1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Disable WPAD now or have your accounts and private data compromised

Discussion in 'CSO' started by RSS, Aug 10, 2016.

  1. RSS

    RSS New Member Member

    The Web Proxy Auto-Discovery Protocol (WPAD), enabled by default on Windows and supported by other operating systems, can expose computer users' online accounts, web searches, and other private data, security researchers warn.

    Man-in-the-middle attackers can abuse the WPAD protocol to hijack people's online accounts and steal their sensitive information even when they access websites over encrypted HTTPS or VPN connections, said Alex Chapman and Paul Stone, researchers with U.K.-based Context Information Security, during the DEF CON security conference this week.

    [ ALSO ON CSO: Examining man-in-the-middle attacks ]

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page