Paranoid Technology All things cybersecurity


Security Predictions (& Resolutions) for 2020

Our predictions from 2018, were still valid for 2019, so we skipped a year 😉 Since the decade has come to a close, sharing predictions for 2020 and beyond seems in order… starting with a strategic view of the trends and emerging business problems affecting CISOs today…

Predictions for 2020
1. Year of the IoT CISO – we did not reach Gartner’s 20 billion connected devices by 2020, but we are almost there… The attack surface is increasing rapidly – from personal wearables to medical devices to connected cars to toasters and more – as the proverb goes “where there’s entropy there is chaos” 😉 At least initially…


Smartphones and Facial Recognition

Smartphones are getting smarter! According to a research firm called ABI their latest study revealed 20 per cent of annual shipments of the devices will include such technology before 2012 draws to a close.

As far as smartphone models, the Samsung Galaxy SIII was highlighted as the most noteworthy device to boast the capability. However we may not see it on the store shelves after Apple's epic court victory against Samsung awarding them $1.06 billion and potentially forcing Samsung to remove its 8 products off the store shelves in the U.S.


802.1X password exploit on many HTC Android devices

A new vulnerability discovered shows that it is possible to gain access to a user's wireless username and password. This vulnerability discovered by Bret Jordan and Chris Hessing on February 1, the CERT already issued a vulnerability entry in its database... In his blog Bret said:


Using Wifi Protected Set-up? Think Again…

Designed by Wi-Fi alliance and introduced in 2007, Wi-Fi Protected Set-up (WPS) aims to provide an easy method for novice consumers to set-up their wireless access points. Recently discovered by Stefan Viehboeck, apperantly it is also designed to be a backdoor to your wireless access point 🙂

Due to a design flaw in the PIN authentication mechnaism an attacker can brute force your WPS PIN and gain access to your very long WPA2 key and access your network. The US CERT issued a vulnerability note, VU#723755 on this finding.