Avoiding Honeypot APs: Who do you trust?

Lisa Phifer

While rigorously validating server certificates is key to avoiding Honeypot APs and other man-in-the-middle attacks that may follow, this advice begs the question: How do you know which servers to trust?

Can WPA2-Enterprise stop Honeypot AP attacks?

Lisa Phifer

Numerous demonstrations have proven that users easily fall prey to open Honeypot (aka Evil Twin) APs. For example, an experiment conducted recently in London tricked 250 unsuspecting Wi-Fi clients into connecting to a fake public hotspot AP in just 30 minutes, with 33 of those victims actively using the honeypot to carry out web searches and send email, often exposing POP3 passwords (see

What WLAN admins can learn from Starbucks

Lisa Phifer

Earlier this week, reports surfaced about payment fraud attacks experienced by users of the Starbucks mobile app. It does not appear that reported attacks were caused by a Starbucks payment systems breach or mobile app code flaw. In fact, in a May 13th news post, Starbucks flatly stated “News reports that the Starbucks mobile app has been hacked are false.” ( ... t-security)

Don’t fall into the “No iOS Zone”

Lisa Phifer

In this week’s RSA 2015 session entitled “Mobile Vulnerabilities: From Data Breach to Complete Shutdown,” the co-founders of Skycure took aim at iOS and its increasing number of network security vulnerabilities – notably, an iOS SSL certificate parsing bug capable of crashing almost any app, demonstrated here:

Are you vulnerable to the FREAK attack?

Lisa Phifer

Last month, researchers in France discovered yet another gaping hole in SSL, dubbed the FREAK attack. FREAK is a downgrade vulnerability that can be exploited by a man-in-the-middle attacker to neutralize the security otherwise afforded by SSL and its younger better-looking sibling TLS.

RE: Looking in all the right places for wireless intruders

Lisa Phifer

For those interested in learning more about License-Assisted Access (LAA) and its potential impact on wireless LANs, here’s an excerpt from the Wi-Fi Alliance statement on LAA:

Looking in all the right places for wireless intruders

Lisa Phifer

Channel scanning is the cornerstone of Wi-Fi intrusion prevention. RF visibility is absolutely critical for everything from basic rogue detection to effective threat containment. If your organization is not comprehensively scanning all the right frequencies, you could be overlooking intruders hiding in plain sight. Like a home security system that monitors locked doors but not wide-open windows, a “secure” WLAN that scans for rogues on just a few popular channels is vulnerable to attack.

“Good Enough” Isn’t Good Enough Anymore: AirMagnet Enterprise v10.9 and the Need for Comprehensive Wireless Security Solutions

Robin Rees

2014 was a busy year for wireless security, and not in a good way. The total number of cyber security incidents increased by 48% between 2013 and 2014 for a total of 42.8 million, according to PwC’s Global State of Security Survey. Back in 2010, the number was only 9.4 million. These attacks cost the global economy up to $575 billion annually as estimated by the Center for Strategic and International Studies research.

WLPC Attendees: AirMagnet Trials are Being Extended!

Dilip Advani

Those of you who recently attended the wirelessLAN Professionals conference know you received a free trial of AirMagnet Survey Pro and AirMagent WiFi Analyzer Pro included in your attendee bags. We usually keep our trials to a 30 days or less, but what we heard from you is that simply wasn’t enough time for you to really dive into the software. That matters to us. And we listened.


Christopher Hinsz

When you read the words ‘heat map’ what is immediately conjured to mind? For most people it’s a colorful map showing AP signal strengths throughout a deployment. There is no doubt signal strength is a valuable tool for validating a network will function as intended. However there is another very important metric that is often ignored when performing a site survey: Interference.

Would you recognize a Pineapple Evil Twin?

Lisa Phifer

Over the years, it's grown much easier to launch Evil Twin attacks.

Will 2015 be the year of the drones?

Lisa Phifer
After a year of increasingly frequent and potentially dangerous encounters between drones and airplanes, fire fighters, and even the White House, the FAA yesterday finally proposed a new set of rules governing non-recreational use of small unmanned aircraft systems (UAS).
According the FAA’s Proposed Part 107, drones must weigh less than 55 pounds, flown in the daylight, controlled by visual line of sight, and remain close enough at all times to be seen by the operator.

Improving Site Surveys

Christopher Hinsz

Two people head out to the same site to perform a site survey, they’re both using the same software, and yet they get significantly different results. We’d all like to think that data from a site survey is by definition reliable, but it’s not. So what happened? Choice of adapter, choice of survey (active vs. passive), even the paths the individuals walked can have large impact on the results. If you’re not following accepted best practices and collecting the right information during a survey, your results will be unreliable.

The Wi-Fi (R)evolution continues with Wi-Fi Direct

Lisa Phifer

Roughly fifteen years ago, the wireless LAN industry was focused on delivering basic interoperable wireless connectivity at just 11 Mbps. Today, Wi-Fi CERTIFIED unit sales are set to pass the ten billion unit mark, composed of products that deliver gigabit data rates along with a slew of advanced certifications that make wireless more secure, usable, and accessible.

Using WPA2 to avoid data breach headlines

Lisa Phifer

When most people hear “data breach” they think about lost laptops, server break-ins, or malware-based attacks. But according to a new survey by Spiceworks, commissioned by Certes Networks, lax network security and traffic segmentation played a crucial role in data breaches reported in 2013-2014. A few of this survey’s top findings included:

* Encryption for data in motion is highly fragmented, with 3 out of 4 companies using at least two methods – most often SSL-protected web traffic, followed by SSL-based VPNs.

Perfecting Passpoint secure roaming

Lisa Phifer

In 2012, the Wi-Fi Alliance launched as secure seamless wireless roaming certification program dubbed Passpoint. This program was designed to overcome public hotspot challenges – notably, the security threats posed by open hotspots and the configuration barriers that impede mobile device hotspot roaming. The latter is of special importance to cellular and fixed broadband network operators that are anxious to offload mobile voice and data traffic onto less expensive Wi-Fi access networks.

DarkHotel: What Hospitality WLAN Operators Should Know

Lisa Phifer

Operators responsible for securing hospitality networks have long worked to reduce fundamental guest Wi-Fi vulnerabilities and raise awareness about more sophisticated threats.  From blocking client-to-client traffic to adding Hotspot 2.0, hospitality network operators can play a big part in helping to protect guests. This week, new research published by Kaspersky demonstrates how these valiant efforts can still fall short – specifically, by failing to stop an Advanced Persistent Threat (APT) dubbed DarkHotel.

Poodle preys on open WiFi hotspot users

Lisa Phifer

Google researchers recently posted a security advisory about an SSL downgrade attack dubbed POODLE:

Five Myths about Wireless Security

Greg Rayburn

In our connected world, wireless security threats – which can lead to identity theft or the loss of proprietary information – have become all too common. As National Cyber Security Awareness Month winds down, here are five common myths about wireless security that deserve our attention and action:

WiFi Pineapple Detected: How to Combat this Sly Hacking Tool

Greg Rayburn

Picture this. You’re monitoring a wireless network at a busy trade show. People are everywhere, browsing between booths. Everything is going smoothly until your wireless intrusion prevention system alerts you to an unauthorized access point spoofing your network’s SSID.

But with a large area to cover and limited information on the threat, you’re looking for the proverbial needle in the haystack.