October 16, 2017 - 11:11 AMT
PanARMENIAN.Net - At 8AM Monday, October 16 morning Eastern Time, researchers plan to reveal details of a new exploit called KRACK that takes advantage of vulnerabilities in Wi-Fi security to let attackers eavesdrop on traffic between computers and wireless access points, The Verge says.
The exploit, as noted by Ars Technica, takes advantage of several key management vulnerabilities in the WPA2 security protocol, the popular authentication scheme used to protect personal and enterprise Wi-Fi networks.
The United States Computer Emergency Readiness Team issued the following warning in response to the exploit:
"US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017."
It's not yet clear how easy it will be to hijack and eavesdrop on targeted Wi-Fi networks, but all will be revealed later on Monday through the website krackattacks.com, before the vulnerabilities are formally presented on November 1 in a talk titled Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 at a security conference in Dallas.