Skip to Content


Trust vs Access: A Tale of Two Vulnerability Classes

It’s been a big week in cyberspace, with high profile crypto vulnerabilities KRACK (affecting WPA2) and ROCA (affecting RSA keys generated by Infineon hardware) hitting the news. Not only these mammoth bugs were released, but a new Adobe Flash 0-day exploit was observed in the wild being used to install the FinSpy commercial malware, and finally, the DDE feature in […]

Key Reinstallation Attacks (KRACK): The Impact So Far

Today, a series of high-severity vulnerabilities affecting the WiFi Protected Access II (WPA2) protocol were disclosed. Security researchers have developed a proof of concept (POC) demonstration, dubbed “KRACK”, and a dedicated website through which further details are likely to be released. An advisory was distributed by the US CERT to a select number of unidentified organizations stating […]