WPA2 Broken in New Attack, Equifax Hacked (Again), Estonian National IDs Vulnerable!

6 views
Skip to first unread message

Infosec News

unread,
Oct 17, 2017, 3:03:08 PM10/17/17
to Infosec News

INFORMATION SECURITY NEWS

For The Week of 10/10-10/17 2017

The Information Security News Service is a project of LARS (Laboratory for Advanced Research in Systems) in the CS Department at the University of Minnesota Duluth. We send out top stories in information security every Tuesday (except during some academic breaks). If you have stories you’d like to see featured, please email them to infosec...@d.umn.edu.

CURRENT NEWS


WPA2 Broken in New “KRACK” Attack

The “Key Reinstallation AttaCK”, dubbed KRACK by the researchers who came up with it, exploits a flaw in the WPA-2 specification. This means that even a correctly implemented and up-to-date system is vulnerable to this attack. The attack targets the four way handshake that WPA2 uses when a client wants to join the system. The handshake is used to first confirm that both devices have the same pre-shared wifi password, and then to agree on a shared key that’s used to encrypt all future traffic. The attack works by tricking victims into re-installing keys that are already in use by resetting the nonce and packet numbers to their initial values. The WPA2 protocol does not guarantee that keys can’t be re-installed. The attack is especially effective against wpa_supplicant, a Linux WiFi client. Wpa_supplicant will install an all-zero encryption key instead of reinstalling the supplied key. The good news is that once clients are patched, they can securely use an unpatched Access Point. Keep an eye out for updates!

https://www.krackattacks.com/

Equifax Hacked….Again

Last week, Equifax’s website was maliciously changed to redirect to a page that was serving a fake Adobe Flash Player update, which infected computers with adware. The breach may have been through a third-party ad or analytics provider, in which case it Equifax isn’t entirely to blame.

https://arstechnica.co.uk/information-technology/2017/10/equifax-website-hacked-again-this-time-to-redirect-to-fake-flash-update/


Security Vulnerability in Estonian National ID Card

Estonian National ID Cards have a built-in public/private RSA keypair that is generated on the cards. The keys are generated in such a way that they are vulnerable to being cracked much faster than a properly generated RSA key (they can be cracked in under a month!). There are about 750,000 such vulnerable cards. Estonia’s national ID cards aren’t the only thing affected - any RSA keys generated using the Infineon RSA Library v1.02.013 are vulnerable. Affected keys have been found in github submissions, PGP keys used in email, and some SCADA systems.

https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/?amp=1

https://www.schneier.com/blog/archives/2017/09/security_flaw_i.html


Reply all
Reply to author
Forward
0 new messages