Monday, September 14, 2009
PCI Alert!….WPA Cracked in less than 60 seconds…(Uh Oh!)
PCI Alert!….WPA Cracked in less than 60 seconds…(Uh Oh!)
August 28th, 2009 by cmark Posted in PCI DSS
An article in today’s Network World reported that researchers have broken WPA encryption in less than 60 seconds. While the vulnerability has been known for some time, this is the first time that a practical attack has been used to compromise WPA. The attack was developed by Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe University, who plan to discuss further details at a technical conference set for Sept. 25 in Hiroshima.
In November 2008 researchers showed how WPA could be broken but now the Japanese researchers have put the rubber to the road and actually demonstrated the attack is viable and can be used in the real world.
For those who are on WPA2, it should be noted that this attack is not considered effective. Unfortunately, many companies in the payment card industry are still using WEP, and many more have upgraded to WPA only to find that neither technology is now secure.
August 28th, 2009 by cmark Posted in PCI DSS
An article in today’s Network World reported that researchers have broken WPA encryption in less than 60 seconds. While the vulnerability has been known for some time, this is the first time that a practical attack has been used to compromise WPA. The attack was developed by Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe University, who plan to discuss further details at a technical conference set for Sept. 25 in Hiroshima.
In November 2008 researchers showed how WPA could be broken but now the Japanese researchers have put the rubber to the road and actually demonstrated the attack is viable and can be used in the real world.
For those who are on WPA2, it should be noted that this attack is not considered effective. Unfortunately, many companies in the payment card industry are still using WEP, and many more have upgraded to WPA only to find that neither technology is now secure.
# posted by raveneye @ 9:54 AM 
