Language Selection

English French German Italian Portuguese Spanish

Security: Domain Name System, Department of Homeland Security, and Underclocking the ESP8266 Leads to WIFI Weirdness

Filed under
Security
  • A DNS hijacking wave is targeting companies at an almost unprecedented scale

    The attacks, which security firm FireEye said have been active since January 2017, use three different ways to manipulate the Domain Name System records that allow computers to find a company's computers on the Internet. By replacing the legitimate IP address for a domain such as example.com with a booby-trapped address, attackers can cause example.com to carry out a variety of malicious activities, including harvesting user’s login credentials. The techniques detected by FireEye are particularly effective, because they allow attackers to obtain valid TLS certificates that prevent browsers from detecting the hijacking.

  • Worries mount as cybersecurity agency struggles amid shutdown

    Former Department of Homeland Security (DHS) officials and lawmakers fear the shutdown, now in its 20th day, could have both short- and long-term effects, hurting the new Cybersecurity and Infrastructure Security Agency’s (CISA) efforts to get off the ground and potentially pushing existing talent out the door.

  • Underclocking the ESP8266 Leads to WIFI Weirdness

    Now it was time for another of those basic questions. What would happen if you did the same thing to a second ESP8266? Much to his surprise, [CNLohr] discovered that the two devices could still communicate successfully as long as their BBPLL clock speed was the same. From an outsider’s perspective it looked like gibberish, but to the two ESPs which had been slowed by the same amount, everything worked as expected even though the 802.11 standards say it shouldn’t.

    So what can you do with this? The most obvious application is a “stealth” WiFi connection between ESP8266s which wouldn’t show up to normal devices, a communications channel invisible to all but the most astute eavesdropper. [CNLohr] has made all the source code to pull this trick off public on GitHub, and it should be interesting to see what kind of applications (if any) hackers find for this standards-breaking behavior.

More in Tux Machines

Type Title Author Replies Last Postsort icon
Story Linux Shell Roundup: 15 Most Popular Open Source Linux Shells Roy Schestowitz 15/09/2019 - 10:34pm
Story Games Leftovers Roy Schestowitz 15/09/2019 - 10:29pm
Story Manjaro Linux 18.1.0 'Juhraya' has been officially released Roy Schestowitz 5 15/09/2019 - 10:14pm
Story Wine 4.16 Roy Schestowitz 2 15/09/2019 - 10:05pm
Story digiKam 6.3.0 is released Roy Schestowitz 15/09/2019 - 9:50pm
Story Nostalgia is a GNOME Wallpaper App with a Twist Rianne Schestowitz 15/09/2019 - 7:56pm
Story Huawei Just Started Selling Laptops With Deepin Linux Pre-Installed Rianne Schestowitz 12 15/09/2019 - 7:53pm
Story Raspberry Pi 4 vs Raspberry Pi 3: Which is Faster in Kali Linux Booting? Rianne Schestowitz 15/09/2019 - 7:46pm
Story Android Leftovers Rianne Schestowitz 15/09/2019 - 5:09pm
Story Intel's Gallium3D Driver Is Running Much Faster Than Their Current OpenGL Linux Driver With Mesa 19.3 Rianne Schestowitz 15/09/2019 - 5:01pm