How to Protect Your Wi-Fi Router From Hacking Using Simple Tricks

How to Protect Your Wi-Fi Router From Hacking Using Simple Tricks

wifi-router-hackingShort Bytes: The humble wireless router in your home, as you might not think, could be the biggest loophole in your personal cyber security measures. Read the article to know simple ways to protect your Wi-Fi router.

These are the times when anything and everything digital is prone to hack. From ATMs to connected cars, and from satellites to the so-called secured government offices, hackers are laughing all the way. So, the blatant use of the specification “unhackable”, which today, has become the USP for the products by almost all the brands, doesn’t come as a surprise.

Many people are now aware and take good measures for their online safety, but safeguarding the Wi-Fi router still lies low at the priority list of the most. The reasons may range from lack of knowledge to mere carelessness, but your home router’s security is as important as your front door’s because it is the foremost target of hackers trying to invade through your system.

Now, as you might be knowing How to Increase Your Wi-Fi speed by choosing correct Wi-Fi Channel, here are the simple ways to strengthen your Wi-Fi router’s security from hack attacks.

1. Enable WPA2 (WI-Fi Protected Access)

Ok, this is the first and foremost thing to do for everyone who has or plans to buy a router. It provides encryption to your system and its variant WPA-PSK can be found in home networks. Those who use old routers, they might be having WEP or Wired Equivalent Privacy security, and trust us, it is no better than zero security.

2. Create a Strong SSID Network Name

Do not use the router’s default network name like D-Link or Netgear. Hackers have specific tools like rainbow table to bust into your network just by knowing your default SSID name.

3. Use a Strong Password or Passphrase Maybe

Well, no talk on security can circumvent the importance of strong passwords. Do you know if you increase your password’s length to just one more character, the chances of the hacker cracking your code with probabilistic ways are reduced by hundreds. (I’m just being modest, it is way too high).

Also read: Top 10 Best Ways to Improve Your Wi-Fi Router’s Performance

4. Firewall of Your Router

Well, if you have it, then Use it. It is the router’s inbuilt protection system to make it somewhat obscure from the hacker’s view. Also, new routers come with ‘stealth mode’ firewalls.

5. Turn Off UPnP

The Universal Plug and Play protocol (UPnP) which is meant to establish easy connection with devices in the vicinity can make your router vulnerable and make it a potential target for the hackers (results could be DoS attacks as well).

Not all the routers are susceptible to UPnP exploitation, but why take the risk.

6. Use VPN

A personalized VPN service for your router is the way to go if you are willing to shed a few bucks for your important data. VPN works by giving your location anonymity on its server and even creates its own firewall to protect your network traffic.

Also, VPN is a better alternative than the router’s remote management feature which exposes its web-based interface on the Internet.

7. Enable Logging Feature

The logging feature in your router keeps an account of the log attempts  from all IP addresses and give you all the connection attempt details. This could help you monitor any ongoing suspicious activity.

8. Use Security Services

You can also use cloud-based security services like OpenDNS to screen the traffic through your router. You simply have to configure your network to the online service’s nameserver rather than those used by your ISP.

These web-based services help you to monitor as well as encrypt the traffic through your router.

Although, you can’t make your device hack proof, but with these simple techniques you could make your router safer than it was before.

Have any queries or something to add? Tell us in comments below.

Download our Google chrome, Mozilla firefox and Opera extension to get instant updates –
fossbytes google chrome extension fossbytes firefox extension fossbytes opera extension fossbytes google chrome app

(function(w,d,s,i){w.ldAdInit=w.ldAdInit||[];w.ldAdInit.push({slot:8011048867343975,size:[0, 0],id:”ld-8768-4244″});if(!d.getElementById(i)){var j=d.createElement(s),p=d.getElementsByTagName(s)[0];j.async=true;j.src=”//cdn2.lockerdome.com/_js/ajs.js”;j.id=i;p.parentNode.insertBefore(j,p);}})(window,document,”script”,”ld-ajs”);

The post How to Protect Your Wi-Fi Router From Hacking Using Simple Tricks appeared first on fossBytes.

fossBytes
http://fossbytes.com/how-to-protect-your-wi-fi-router-from-hacking-using-simple-tricks/

