Your browser version is outdated. We recommend that you update your browser to the latest version.

SIGN UP to our free eNewsletter

Fields marked with * are required.

DEFSECmedia

DEFSEC Media is New Zealand's defence, security and fire B2B/B2G publishing group. Our leading magazines, Line of DefenceNZ Security and Fire NZ are read by key business, government and military decision makers and influencers. This website is the online home of cutting-edge content from each of our titles.

Innovation Central

Automation & Electronics

Itron

CERT NZ ADVISORY: KRACK attack: security vulnerabilities in WPA1+2

Posted 17/10/2017

A series of Wi-Fi vulnerabilities have been identified and are collectively referred to as KRACK (Key Reinstallation Attack). These vulnerabilities affect MacOS, Windows, iOS, Android and Linux internet connected devices.

The primary exploit is against the 4-way handshake of the WPA2 protocol that takes place when a user seeks to join a protected Wi-Fi network. This handshake is currently utilised by all modern protected Wi-Fi networks.

In the report detailed by security researchers from imec-DistriNet, KU Leuven, a key reinstallation attack can be deployed in which the attacker tricks the user into reinstalling a key “through manipulating and replaying cryptographic handshake messages”. 

When exploited, these vulnerabilities could allow attackers to observe sensitive traffic, including cookies, passwords, and any other traffic traversing your Wi-Fi connected network. 

Read more at: www.cert.govt.nz/businesses-and-individuals/recent-threats/krack-attack-security-vulnerabilities

Share on Social Media

Follow us...

We recommend on YouTube...