Newsletter Archives

Wi-Fi vulnerabilities affect all

Posted on May 24th, 2021 at 01:00 Susan Bradley Comment on the AskWoody Lounge

ON SECURITY

By Susan Bradley

FragAttacks is a newly discovered set of vulnerabilities that, when exploited, allows an adversary to steal data by intercepting a network.

For once, a threat may be less dangerous than advertised.

Read the full story in the AskWoody Plus Newsletter 18.19.0 (2021-05-24).

AskWoody Plus Newsletter, On Security AskWoody Plus Newsletter, Patch Lady Posts, security, Wi-Fi
Is Wi-Fi security irretrievably broken?

Posted on October 15th, 2017 at 19:45 woody Comment on the AskWoody Lounge

There’s a lot of buzz this weekend about a flaw that’s purported to break security on most Wi-Fi connections, allowing an eavesdropper to snoop or use the connection without permission.

Said to involve CVE-2017-13077, 13078, 13079, 13080, 13081, 13082, 13084, 13086, 13087, 13088, when they’re posted.

See this thread from @campuscodi and be watching Bleepingcomputer tomorrow for details.

Security CVE, Vulnerability, Wi-Fi, WPA2, WPS
ELSA: How the CIA tracked the location of an infected PC using WiFi signals

Posted on June 28th, 2017 at 08:28 woody Comment on the AskWoody Lounge

The latest WikiLeaks release talks about ELSA, reportedly a CIA project that allowed the government (and now, apparently, everybody) to snoop on the location of an infected PC.

ELSA is a geo-location malware for WiFi-enabled devices like laptops running the Micorosoft Windows operating system. Once persistently installed on a target machine using separate CIA exploits, the malware scans visible WiFi access points and records the ESS identifier, MAC address and signal strength at regular intervals. To perform the data collection the target machine does not have to be online or connected to an access point; it only needs to be running with an enabled WiFi device. If it is connected to the internet, the malware automatically tries to use public geo-location databases from Google or Microsoft to resolve the position of the device and stores the longitude and latitude data along with the timestamp.

Clever.

Windows Patches/Security CIA, ELSA, Wi-Fi

Welcome to our unique respite from the madness.

It's easy to post questions about Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.

Plus Membership

Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.

AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments. Click here for details and to sign up.