Bleeping Computer

New Eucleak attack lets threat actors clone YubiKey FIDO keys

A new "EUCLEAK" flaw found in FIDO devices using the Infineon SLE78 security microcontroller, like Yubico's YubiKey 5 Series, allows attackers to extract Elliptic Curve Digital Signature Algorithm ...
Engadget

YubiKey vulnerability will let attackers clone the authentication device

NinjaLab, a security research company, has discovered a vulnerability that would allow bad actors to clone YubiKeys. As the company has explained in a security advisory, NinjaLab found a vulnerability ...
Ars Technica

yubikey deep dive

I've now spent a significant amount of effort exploring the ways to use yubikeys that extend beyond the basic web authentication. These are incredibly capable devices but you have to know what you're ...

YubiKey FIDO authenticators could be abused through unpatchable cryptographic flaw

All physical multi-factor authentication (MFA) keys that work on Infeneon’s SLE78 microcontroller were said to be vulnerable ...
ZDNet

I added a hardware security key to my MacBook, and it made my logins faster and safer

I wore the world's first HDR10 smart glasses TCL's new E Ink tablet beats the Remarkable and Kindle Anker's new charger is one of the most unique I've ever seen Best laptop cooling pads Best flip ...
Nasdaq

Plurilock Announces Addition of Plurilock AI to Works With YubiKey Catalog

Vancouver, British Columbia--(Newsfile Corp. - November 14, 2023) - Plurilock Security Inc. (TSXV: PLUR) (OTCQB: PLCKF) and related subsidiaries ("Plurilock" or the "Company"), an AI-driven ...
Ars Technica

YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel

That's a bad tradeoff that mostly leads to people continuing to use vulnerable products. Instead they should support digitally signed firmware updates, perhaps zeroizing existing keys during the ...