It appears you have not yet registered with our community. To register please click here...

 
Go Back [M] > Madshrimps > WebNews
YubiKey vulnerability will let attackers clone the authentication device YubiKey vulnerability will let attackers clone the authentication device
FAQ Members List Calendar Search Today's Posts Mark Forums Read


YubiKey vulnerability will let attackers clone the authentication device
Reply
 
Thread Tools
Old 6th September 2024, 12:41   #1
[M] Reviewer
 
Stefan Mileschin's Avatar
 
Join Date: May 2010
Location: Romania
Posts: 153,010
Stefan Mileschin Freshly Registered
Default YubiKey vulnerability will let attackers clone the authentication device
NinjaLab, a security research company, has discovered a vulnerability that would allow bad actors to clone YubiKeys. As the company has explained in a security advisory, NinjaLab found a vulnerability in the cryptographic library used in the YubiKey 5 Series. In particular, it found a cryptographic flaw in the microcontroller, which the security researchers described as something that "generates/stores secrets and then execute cryptographic operations" for security devices like bank cards and FIDO hardware tokens. YubiKeys are the most well-known FIDO authentication keys, and they're supposed to make accounts more secure, since users would have to plug it into their computers before they could log in.

https://www.engadget.com/cybersecuri...8.html?src=rss
Stefan Mileschin is offline   Reply With Quote
Reply

« Thermaltake Coolers Support New-Gen Intel and AMD CPUs | Sharp Launches X141Q 4K UHD Laser Projector »

Similar Threads
Thread Thread Starter Forum Replies Last Post
Google launches cross-device SDK developer preview for building multi-device experien Stefan Mileschin WebNews 0 1st September 2022 06:36
'Sign in with Apple' flaw let attackers take over accounts Stefan Mileschin WebNews 0 2nd June 2020 05:56
A flaw in Zoom's Mac app may have let attackers hijack webcams Stefan Mileschin WebNews 0 9th July 2019 14:51
Yubico's YubiKey 5 series attempts to kill the password Stefan Mileschin WebNews 0 25th September 2018 13:35
YubiKey 5’s FIDO2 support will help you ditch passwords entirely Stefan Mileschin WebNews 0 25th September 2018 12:28
Attackers hit Yahoo using the Shellshock bug, but your data is safe Stefan Mileschin WebNews 0 7th October 2014 07:48
Attackers quick to Bash Linux Stefan Mileschin WebNews 0 29th September 2014 07:55
Intel, Samsung, Others Team Up to Drive Seamless Device-to-Device Connectivity Stefan Mileschin WebNews 0 9th July 2014 07:43
Galaxy Note II vulnerability lets attackers (briefly) access home screen apps Stefan Mileschin WebNews 0 5th March 2013 07:08
ATI Driver Flaw Exposes Vista Kernel to Attackers jmke WebNews 0 10th August 2007 15:30

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


All times are GMT +1. The time now is 08:26.

Contact Us - Madshrimps - Top

Powered by vBulletin® - Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
SEO by vBSEO