Anúncios

Derbycon 2015 – Honeypots for Active Defense

Derbycon 2015 – Honeypots for Active Defense

A Practical Guide to Deploying Honeynets within the Enterprise InfoSec analysts are all somewhat familiar with honeypots. When they are given the proper attention, care and feeding, they produce invaluable information and can be a critical asset when it comes to defending the network. This intel has been primarily used by security researchers and organizations with advanced defensive capabilities to study their adversaries and learn from their actions. But what about the rest of us? Honeypots are a lot of work to configure, maintain, and monitor, right? Not exactly, when deployed and monitored properly, honeypots and honey tokens are a simple way to alert on anomalous activity inside the network. But how can an organization that is not focused on research gain valuable threat intelligence using honeypots and actively defend their network using indicators generated from? The answer is honeypots for active defense. There are currently many open source security tool distributions that come pre-loaded with honeypots among other useful tools, however the honeypot software is often not deployed in an effective manner. This session will discuss techniques to leverage honeypots in ways that will not overburden the security team with massive logs to sift through and focuses efforts on correlating active threat data observed in the honeypots with the production environment. When deploying honeypots effectively, this can give security analysts one additional mechanism to tip them off to nefarious activity within their network. Greg Foss is a Senior Security Research Engineer with the LogRhythm Labs Threat Intelligence Team, where he focuses on developing defensive strategies, tools, and methodologies to counteract advanced attack scenarios. He has nearly a decade of experience in the Information Security industry with an extensive background in Security Operations; focusing on Penetration Testing and Web Application Security. Greg currently runs the Incident Response and Red Team practices at LogRhythm and holds multiple industry certifications including the OSCP, GAWN, GPEN, GWAPT, GCIH, and C|EH, among others. For More Information Please Visit: – http://www.derbycon.com/ http://www.irongeek.com/i.php?page=videos/derbycon5/mainlist

securitytube

SecurityTube.Net
http://feedproxy.google.com/~r/SecurityTube/~3/duS0JnQyWko/14094

Apple e Microsoft mudam suas políticas de privacidade

Apple e Microsoft mudam suas políticas de privacidade

http://computerworld.com.br/sites/beta.computerworld.com.br/files/news_articles/privacidade_seguranca_cadeado.jpg
As duas empresas querem os usuários saibam que não vão ler seus emails, a fim de direcionar publicidade

RSS Tema
http://computerworld.com.br/apple-e-microsoft-mudam-suas-politicas-de-privacidade

WinRAR Exposed to Dangerous Vulnerability: Attack Just by Unzipping Files

WinRAR Exposed to Dangerous Vulnerability: Attack Just by Unzipping Files

winrar-flaw-vulnerabilityShort Bytes: The latest WinRAR SFX v5.21 update has a serious vulnerability that allows remote attackers to execute any malicious code on your system.

The latest release of the WinRAR software has been discovered with a serious flaw. As you unzip the SFX archive inside the RAR file, WinRAR a widely used software used to compress and decompress files, automatically executes a malicious code without your knowledge, as reported by Vulnerability Lab.

Due to this proof-of-concept code, the user is immensely susceptible to the attacks from outside. The attacker could exploit the HTML instruction view in the installer and write any malicious code on the computer that open the SFX file. Later, this executable can be run on the user’s system without their knowledge.

The flaw has been confirmed by MalwareBytes as well and the WinRAR SFX v5.21 users are advised to be careful with the random compressed SFX files.

WinRAR has confirmed the report saying, “Executable files are potentially dangerous by design. Run them only if they are received from a trustworthy source. WinRAR self-extracting (SFX) archives are not less or more dangerous than other .exe files.

This is a serious flaw and hackers could target thousands and more users if the bug is not fixed soon. Moreover, it is very difficult to scrutinise the executable part for its authenticity.

WinRAR, by the looks of its reply, doesn’t seem bothered by the vulnerability and advises users to place putty.exe into RAR SFX archive and add following commands to archive comment:

Setup=putty.exe Silent Overwrite Path=puttyfolder

Check WinRAR lab for more information.

Download our Google chrome, Mozilla firefox and Opera extension to get instant updates –
fossbytes google chrome extension fossbytes firefox extension fossbytes opera extension fossbytes google chrome app

(function(w,d,s,i){w.ldAdInit=w.ldAdInit||[];w.ldAdInit.push({slot:8011048867343975,size:[0, 0],id:”ld-8768-4244″});if(!d.getElementById(i)){var j=d.createElement(s),p=d.getElementsByTagName(s)[0];j.async=true;j.src=”//cdn2.lockerdome.com/_js/ajs.js”;j.id=i;p.parentNode.insertBefore(j,p);}})(window,document,”script”,”ld-ajs”);

The post WinRAR Exposed to Dangerous Vulnerability: Attack Just by Unzipping Files appeared first on fossBytes.

fossBytes
http://fossbytes.com/winrar-exposed-to-dangerous-vulnerability-attack-just-by-unzipping-files/

Cursos presenciais da Academia Clavis, venha fazer parte!

Cursos presenciais da Academia Clavis, venha fazer parte!

treinamentospresenciais

Você já conhece os cursos presenciais da Academia Clavis? Se não conhece fique por dentro e venha fazer parte das novas turmas e invista no seu desenvolvimento profissional!

