Sign up to save your podcasts
Or
Share The Shared Security Podcast Episode 69 – Amazon Key, KRACK and DUHK Attacks, New Devices to Steal a Car
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
The Shared Security Podcast Episode 69 – Amazon Key, KRACK and DUHK Attacks, New Devices to Steal a Car
This is the 69th episode of the Shared Security Podcast sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions. This episode was hosted by Tom Eston and Scott Wright recorded October 25, 2017. Below are the show notes, commentary, links to articles and news mentioned in the podcast:
Amazon Key opens your home for indoor deliveries
A new Amazon Prime service now allows your package couriers access to your home to drop off deliveries. The system uses a Amazon smart lock and connected camera. Innovation or invasion of privacy/security nightmare? Tom and Scott debate the pros and cons!
Severe WiFi security flaw puts millions of devices at risk (KRACK)
A new attack (called KRACK – Key Reinstallation Attack) on the current standard for WiFi security (WPA2) allows an attacker to decrypt Internet traffic from devices being used on a WiFi network with WPA2 encryption enabled. While patches for most modern devices and operating systems will be released (i.e. Apple iOS, Windows 10, etc), many devices such as older Android phones and IoT devices may never get patched. Tom also mentioned a tool which can be used to “downgrade” secure HTTPS connections with this attack called SSL Strip.
DUHK (Don’t Use Hard-coded Keys) Vulnerability
Another recent attack (with a funny name) was announced on a specific type of cryptography implementation being used by certain VPN’s. Specifically, VPNs which use specific versions of FortiOS are vulnerable. If you or your business uses one of these VPNs make sure you patch ASAP.
Just a Pair of These $11 Radio Gadgets Can Steal a Car
Stealing cars just got easier with a recently updated attack on certain keyless entry systems that cars use. Researchers have now demonstrated how easy it is to steal a car with just a pair of $11 radio gadgets. Best way to prevent this (until car manufactures can patch/address the vulnerability) is to keep your car key in a “Faraday bag” or metal protective sleeve like they have available for wallets to protect RFID enabled credit cards.
Please send any show feedback, suggestions for future guests and topics to feedback [aT] sharedsecurity.net or comment below. You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode. Be sure to visit our website, follow us on Twitter and like us on Facebook. Thanks for listening!
The post The Shared Security Podcast Episode 69 – Amazon Key, KRACK and DUHK Attacks, New Devices to Steal a Car appeared first on Shared Security Podcast.
View all episodes
By Tom Eston, Scott Wright, Kevin Tackett
4.5
2828 ratings
This is the 69th episode of the Shared Security Podcast sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions. This episode was hosted by Tom Eston and Scott Wright recorded October 25, 2017. Below are the show notes, commentary, links to articles and news mentioned in the podcast:
Amazon Key opens your home for indoor deliveries
A new Amazon Prime service now allows your package couriers access to your home to drop off deliveries. The system uses a Amazon smart lock and connected camera. Innovation or invasion of privacy/security nightmare? Tom and Scott debate the pros and cons!
Severe WiFi security flaw puts millions of devices at risk (KRACK)
A new attack (called KRACK – Key Reinstallation Attack) on the current standard for WiFi security (WPA2) allows an attacker to decrypt Internet traffic from devices being used on a WiFi network with WPA2 encryption enabled. While patches for most modern devices and operating systems will be released (i.e. Apple iOS, Windows 10, etc), many devices such as older Android phones and IoT devices may never get patched. Tom also mentioned a tool which can be used to “downgrade” secure HTTPS connections with this attack called SSL Strip.
DUHK (Don’t Use Hard-coded Keys) Vulnerability
Another recent attack (with a funny name) was announced on a specific type of cryptography implementation being used by certain VPN’s. Specifically, VPNs which use specific versions of FortiOS are vulnerable. If you or your business uses one of these VPNs make sure you patch ASAP.
Just a Pair of These $11 Radio Gadgets Can Steal a Car
Stealing cars just got easier with a recently updated attack on certain keyless entry systems that cars use. Researchers have now demonstrated how easy it is to steal a car with just a pair of $11 radio gadgets. Best way to prevent this (until car manufactures can patch/address the vulnerability) is to keep your car key in a “Faraday bag” or metal protective sleeve like they have available for wallets to protect RFID enabled credit cards.
Please send any show feedback, suggestions for future guests and topics to feedback [aT] sharedsecurity.net or comment below. You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode. Be sure to visit our website, follow us on Twitter and like us on Facebook. Thanks for listening!
The post The Shared Security Podcast Episode 69 – Amazon Key, KRACK and DUHK Attacks, New Devices to Steal a Car appeared first on Shared Security Podcast.
More shows like Shared Security Podcast
View all
Hacked
187 Listeners
Security Now (Audio)
2,005 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
372 Listeners
Risky Business
372 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
652 Listeners
CyberWire Daily
1,019 Listeners
Smashing Security
319 Listeners
Click Here
417 Listeners
Darknet Diaries
8,063 Listeners
Cybersecurity Today
178 Listeners
Hacking Humans
315 Listeners
CISO Series Podcast
188 Listeners
Defense in Depth
73 Listeners
Cybersecurity Headlines
139 Listeners
The 404 Media Podcast
389 Listeners