| Thread Tools |
6th September 2024, 12:41 | #1 |
[M] Reviewer Join Date: May 2010 Location: Romania
Posts: 153,010
| YubiKey vulnerability will let attackers clone the authentication device NinjaLab, a security research company, has discovered a vulnerability that would allow bad actors to clone YubiKeys. As the company has explained in a security advisory, NinjaLab found a vulnerability in the cryptographic library used in the YubiKey 5 Series. In particular, it found a cryptographic flaw in the microcontroller, which the security researchers described as something that "generates/stores secrets and then execute cryptographic operations" for security devices like bank cards and FIDO hardware tokens. YubiKeys are the most well-known FIDO authentication keys, and they're supposed to make accounts more secure, since users would have to plug it into their computers before they could log in. https://www.engadget.com/cybersecuri...8.html?src=rss |
Thread Tools | |
| |