LATEST BLOG POSTS
FragAttacks: new Wi-Fi vulnerabilities found!
A few days ago, a Belgian security researcher, Mathy Vanhoef, has found, and named as “FragAttacks (fragmentation and aggregation attacks)”, a dozen of unknown security flows affecting Wi-Fi devices. Within radio range of a victim, a threat actor can exploit them to steal user information or attack devices. The report has found that at least three of the discovered vulnerabilities are design flaws in the Wi-Fi standard and affect most devices, as a result. Moreover, the discovery has found that are caused by widespread programming mistakes in Wi-Fi products. However, these flows are very complex to exploit giving their design and mitigation measures are already in place. Find out more on our blog! FragAttacks: vulnerabilities involved The research have discovered that all modern Wi-Fi security protocol – no exception for the latest WPA3 – may be vulnerable to hacks. Besides that, there is an even worrying news. The vulnerabilities found also affect the WEP security protocol, the original security Wi-Fi protocol. This essential means that devices using Wi-Fi connections has been exposed since 1997. However, you should not despair. The good news that the exploiting these security flows may result very hard giver their complex design. The main concern of the report is indeed fixing those programming mistakes at the base of the flow themselves in Wi-Fi products. Mitigation measures To protect users, security researchers have performed a gradual disclosure of details concerning these vulnerabilities. This operation lasted 9-month and Wi-Fi Alliance and ICASI coordinated it. As a general recommendation, you should update every device you own as soon as possible to minimize risks. If updates are unavailable, you can still mitigate some of the attack by limiting your visits to HTTPS websites. You may follow the incoming USENIX Security conference and workings of Black Hat USA this summer for more information. FragAttacks Demo Mathy Vanhoef has also released a demo to show how can an adversary exploit such vulnerabilities. It suggests that hackers may abuse them in two ways. First, they may lead to sensitive data stealing. Second, it may allow hacking of devices connected to the same network in someone’s home or workplace. This second option is the greatest risk, as homes and offices are full of non-updated IoT device whose last line of defense is Wi-Fi security itself. You can watch it on this link. Conclusion To conclude, the research work undergone by Mathy Vanhoef has taught us an important lesson. Regular analysis of security protocol is critical. Also, testing of Wi-Fi products and active search for flows is essential. Certifying them may be a useful solution to these problems. For more information, we redirect our readers to Mathy Vanhoef’s blog to dig this sensitive matter further.
Vulnerability Assessment: an overview of a crucial cybersecurity task
Vulnerability assessment is a task in delivering an effective cybersecurity strategy in both corporate and public sectors. It is vital to bring about risk awareness, and it is the very first step in analyzing an organization’s cybersecurity strategy and architecture. The best way to protect against exploitable vulnerabilities is indeed detecting them – and fix them afterward – before a threat actor notices them. In essence, a vulnerability assessment involves the automatic scanning of all items, components, and assets of an IT system, an application, or software by software. Many confuse this security operation with penetration testing. Performing a vulnerability assessment means assuring integrity, and security, and proper management of the IT assets of an organization. Read more below! Vulnerability assessment: what is it? You may look up different definitions of this process from various sources. We boil it down to the following definition: screening an IT system or a web application looking for vulnerability. By performing this test On a practical level, those charged with IT security may perform it in three different situations: First, it can be on demand, on a one-off basis. Secondly, security analysts may use an application to run it periodically. Thirdly, a vulnerability assessment usually plays as the preliminary penetration testing phase. The most advantageous choice, arguably, seems to run it regularly. By doing so, security analysts may have a complete observation of what is going on in the scanned system. This means constantly checking on the real state of security. Vulnerability assessment vs Penetration Testing: a warning Above, we have mentioned that vulnerability assessments may be the first step to perform penetration testing activity. Indeed, penetration testing and vulnerability assessment are two distinctive activities. Penetration Testing (Pen Test) refers to the activity of systematically attempting to violate a vulnerable component of a system to discover the security breaches in it through a simulated attack. Can you note the difference? In other words, the security analyst already knows the exploitable vulnerability in penetration testing. Indeed, he discovers it by performing preliminary vulnerability assessments. Therefore, penetration testing does not equal vulnerability assessment. Who does perform a security assessment? The professional figure performing a security assessment is the security analyst. He or she has many tasks and is usually in charge of managing an organization’s cybersecurity. Read more about them on our dedicated blog. Vulnerability assessments consists of automatic scanners performed by softwares. Thus, they are part of a general security assessment. Conclusion To conclude, vulnerability assessments are crucial cybersecurity tasks. It is the first step to secure IT systems, applications, and software assets. Thus, neglecting them may be detrimental: failure in detecting vulnerabilities means giving threat actors a concrete chance to break in. These exercises constitute the preliminary step to perform penetration testing moreover.