Atualmente a Academia Clavis conta com quatro cursos distintos:

  • CISSP – Certified Information Systems Security Professional: A CISSP foi a primeira credencial na área da informação a atender aos rigorosos requisitos da Norma ISO/IEC 17024. CISSP não é apenas uma medida de excelência, mas também um padrão de conquista com reconhecimento mundial. A Clavis Segurança da Informação, em parceria com a renomada certificadora internacional (ISC)2®, proporciona o treinamento necessário para que o aluno tenha chances reais de aprovação nesta certificação. Com instrutores certificados e indicados pela própria (ISC)2®, o curso visa orientar os alunos da melhor maneira para que estes conquistem esta importante certificação internacional.
  • CISM – Certified Information Security Manager: A certificação CISM (Certified Information Security Manager) é a única certificação com foco no gerenciamento em segurança da informação e já foi conquistada por mais de 10.000 profissionais ao redor do mundo desde 2003. CISM é para profissionais que desenham, dirigem e avaliam os programas de segurança de informação das corporações.
  • Curso Oficial CompTIA Security+: A Certificação CompTIA Security+ designa profissionais experientes na área de segurança, uma das áreas de mais rápido crescimento em TI. A CompTIA Security+ é uma certificação internacional que demonstra competência em: Segurança de Redes; Conformidade e Segurança Operacional; Ameaças e Vulnerabilidades; Segurança de Aplicações, Dados e Estações; Controle de Acesso e Gerência de Identidade; e Criptografia. Ela garante que os candidatos não estarão somente aptos a aplicar os conhecimentos de conceitos, ferramentas e procedimentos de segurança para reagir a incidentes de segurança, mas também que poderão se antecipar aos riscos de segurança, protegendo-se deles através de medidas proativas.
  • ECSA/LPT EC-Council Certified Security Analyst: A certificação EC-Council Certified Security Analyst (ECSA) complementa a certificação Certified Ethical Hacker (CEH) explorando a fase analítica do hacking ético. Enquanto CEH apresenta ao aluno tecnologias e ferramentas, ECSA vai um passo adiante, ao explorar como analisar os resultados destas. O profissional sendo certificado CEH e ECSA, estará apto a se certificar na certificação máxima da EC-Council na área de Auditoria Teste de Invasão, a Licensed Penetration Tester – LPT.

Para informações adicionais sobre os cursos presenciais da Academia Clavis acesse http://www.clavis.com.br/curso/index.php .

Próximos Cursos Presenciais – Academia Clavis

Curso

Data

CISM – Certified Information Security Manager
Rio de Janeiro – RJ

09, 10, 11, 12, 13 de novembro de 2015

CISSP – Certified Information Systems Security Professional
Rio de Janeiro – RJ

09, 10, 11, 12, 13 de novembro de 2015

CompTIA Security+
Rio de Janeiro – RJ

07, 08, 09, 10 e 11 de dezembro de 2015

ECSA/LPT EC-Council Certified Security Analyst
Rio de Janeiro – RJ

14, 15, 16, 17 e 18 de dezembro de 2015

Blog SegInfo – Segurança da Informação – Tecnologia – Notícias, Artigos e Novidades
http://feedproxy.google.com/~r/seginfo/~3/Zx6JdEfXdes/

Plans for a massive ‘floating city’ begin to take shape

Plans for a massive ‘floating city’ begin to take shape

Floating City
French architect Jacques Rougerie come up with a deign for a massive and futuristic floating city capable of housing some 7000 scientists — or perhaps as the case may be, villains.

ExtremeTech » News & Updates For Hardcore Tech Fans | ExtremeTech
http://www.extremetech.com/extreme/215104-plans-for-a-massive-floating-city-begin-to-take-shape

Derbycon 2015 – Manufactorum Terminatus – The attack and defense of industrial manufacturers

Derbycon 2015 – Manufactorum Terminatus – The attack and defense of industrial manufacturers

In the evolving threat land scape where the lines between informational and physical warfare have begun to blur, industrial manufacturers are beginning to find themselves in the cross hairs as targets of opportunity and great reward. With a large amount of industrial equipment now part of the “internet of things” its time to examine the practical concepts of attacking, assessing, and defending these entities. This talk will discuss the methods of attack, common vulnerabilities, and areas of opportunity for security improvement within industrial manufacturer technical security environment. Noah Beddome – Noah is a former Marine and current hyper competitive jerk who enjoys compromising physical security, lengthy phone discussion that result in leaks of information and cuddling. For More Information Please Visit: – http://www.derbycon.com/ http://www.irongeek.com/i.php?page=videos/derbycon5/mainlist

securitytube

SecurityTube.Net
http://feedproxy.google.com/~r/SecurityTube/~3/DHOUR_XnWy4/14095