Connect with us

Hi, what are you looking for?

Tech News

YubiKeys have an unfixable security flaw

The flaw doesn’t impact newer YubiKey hardware that doesn’t use the Infineon cryptolibrary. | Image: Yubico

Security researchers have detected a vulnerability in YubiKey two-factor authentication tokens that enables attackers to clone the device according to a new security advisory. The vulnerability was discovered within the Infineon cryptographic library used by most YubiKey products, including the YubiKey 5, Yubikey Bio, Security Key, and YubiHSM 2 series devices.

YubiKey manufacturer Yubico says the severity of the side-channel vulnerability is “moderate” but is difficult to exploit, partly because two-factor systems rely upon something the user has and something only they should know.

“The attacker would need physical possession of the YubiKey, Security Key, or YubiHSM, knowledge of the accounts they want to target, and specialized…

Continue reading…

You May Also Like

Editor's Pick

In this edition of StockCharts TV‘s The Final Bar, Dave shows how breadth conditions have evolved so far in August, highlights the renewed strength in the...

Tech News

Image: Becca Farsace / The Verge Instagram is a popular place to show off your latest photos, but if you’re a real photography enthusiast,...

Tech News

Rufino Choque, from the Urus Indigenous community, stands over a boat in the middle of the extinct Poopó Lake, which disappeared in 2015. |...

Politics

When word first broke that Joe Biden would be sitting down with Howard Stern for a live interview Friday on his SiriusXM show, it...

Generated by Feedzy