Over the weekend, reports caught fire about the WPA2 Wi-Fi security protocol being hacked. Discovered by Mathy Vanhoef of imec-DistriNet, KU Leuven,
From the Krackattacks.com web site:
The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks.
The attack works against all modern Wi-Fi implementations and can be used to steal credit card numbers, passwords, chat messages, emails, photos, etc. Luckily this can be patched, but router manufacturers will need to deploy firmware updates quickly.
Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in San Francisco in 2017!