in the world that uses Wi-Fi is vulnerable, he said it’s crucial to stay on top of updates.
“I think most manufacturers will have patches soon,” Rudis said. “But if you don’t see a patch for your home network equipment in at least a week, you should get a new Wi-Fi access point for your house.”
While part of the solution is in the hands of vendors, home users can protect themselves now by using a “virally important” tool called a VPN — a virtual private network.
“The minute you do that, you negate this vulnerability,” Rudis said. Hackers might still be able to capture your packets — but they won’t be able to break the security.
You can also safely browse at HTTPS sites; however, that will require every link, photo, and anything else on the page to also have a secure domain, Rudis said, calling it “virtually impossible to do.”
There seems to be a new vulnerability being exposed every day, bolstering the need for more resources to go toward fighting a cyber threat that continues to grow exponentially.
One in 131 emails sent last year contained malware, marking the highest rate in five years, according to a report from Symantec.
The growing threat is costing companies — and consumers — big bucks.
Cyber security spending is expected to top $1 trillion between 2017 and 2021, according to Cybersecurity Ventures, and that’s largely fueled by the growing number of hacking threats.
The disclosure on Monday was one of the more troubling ones in recent times for security experts, though they also stressed it’s inevitable.
“Think of anything mechanical, even think of food,” Siciliano told NBC News. “Occasionally you see a recall because an airbag is hurting people or because brakes aren’t working because the design was flawed… Nothing will ever be perfect.”
What can you do to secure your data?
The fact that almost every device in almost every Wi-Fi network is vulnerable to KRACK sounds quite scary, but — like pretty much any other type of attack — this one is not the end of the world. Here are a couple of tips on how to stay safe from KRACK attacks in case anyone decides to use them against you.
Always check to make sure there’s a green lock icon in the address bar of your browser. That lock indicates that an HTTPS (encrypted and therefore secure) connection to this particular website is being used. If someone attempts to use SSLstrip against you, the browser will be forced to use HTTP versions of websites, and the lock will disappear. If the lock is in place, your connection is still secure.
The researchers warned some network appliance manufacturers (including the Wi-Fi Alliance, which is responsible for standardizing the protocols) in advance of releasing their paper, so most of them have to be in the process of issuing firmware updates that can fix the issue with key reinstallation. So check if there are fresh firmware updates for your devices and install them as soon as possible.
This is probably the cheapest price you’re going to pay right now for these bulbs. At $49.97 for a 4-pack, you’re paying $12.49 per bulb. A very solid discount over the typical list price. Automate your lighting experience with Philips Hue and control your lights from home or away. Create light schedules from the Philips Hue App and never come home to a dark house. Install the LED lights as you would install ordinary bulbs and pair them with the Hue Bridge, which allows you to control smart-bulb-equipped lamps and overhead lights via the Philips Hue App. The box includes four Philips Hue White A19 Energy Star Certified Standard light bulbs, a manual, and a two-year warranty. See this deal now on Amazon.To read this article in full or to leave a comment, please click here https://www.cio.com/article/3232400/home-tech/get-4-philips-hue-white-a19-60w-dimmable-led-smart-bulbs-for-just-50-deal-alert.html#tk.rss_consumerelectronics