Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
“The October 2017 discovery of KRACK is significant for the security of virtually all smart phone users; the threat is real and pervasive” said Fatih Orhan, head of the Comodo Threat Intelligence Lab and Comodo Threat Research Labs (CTRL).
This blog explores the questions (and provides some answers) about the key new vulnerabilities and potential attacks associated with “KRACK.”
What is KRACK?
KRACK is the name for the Key Reinstallation Attacks and related vulnerabilities to the WPA2 protocol for wireless. WPA2 is used by nearly all IT devices today, including mobile devices everywhere.
The WPA2 protocol is vulnerable. This week, vulnerabilities in the Wi-Fi industry’s encryption standard were revealed. An attacker in the proximity of a Wi-Fi network and the target computer may exploit vulnerabilities with a Key Installation Attack allowing them to read information that was previously assumed to be encrypted. By using this attack, data being sent from a WPA2-encrypted Wi-Fi device could be recorded including passwords, credit card details and enterprise logins.
Who is at risk?
All Wi-Fi enabled devices are at risk as this vector is in the Wi-Fi standard itself.
Why is this so important?
We may never be able to entirely trust WPA2 again. As soon as patches are available, your local administrators will update device firmware for routers, access points and hotspots, but while that will return trust to the enterprise Wi-Fi networks, public hotspots at airports and coffee shops may remain unprotected for some time. Older devices may never receive an update, leaving WPA2 on public hotspots forever untrustworthy. The web’s SSL protocol offers an additional protection that can only protect transactions performed under that protocol.
Mobile devices come with the highest risk profile. They are commonly configured to automatically join Wi-Fi hotspots, and users will connect where possible to reduce data costs. Statistics provided by Wi-Fi Alliance show that 71% of all mobile communications flow over Wi-Fi and that number has been growing rapidly. Both the device and the access point must be updated to protect against KRACK, so in effect, 100% of Android, iOS, and Wi-Fi connected devices are potentially at risk.
What can I do now for my organization and/or myself?
The good news is there is a free solution that provides mobile Virtual Private Network (VPN) connections to ensure that KRACK or other network weaknesses cannot harm you.
Creating a VPN Access to encrypt all internet communications will protect against any malicious network listeners making KRACK impotent, and even any man-in-the-middle (MITM) attacks.
Comodo Dome Shield includes Mobile VPN Profiles for iPads, iPhones and all types of Android devices. Dome Shield is the free level of the Dome product delivering web access controls and advanced threat protection to mobile users via these Mobile VPN Profiles. Simply configure the profile and your mobile device receives an extra level of security no matter what type of network is used. Comodo Dome Shield works seamlessly across Wi-Fi, or 2G, 3G, 4G, and LTE cellular networks and securely protects an average of 49 million transactions per day across 84 countries.
How do I get Comodo Dome Shield?
If you do not have Comodo Dome Shield implemented already, you can obtain a free license at https://www.comodo.com/cdomeshield/freelicense/. Just begin by selecting your business type of (individual, enterprise or MSP), and it’s a breeze.
I already use Comodo Dome Shield for our users; how do I configure a Mobile VPN Profile?
Open your Comodo Dome Shield Portal and go to Configure > Objects > Mobile Devices and email the VPN Profile to your users. This emails the users with the VPN profile included as an attachment.
Once the user installs the VPN profile attachment on the device, all internet traffic on the mobile devices is encrypted end to end. The mobile device will be secured against all advanced threats regardless of where you are connecting from on Wi-Fi or other network. The mobile device is then secure against KRACK and its effects.
More on KRACK?
For additional details about KRACK from Department of Computer Science at the KU Leuven, check out: https://www.krackattacks.com/.
More on Comodo Dome Shield?
For additional details about Comodo Dome Shield, check out: https://cdome.comodo.com/shield/.
Tags: Mobile Security,potential attacks,vulnerabilities
Reading Time: 3 minutes Unless you’ve been living under a rock for the past few days, you’ll have heard that there are a couple of new computer security vulnerabilities that are causing panic in the technology world. But what are Meltdown and Spectre? How serious are they, do they affect you and do you need to do anything? This…
Reading Time: 2 minutes Update: check the latest version of Comodo’s free mobile security app When Apple announced the Touch ID technology that rolled out with the new iPhone 5, it sounded like science fiction. Your phone can now be secured by your own fingerprint. Can the retinal (eyeball) scanning made famous in films like Mission Impossible be far…
Reading Time: 3 minutes Update: check the latest version of Comodo’s free mobile security app There are tons of security tips provided online for the average. So much that it can actually be confusing. This is especially true when using mobile technology, which is increasing essential, but increasingly a target for hacker The following Mobile Antivirus prevention tips are…
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
See how your organization scores against cybersecurity threats
Advanced Endpoint Protection, Endpoint Detection and Response Built On Zero Trust Architecture available on our SaaS EPP