Goto

Collaborating Authors

Update Every Device -- This KRACK Hack Kills Your Wi-Fi Privacy

@machinelearnbot

Android devices are said to be particularly vulnerable to a novel new Wi-Fi attack that has a widespread impact. It's time to get patching again. Another widespread vulnerability affecting practically everyone and everything that uses Wi-Fi was revealed on Monday, allowing hackers to decrypt and potentially look at everything people are doing online. Researcher Mathy Vanhoef, from Belgian university KU Leuven, released information on his hack, dubbing it KRACK, for Key Reinstallation Attack. Vanhoef's description of the bug on his KRACK website is startling: "This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on.


krack-attack-wpa2-wifi

TIME

A recently discovered vulnerability could allow attackers to intercept sensitive data being transmitted between a Wi-Fi access point and a computer or mobile device, even if that data is encrypted. The flaw, known as KRACK, affects WPA2, a security protocol widely used in most modern Wi-Fi devices. In some cases, a hacker could exploit KRACK to inject malware such as ransomware into websites, according to KU Leuven's Mathy Vanhoef, the researcher who discovered the vulnerability. Vanhoef's findings were reported by tech site Ars Technica early Monday morning. Here's an overview of what to know about the vulnerability, and how you can protect your devices.


Huge security flaw leaves Wi-Fi devices wide open to hackers

Mashable

There's a hole in Wi-Fi security, and it affects the vast majority of Wi-Fi devices and networks. That very likely means your phone, your home wireless network, your wireless network at work -- everything. Belgian security researcher Mathy Vanhoef from the imec-DistriNet research group at the KU Leuven university has discovered a vulnerability in the WPA2 security protocol, used by nearly every Wi-Fi device out there. It allows an attacker to remotely extract decrypted data from a protected Wi-Fi network without knowing the password. SEE ALSO: Equifax may have been hacked again and it's not even funny anymore Called KRACK, the attack does not actually recover the victim's Wi-Fi password.


KRACK Vulnerability Impacts Secure Wi-Fi Standard, Leaving Millions of Devices Exposed

WIRED

When you set up a new Wi-Fi network, you're probably conditioned by now to check the "WPA2" box. You may not specifically know when or why someone advised you to do this, but it was solid advice. Wi-Fi Protected Access 2 is the current industry standard that encrypts traffic on Wi-Fi networks to thwart eavesdroppers. And since it's been the secure option since 2004, WPA2 networks are absolutely everywhere.


What the KRACK Wi-Fi vulnerability means for you and your devices

Mashable

So it turns out your Wi-Fi is vulnerable to hackers. A newly released research paper dropped a pretty sizable security bomb: The security protocol protecting most Wi-Fi devices can essentially be bypassed, potentially allowing an attacker to intercept every password, credit-card number, or super-secret cat pic you send over the airwaves. So what, if anything, can you do about all this -- other than go back to the Ethernet cable-laden Dark Ages? First, let's take stock of just how bad things are. Researcher Mathy Vanhoef, who discovered the vulnerability, explains that it allows for an attack that "works against all modern protected Wi-Fi networks."