I’m in the U.K. at the moment on holidays, but some things need to be announced on our DDLS blog. For those who may have missed it, there is a bug in Wi-Fi which has been given the name Key Reinstallation Attacks (aka. KRACK), which makes it possible to inject and manipulate data as well as eavesdrop on communications over the air. The only main limitation is that an attacker needs to be within range of a victim to exploit these weaknesses.
It affects WPA2 Personal and Enterprise, regardless of the encryption ciphers used by a network. It mostly affects Linux and Android 6.0 and above, as well as macOS and OpenBSD. Windows and iOS are more or less unaffected due to the way they implement WPA2.
Patches will need to be applied to your particular O/S when available.
More information can be obtained from the websites below:
Terry Griffin, Principal Technologist: Security
Tales from the Certified Hacker: Urgent Linux Patch
The majority of this blog post is related to Linux, but there is also an... Next Post
Who is Going to the Microsoft Summit this week?
The brand new Microsoft Tech Summit is in Sydney this week and DDLS will be there in the thick of...