6 GHz Wi-Fi Flaws Could Disrupt Critical Systems
Automated Frequency Coordination systems by default trust client-side data, which could lead to location spoofing and other attacks that disrupt traffic.
Wireless security covers risks in Wi-Fi, Bluetooth, and cellular connections, including unauthorized access, eavesdropping, and device compromise.
Search across headline titles and summaries.
Background for this topic.
Wireless systems transmit data over radio or other electromagnetic links rather than a physical cable, including Wi-Fi, Bluetooth, cellular, and many IoT protocols. The tag usually covers the security of these protocols, access points, client devices, and radio-enabled equipment—not every use of the word “wireless.”
Because signals can extend beyond controlled spaces, an attacker within range may capture traffic, attempt unauthorized association or pairing, impersonate a legitimate access point, or disrupt service through interference. Encryption alone does not prevent these attacks: use secure authentication, current protocol configurations, protected management interfaces, and segmentation between wireless clients and sensitive networks. Track firmware and protocol vulnerabilities, remove obsolete security modes, monitor for rogue devices and unusual associations, and review wireless logs during investigations. Bluetooth and IoT deployments also require attention to default credentials, discoverability, and unnecessary exposed services.
Weekly headline count for the current query.
Automated Frequency Coordination systems by default trust client-side data, which could lead to location spoofing and other attacks that disrupt traffic.
Major events like the FIFA World Cup need to look beyond traditional physical and cyber security to active and passive wireless threats, say experts.
The cybercriminals infected older wireless Internet routers with Anyproxy and 5socks malware in order to reconfigure them — all without the users' knowledge.
Fortinet has patched CVE-2023-34990 in its Wireless LAN Manager (FortiWLM), which combined with CVE-2023-48782 could allow for unauthenticated remote code execution (RCE) and the ability to read all log files.
Researchers demonstrate how to hack Ruijie Reyee access points without Wi-Fi credentials or even physical access to the device.
In a "new class of attack," the Russian APT breached a target in Washington, DC, by credential-stuffing wireless networks in close proximity to it and daisy-chaining a vector together in a resourceful and creative way, according to researchers.
Though Cisco reports of no known malicious exploitation attempts, three of its wireless access points are vulnerable to these attacks.
British Transport Police and Network Rail are investigating the incident, in which bad actors posted Islamophobic messages on the transport system's network.
Critical-rated CVE-2024-20017 allows remote code execution (RCE) on a range of phones and Wi-Fi access points from a variety of OEMs.
Two congressmen want the US Commerce Department to examine the company's goods and decide if they pose a threat.
What is a Verizon Wireless demo store app doing on non-Verizon phones, and why is it a vehicle to an attacker?
Beyond the devices that use them, Wi-Fi hubs themselves can leak interesting data, thanks to some quirks in Apple's geolocation system.
Australian cops arrest man found with a portable Wi-Fi access device in his carry-on luggage, allegedly used for standing up scam Wi-Fi networks on flights.
Wireless service providers prioritize uptime and lag time, occasionally at the cost of security, allowing attackers to take advantage, steal data, and worse.
Attackers can exploit the issue to trick users into connecting to insecure networks, but it works only under specific conditions.
Verizon, AT&T, and T-Mobile USA are being fined for sharing location data. They plan to appeal the decision, which is the culmination of a four-year investigation into how carriers sold customer data to third parties.
Moobot, Miori, AGoent, and a Gafgyt variant have joined the infamous Mirai botnet in attacking unpatched versions of vulnerable Wi-Fi routers.
Researchers tested their theory on nine chargers, each different and available to consumers, and found them all vulnerable to their attacks.
The Commission's breach rules for voice and wireless providers, untouched since 2017, have finally been updated for the modern age.