Skip to main content

Warshipping: attack a target network by shipping a cellular-enabled wifi cracker to a company's mail-room via Boing Boing

The arms race between computer user and hackers continues on. The hackers are getting quite crafty and making great use of cheap (in this case, disposable) yet, powerful computers. — Douglas
 

IBM's ridiculously named X-Force Red have documented a new attack vector they've dubbed "Warshipping": they mailed a sub-$100 custom, wifi-enabled low-power PC with a cellular radio to their target's offices.

The device scans for visible wifi networks; once it senses a network associated with its target (indicating that it has arrived on the target company's premises), it alerts its controllers over the cellular radio, and then scans the local wifi for instance in which users' devices are initiating new connections to the network. It captures the handshake data from these connections, transmits them over the cellular network to its controllers, and they can then crack the password offline, send login credentials to the warshipping device, login to the target network, and attack the network from within.

Read Warshipping: attack a target network by shipping a cellular-enabled wifi cracker to a company's mail-room via Boing Boing


* A portion of each sale from Amazon.com directly supports our blogs
** Many of these books may be available from your local library. Check it out!


An interesting link found among my daily reading

Comments

Popular posts from this blog

Elsewhere Online: AT&T's Spam Filter Gets A Bit Too Aggressive

This story from TechDirt lays out yet another reason I recommend that folks DON'T use the email provided to them by their ISP. My typical recommendation right now is to get a Gmail account instead. It also points out why I want to manage all my SPAM on my end, without pre-filtering from an ISP. I will gladly manage my spam if it helps to insure that I see as many of my "real" messages as possible. Again, Gmail's tools work pretty good in this regard. Having an alternative email account also insures you will keep the same email, even if you decide to leave your current ISP. Witness all the folks holding onto AOL accounts just to keep their AOL email address. Thank goodness at least that is free now. AT&T's Spam Filter Gets A Bit Too Aggressive You can certainly understand why ISPs offer spam filters. It's a service for users who don't want to be totally bombarded with spam. But what I've never understood is that these ISPs rarely give the us

On my iPhone…IFTTT (If This Then That) for iOS

IFTTT (If This Then That) for iOS IFTTT (If This Then That) for iOS My best description of IFTTT, both their main web site, and this new iOS app is "a scripting language for the We." It allows you to set up "recipes" that watch one particular service, like Feedly, Evernote, Gmail and more, and then take action on another service whenever a particular action occurs. I use this to automatically save my shared items from Feedly and elsewhere into an Evernote Notebook and also use it to post automatically post information on a variety of services. The iOS app adds to this functionality by allowing you to take various actions on your phone and triggering IFTTT actions whenever they occur. In the case of the iPhone, initiating actions can include adding new contacts to your iPhone, taking a new picture and more.  For more complete information on how IFFTT works, visit ifttt.com    From the iTunes App Store... " Put the internet to work for you. IFTTT lets y

Audio: Social Networks - LIVE from the Library Internet Seminar - November 8, 2007

This night we talked about social networks, the Writer's Guild Strike, traditional media and the future of new media. Listen to this seminar Links discussed in this seminar: MySpace - Add me as a friend in MySpace Facebook - Add me as a friend on Facebook LinkedIn - Connect to me on LinkedIn YouTube - Watch my videos on YouTube Ning.com Jott.com Garden Fork TV The Minimalist with Mark Bittman quarterlife Blogger.com Wordpress.com Mixergy.com The Wish Book Holiday Podcast Project