Cybersecurity analysts: what they do and why their work is vital
Cybersecurity analysts are the core of an organization’s security, private and public alike. They have a vital task: ensuring that their IT assets are secure and protect them from violations and attacks. Being a security analyst is everything but an easy job. In achieving their organization’s security, they have the duty to manage the IT security and risks of the entity they work for. This includes analyzing and identifying proper security solutions to make the work environment resilient to threats. Usually reporting to a CIO (Chief Innovation Officer), their role also involves a constant liaison and engagement with other departments and business units. Cybersecurity analyst jobs require many sophisticated skills, which employers repay with competitive salaries. Find out more below! Cybersecurity analysts: job description First and foremost, talking about the cybersecurity job market requires a brief introduction. The ongoing digitalization of society has increased security concerns to a level nobody would dream of. Indeed, increasing reliance on technology and the digital device has multiplied by exponential factor surfaces of attack exploitable by threat actors. Therefore, cybersecurity analysts are vital professionals. They figure as the workers responsible for ensuring that cyber threats do not harm the organization they work for. Or at least they attempt to do so. Particularly, their job involves the management of the security of all IT assets. However, organizations require them to draft security policies and procedures. Moreover, they are in charge of a comprehensive data security program for the organization’s system. This also entails providing development, training, execution, and monitoring. The job, finally, requires performing checks and giving authorization to requests. They may also audit functions according to compliance standards. Skills Above, we have outlined the main duties of this vital and important job. But, what skill do security analysts need to perform it? Generally, it would be best if you acknowledged that the cybersecurity industry does not require a specific curriculum. For instance, if interested in compliance, you would not need a degree in computer science. Cybersecurity analysts, however, are one of the most technical professional figures in the industry. A bachelor degree in computer science is a must, then. Hard skills needed may include reverse engineering, penetration testing, and firewall administration. Getting the right hard skills may not suffice to form a qualified cybersecurity analyst. Key soft skills include data analysis, problem-solving, and communication. Communicating properly may be key as the job requires concise and clear reporting. Conclusion To conclude, cybersecurity analysts, perform a critical job. They have the duty to secure organizations from threats. Overall, not everyone could do this job. Cybersecurity indeed scores as one of the most complex fields in the labor market. But there is good news. Companies and organizations desperately look for these skilled professionals. As supply does not meet demand in this field, salaries tend to be competitive. Also, great career perspectives may encourage working in this sector. You may read further about jobs in the cybersecurity industry in our dedicated blog.
Penetration testing: what it is and why it is important
Penetration Testing (Pen Test) refers to the activity of systematically attempting to violate a vulnerable component of a system to discover the security breaches in it through a simulated attack. The professional figure that performs such testing is a security analyst acting as a proper hacker. He or she has the task of breaking the system under assessment by following an attack strategy. This service is vital because real hackers may exploit any breaches with ease if an organization does them know them in time. Damage associated with such violations may include data theft, unauthorized access to sensitive files, service disruption, and many more. Penetration Testing should not be confused with vulnerability assessment, another security service performed for other scopes and other tools. Being a vital cybersecurity operation, Penetration Testing is everything but an easy activity. Beyond the actual simulated hacking, it consists of many phases and stages before the client receives a proper report. Learn more on our blog! Pen Test’s main characteristics As we have mentioned above, pen testing is a crucial security activity. A simulated attack assesses the overall security of the targeted assets. It consists of many phases: 1. Detection of an exploitable vulnerability 2. Planning an attack strategy against it 3. Testing the attack 4. Seizing a line in usage 5. Exploiting access to gather information Non-experts often associate Pen Tests with a vulnerability assessment. Specifically, the latter is more about a scan of an IT system looking for vulnerabilities. Thus, vulnerability assessments may be the preliminary phase of Pen Test. Pen Test, instead, goes straight to the point: it acts as a systematic attack against an IT, software, application component known to be vulnerable. Penetration Testing: tester’s profile The professional figure that usually performs Penetration Testing activity is the security analyst. Security analysts perform as responsible for a company’s cyber and digital security. They protect its IT infrastructure. Also, they detect and prevent threats through a complex process of intelligence gathering. Their main skills encompass data analysis and mining, statistical analysis, and knowledge of main pen test platforms. Programming skills, furthermore, are a must they should possess. Conclusion To conclude, Penetration Testing is vital security activity. Without it, threat actors would exploit many vulnerabilities with relative ease. It also prepares personnel on how to handle a breach. Moreover, this activity tests whether the company’s security policy works. Finally, they provide solutions that help companies design more resilient security. Telsy offers its clients breakthrough penetration testing and other cybersecurity services. Check on our website for more!