[dba-Tech] Key Reinstallation Attacks - Breaking WPA2 by forcing nonce reuse
Jim Lawrence
accessd at shaw.ca
Mon Oct 16 23:29:11 CDT 2017
Sigh...
Next you'll tell me that someone broke into Equifax and stole crucial data on virtually every US citizen. As the information stolen can not ever be changed, the people will be at the mercy of thieves for the rest of their natural lives.
Jim
We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.
For more info:
https://www.krackattacks.com/
_______________________________________________
dba-Tech mailing list
dba-Tech at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/dba-tech
Website: http://www.databaseadvisors.com
More information about the dba-Tech
mailing list