U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

The Dangers of Using Unsecured Wi-Fi Networks

Isn’t public Wi-Fi great? If you’re having a tea or coffee in a cafe or restaurant you can check your emails and social media. If you’re waiting for a flight what better way to pass the time than logging onto your favourite website, checking your bank account or even doing a bit of online shopping? […]

Evil Twin Wi-Fi attack

Isn’t public Wi-Fi great? If you’re having a tea or coffee in a cafe or restaurant you can check your emails and social media.

If you’re waiting for a flight what better way to pass the time than logging onto your favourite website, checking your bank account or even doing a bit of online shopping? And you don’t have to pay a penny or cent. It’s free and you’re not eating into your data allowance. 

Except there’s a problem. Public Wi-Fi is notoriously insecure. Data that travels over a public hotspot network is rarely encrypted. This means that every time you use public Wi-Fi, anybody who is looking can see everything you are doing. They can see the passwords you use, your email address, your name and physical address, phone numbers and any other type of personal information that you might happen to enter into a website. They can certainly see the websites you are visiting. 

This information is gold dust to cyber criminals. It enables them to access and rake through your emails, target you with specific phishing mails, call you with targeted messages and even capture and exploit your payment card details if you happened to buy something online when using public Wi-Fi.

Hackers capture this unencrypted network traffic by interfering with the public Wi-Fi or by creating an ‘evil twin’ fake network which looks legitimate but has actually been set up by the hacker. Because attackers are typically silently observing the public Wi-Fi traffic these attacks are difficult to spot.

  • An attacker could see that a user is accessing a banking site and change the destination account number to a fake website they have set up that emulates the legitimate site.
  • Attackers can also redirect users to making a so called ‘important’ download or update, which actually is a Trojan horse for malware that is planted on your device. 

These attacks can also be easily automated. For instance there are automated tools that look for passwords and write them into a file whenever they see one. There are automated attacks that wait for particular requests, such as accessing Amazon.com, designed to scoop up usernames and passwords.

In the name of self defence

These attacks aren’t theoretical. Hotels are a favorite target, especially during the holidays, but so are shopping malls, airports, cafes and different types of transport stations.

So what can you do to protect yourself? The answer is a virtual private network (VPN) which creates a private tunnel between your device and the internet and encrypts your data. It essentially locks down your network traffic so no one can see what you are doing when you use public Wi-Fi. 

BullGuard VPN for instance uses military grade encryption which would take more than a lifetime to crack. When confronted with this level of protection, hackers simply move on. 

Further it also protects you from other types of snooping whether its companies trying to track your movements or even governments spying on their citizens. In short, you reclaim your privacy and can use the internet with total freedom and safety, even on public Wi-Fi.

About the AuthorSusan Alexandra is a cybersecurity and privacy enthusiast. She writes for publications like GlobalSign, Tripwire, SecurityAffairsSecurityToday and CyberDefenseMagazine. She is a small business owner, traveler and investor of cryptocurrencies. Susan’s inbox is open for new ideas and stories, feel free to share story ideas to susanalexandra67@gmail.com

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Wi-Fi, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]