Login

News Post

YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel

ArstechnicaArstechnica · 15d
YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel

The YubiKey 5, a popular hardware token for two-factor authentication, has been found to contain a cryptographic flaw that makes it susceptible to cloning. Researchers have discovered a side-channel vulnerability in the YubiKey's microcontroller, which is also used in other authentication devices such as smartcards and electronic passports. Yubico, the maker of YubiKey, has confirmed that all YubiKey 5 models are vulnerable, and updating the firmware is not possible. This means that affected YubiKeys will remain permanently vulnerable to attacks that could potentially recover private keys. The vulnerability is suspected to be present in other devices using the same microcontroller.

View Source

Comments

More Like this

What is DDOS attack? Malicious cyber attack that delayed Musk - Trump interview

What is DDOS attack? Malicious cyber attack that delayed Musk - Trump interview

Web apps and APIs were attacked more than ever last year

Web apps and APIs were attacked more than ever last year

Apple warns of mercenary spyware attacks in 98 countries

Apple warns of mercenary spyware attacks in 98 countries

WordPress websites are being hacked to hijack your browser — and then attack other sites

WordPress websites are being hacked to hijack your browser — and then attack other sites

How DDoSers used the HTTP/2 protocol to deliver attacks of unprecedented size

How DDoSers used the HTTP/2 protocol to deliver attacks of unprecedented size

Thousands of servers hacked in ongoing attack targeting Ray AI framework

Thousands of servers hacked in ongoing attack targeting Ray AI framework

Discord took no action against server that coordinated costly Mastodon spam attacks | TechCrunch

Discord took no action against server that coordinated costly Mastodon spam attacks | TechCrunch

Cyber attack compromised Indonesia data centre, ransom sought, reports Antara

Cyber attack compromised Indonesia data centre, ransom sought, reports Antara

SMBs are being hit with more malware attacks than ever, and many can't keep up

SMBs are being hit with more malware attacks than ever, and many can't keep up

Apple users targeted in phishing attack: How to protect your iPhone

Apple users targeted in phishing attack: How to protect your iPhone

Download the medial app to read full posts, comements and news.