WPA2 compromised.
[FONT="]A disclosure looks imminent from some researchers about a serious flaw in WPA2. [/FONT]
[FONT="] [/FONT]
[FONT="]https://twitter.com/kennwhite/status/919522184384729089[/FONT]
[FONT="] [/FONT]
[FONT="]Reserved CVEs are:[/FONT]
[FONT="] [/FONT]
[FONT="]CVE-2017-13077
CVE-2017-13078
CVE-2017-13079
CVE-2017-13080
CVE-2017-13081
CVE-2017-13082
CVE-2017-13084
CVE-2017-13086
CVE-2017-13087
CVE-2017-13088[/FONT]
"[FONT="]Reading through that twitter threads and some referenced links, it looks like they've found a vulnerability in the four way handshake, most likely a vulnerability in common implementations of the RNG. Likely implications include successfully impersonating a secure network, and decrypting data."[/FONT]
[FONT="] [/FONT]
[FONT="]https://twitter.com/kennwhite/status/919522184384729089[/FONT]
[FONT="] [/FONT]
[FONT="]Reserved CVEs are:[/FONT]
[FONT="] [/FONT]
[FONT="]CVE-2017-13077
CVE-2017-13078
CVE-2017-13079
CVE-2017-13080
CVE-2017-13081
CVE-2017-13082
CVE-2017-13084
CVE-2017-13086
CVE-2017-13087
CVE-2017-13088[/FONT]
"[FONT="]Reading through that twitter threads and some referenced links, it looks like they've found a vulnerability in the four way handshake, most likely a vulnerability in common implementations of the RNG. Likely implications include successfully impersonating a secure network, and decrypting data."[/FONT]
Comments
-
stryder144
Member Posts: 1,684 ■■■■■■■■□□
Damn! This should get very, very interesting.The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia
Connect With Me || My Blog Site || Follow Me -
gespenstern
Member Posts: 1,243 ■■■■■■■■□□
Shutting down my wifi home network, effective immediately! -
alias454
Member Posts: 648 ■■■■□□□□□□
“I do not seek answers, but rather to understand the question.” -
jibtech
Member Posts: 424 ■■■■■□□□□□
It appears vendors were made aware quite a while ago, so this isn't a zero day surprise. A few have already developed patches.
But, the home routers? Holy hell.
Good luck hooking up that CAT6 to your iPhone. -
shochan
Member Posts: 1,014 ■■■■■■■■□□
CompTIA A+, Network+, i-Net+, MCP 70-210, CNA v5, Server+, Security+, Cloud+, CySA+, ISC² CC, ISC² SSCP -
PJ_Sneakers
Member Posts: 884 ■■■■■■□□□□
No problem, I'll just set my antenna power to 1, and make my family sit next to the router if they want to get on the internet. They'll love the sudden increase in family time. -
mikey88
Member Posts: 495 ■■■■■■□□□□
PJ_Sneakers wrote: »No problem, I'll just set my antenna power to 1, and make my family sit next to the router if they want to get on the internet. They'll love the sudden increase in family time.
LOL! winningCerts: CISSP, CySA+, Security+, Network+ and others | 2019 Goals: Cloud Sec/Scripting/Linux -
NOC-Ninja
Member Posts: 1,403
Sometimes a company needs to get hacked so that the IT department will get funds from the top. -
alias454
Member Posts: 648 ■■■■□□□□□□
Family time is overrated
. https://www.bleepingcomputer.com/news/security/list-of-firmware-and-driver-updates-for-krack-wpa2-vulnerability/ “I do not seek answers, but rather to understand the question.”
