eMazzanti Technologies Urges Customers to download KRACK Wi-Fi Vulnerability Patch

NYC area IT security consultant also warns the public to take extra precautions to avoid data loss from new KRACK Wi-Fi data security threat

Hoboken, New Jersey ­- (Cision) November 2, 2016 — eMazzanti Technologies, a NYC area IT consultant and MSP, issued a warning today regarding several recently revealed WPA/WPA2 encryption protocol vulnerabilities that affect countless Wi-Fi enabled devices worldwide.

The company urges customers with WatchGuard network security hardware and others to download patches to fix the vulnerabilities in their equipment. They also urge all business and home computer users to take extra precautions to avoid being victimized by the KRACK Wi-Fi encryption vulnerability. The recently discovered vulnerability allows hackers to steal user IDs and passwords.

“KRACK is potentially devastating to Wi-Fi users,” stated Almi Dumi, Project Lead, eMazzanti Technologies. “We strongly advise WatchGuard users to download the latest security patches for their Wi-Fi routers and access points. We also urge our customers and others to take additional steps to avoid losing data.”

Here is the text of the warning:

KRACK Wi-Fi Vulnerability Warning

“eMazzanti Technologies wants to bring to your attention a very serious threat that is affecting Wi-Fi networks worldwide.

KRACK, the newest Wi-Fi threat, stands for Key Reinstallation AttACK. It takes advantage of a router encryption flaw to force one-time log-ins to be re-used. This gives hackers an opportunity to decode and steal personal information like credit card and banking information, passwords and photos.

Since personal data can be sold, hackers will be exploiting this vulnerability wherever possible. Public places offer more targets, but an attack can succeed on any unpatched wireless network secured by WPA encryption.”

Steps for eMazzanti customers with WatchGuard Equipment

Many of eMazzanti’s customers employ WatchGuard Wi-Fi equipment in their networks. WatchGuard has published the information below about how to protect your network from KRACK vulnerabilities. In general, the recommended patches protect Wi-Fi users in various scenarios, including from unpatched client devices.

  1. Update to the latest (10/30/17) access point (AP) firmware – WatchGuard will provide patches for all supported APs and tabletop appliances with embedded wireless APs.
  2. Enable “Mitigate WPA/WPA2 key reinstallation vulnerability in clients” feature. The AP can compensate for the unpatched clients with this setting enabled. Mitigation is recommended only until all clients are patched.

In a small percentage of cases, mitigation may exacerbate client connectivity issues in environments already suffering from weak signal coverage or high interference.

  1. Alternatively, enable “AP MAC Spoofing Prevention” setting in Wi-Fi Cloud WIPS policy.

See WatchGuard Product and Support News for additional details.

Additional Precautions

With KRACK, the hacker must be within the transmission range of your Wi-Fi router or access point. That makes public Wi-Fi more prone to attack than home networks.

  • Take precautions away from the office or home and avoid connecting to public Wi-Fi.
  • As an alternative to public Wi-Fi, use your work or personal phone as a hot spot. If it is encrypted and patched, no one can gain access to your information.
  • Download the latest updates sent by your equipment vendor or device manufacturer. Even though they come out after a threat is reported, install them ASAP! If not patched, these vulnerabilities will remain and your chances of suffering data loss increases.

Keeping up with threats to sensitive data requires that individuals and organizations stay vigilant. Accordingly, anyone charged with data security who is unsure about what to do may call the IT security professionals at eMazzanti Technologies

Download Release PDF

Cloud Services New York City

Recent Posts

Top 5 Collaborative Tools in Microsoft 365 Drive Productivity and Innovation

In today’s fast-paced digital landscape, businesses cannot thrive without effective collaboration. Microsoft continues its unwavering…

1 day ago

7 Essential Contact Information Tips for Email Signatures to Enhance Your Professional Image

An email signature accomplishes much more than simply telling readers who you are and how…

1 week ago

Maximizing Threat Response Efficiency with Security Copilot

Cyber security professionals work hard to safeguard companies’ information. But with criminals constantly changing their…

2 weeks ago

Why should a firm use DMARC? What is the need?

Domain-Based Message Authentication, Reporting, and Conformance (DMARC) is an e-mail security protocol designed to validate…

3 weeks ago

eCare Cloud Backup is in fashion. It’s the new you!

My job is to manage my law office’s cloud servers here at Justice Freaks.  As…

4 weeks ago

I Think I’m Dating an AI

My worst nightmare would be to date someone who isn’t who they say they are.…

4 weeks ago