The researcher reveals a new discovery called KRACK, which exploits a Wi-Fi security vulnerability in order for Hackers to tap traffic between computers and wireless access points. The discovery, as first reported by Ars Technica, utilizes several key management vulnerabilities in the WPA2 security protocol, a popular authentication scheme used to protect private and corporate Wi-Fi networks.
"If your device supports Wi-Fi, it will most likely be affected," said the researcher, citing The Verge, Monday (16/10).
In fact, the US Computer Emergency Preparedness Team issued a warning in response to this remarkable discovery that says US-CERT has been aware of some key management vulnerabilities in the 4-way handshake system of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting this vulnerability includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and more. Note that as a protocol level issue, most or all of the correct implementation of the standard will be affected. CERT / CC and the investigator of KU Leuven, will publicly disclose this vulnerability.
The researchers noted that 41 percent of all Android devices are vulnerable to the devastating 'attack' Wi-Fi variant. All Wi-Fi devices to some extent are vulnerable to vulnerabilities that make them familiar with data theft or edits of the ransomware code of any malicious attacker within range.
Researchers recommend patching up all the Wi-Fi clients and access points when repair is available and continue using WPA2 until then (WPA1 is also affected and WEP security is even worse). It is not yet clear whether the vulnerabilities expressed today are actively found in the wild.
"If your device supports Wi-Fi, it will most likely be affected," said the researcher, citing The Verge, Monday (16/10).
In fact, the US Computer Emergency Preparedness Team issued a warning in response to this remarkable discovery that says US-CERT has been aware of some key management vulnerabilities in the 4-way handshake system of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting this vulnerability includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and more. Note that as a protocol level issue, most or all of the correct implementation of the standard will be affected. CERT / CC and the investigator of KU Leuven, will publicly disclose this vulnerability.
The researchers noted that 41 percent of all Android devices are vulnerable to the devastating 'attack' Wi-Fi variant. All Wi-Fi devices to some extent are vulnerable to vulnerabilities that make them familiar with data theft or edits of the ransomware code of any malicious attacker within range.
Researchers recommend patching up all the Wi-Fi clients and access points when repair is available and continue using WPA2 until then (WPA1 is also affected and WEP security is even worse). It is not yet clear whether the vulnerabilities expressed today are actively found in the wild.
No comments:
Post a Comment