There is a side-channel attack against YubiKey access tokens that allows someone to clone a device. It’s a complicated attack, requiring the victim’s username and password, and physical access to their YubiKey—as well as some technical expertise and equipment.

Still, nice piece of security analysis.

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Why Your VPN May Not Be As Secure As It Claims

May 6, 2024 0 Comments 0 tags

Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when

Another Record Year For Ransomware Beckons as Crypto Profits Hit $460m

August 15, 2024 0 Comments 0 tags

Ransom payments in the first half of 2024 hit $460m, according to Chainalysis

Microsoft Fixes Four Zero-Days in July Patch Tuesday

July 10, 2024 0 Comments 0 tags

Microsoft has addressed two actively exploited and two publicly disclosed zero-day bugs this month