IT Compliance and Auditing in Canada

The following post is intended to explain some of the IT audit standards, control process and associated laws and regulations currently used in Canada. Even though, the 2012 research showed that only 16% of Canadian Businesses were not aware of privacy or security-related standards and we could say, that Canadian IT companies have moderate to high awareness of the compliance standards.

Note: This article is a work in progress. [Read more…]

Kali Linux (VirtualBox) instructions for testing any Wi-Fi device against WPA2 Key Reinstallation Attack (KRACK Attack)

The following article demonstrates the process of testing any Wi-Fi capable device against a key reinstallation attack. I’ll demonstrate the processes of executing the test using Kali Linux installed in the VirtualBox on a Windows machine. Then I’ll illustrate the process of testing recently patched Windows 10 as well as testing unpatched Android 7.0 mobile phone against the key Reinstallation Attack. This article also explores a newly discovered vulnerability of WPA2 named KRACK Attack (key reinstallation attack) in little more detail, as it’s one of the biggest vulnerabilities found in WPA2 to this day (patched only by a handful operating systems and Wi-Fi product manufacturers). The main issue introduced by KRACK attack is that it allows attackers to intercept all wirelessly transferred information in an unencrypted format, and do so without the knowledge of the wireless WPA/WPA2 network password. Serious? You bet…
[Read more…]