December 29, 2011

Security firm releases tool to brute force routers

A Maryland security firm has released an open-source tool that can be used to exploit a vulnerability in the WiFi Protected Setup (WPS) standard that can be exploited to retrieve passwords. Tactical Network Solutions on Wednesday announced the release of the tool, called Reaver. "Reaver is capable of breaking WPS PINS and recovering the plain text WPA/WPA2 passphrase of the target access point in approximately four to 10 hours," a company blog post said. Disabling WPS is the only known fix for the vulnerability, discovered by researcher Stefan Viehbock, but functionality that locks out anyone who continuously re-enters the wrong passcode can "make an attack impractical," he said.
Related Articles
Related Topics
Related Links

Sign up to our newsletters

More in News

Three LulzSec members plead guilty in London

Ryan Ackroyd, 26; Jake Davis, 20; and Mustafa al-Bassam, 18, who was not named until now because of his age, all admitted their involvement in the hacktivist gang's attack spree.

WordPress tightens security with two-factor authentication

The new feature is immediately available for users and "secret" codes can be accessed via SMS or through the Google Authenticator app.

Microsoft fixes three "critical" flaws with Patch Tuesday release

The biggies are two vulnerabilities in Internet Explorer and a single weakness in Remote Desktop Connection.