A universal attack that works against all devices using WPA WiFi networks.
Mathy Vanhoef, a researcher from the University of Leuven discovered a server flaw in the WiFi WPA2 protocol - that secures almost all modern protected WiFi network connected devices. The flaw is specific to the WPA2 handshake protocol itself, not specific to hardware or software that allows an attacker to perform a MitM (Man in the Middle) to eavesdrop on all network traffic.
The attack has been named KRACK, meaning Key Reinstallation Attack, described as:
the main attack is against the four way handshake of the WPA2 protocol. This handshake is executed when a client wants to join a protected Wi-Fi network, and is used to confirm that both the client and access point possess the correct credentials (e.g. the pre-shared password of the network). At the same time, the four way handshake also negotiates a fresh encryption key that will be used to encrypt all subsequent traffic.
The weakness has been identified in the Wi-Fi standard itself, not in individual products or implementations - therefore, any correct implementation of WPA2 is likely to be also affected. Currently; all modern protected WiFI networks use this four way handshake, meaning all networks (including variants) are affected by the attack.
Changing your WiFI password doesn't fix the problem, firmware updates are required.
The good news is the exploit cannot be carried out on a global scale; the attack only works when the attacker is within the victims WiFi range. While the attack allows eavesdropping; and in some cases injection of data (WPA-TKIP or GCMP encryption) any device that uses an additional security layer can still be confident of being protected from such an exploit; due to encryption being done at a separate layer in the communication.
The exploit was originally discovered in 2016 but the researcher kept working to refine his attack - he sent notifications to some affected vendors in July 2017, and US-CERT sent a broader note to more vendors shortly after. A list of firmware and driver updates is being maintained by bleepingcomputer.com that users must install updates themselves.
It just screams for the development of a device lifecycle management platform - something where security exploits like KRACK can be rolled out automatically by product vendors and not the responsibility of the end user - they should be updated immediately when possible.
TPM Factorization Flaw Exposes RSA Attacks
