https://community.isc2.org/t5/Tech-Talk/Kr00k-Broadcom-Cypress-WiFi-Chip-Vulnerability/m-p/33297#M2407 <P>Happy Monday!&nbsp;</P><P>&nbsp;</P><P>CVE-2019-15126 or more affectionately "Krook" is a vulnerability in Broadcom and Cypress Wi-Fi chips that allows unauthorized decryption of some WPA2-encrypted traffic. These are the most common Wi-Fi chips used by well-known manufacturers including Amazon (Echo, Kindle), Apple (iPhone, iPad, MacBook), Google (Nexus), Samsung (Galaxy).&nbsp;Wi-Fi Access points and routers are also affected by Kr00k, making even environments with patched client devices vulnerable. All-in-all, before patching there were more than a billion affected devices.&nbsp;What is the state of patching of Kr00k for iOS, MacOS, Cisco, and Huawei <IMG id="smileywink" class="emoticon emoticon-smileywink" src="https://community.isc2.org/i/smilies/16x16_smiley-wink.png" alt="Smiley Wink" title="Smiley Wink" /> devices? Check <A href="https://www.eset.com/int/kr00k/" target="_blank" rel="noopener">here</A>. For more info watch the RSA Conference presentation <A href="https://www.rsaconference.com/usa/agenda/kr00k-how-kracking-amazon-echo-exposed-a-billion-vulnerable-wifi-devices" target="_blank" rel="noopener">here</A>.</P> Mon, 09 Oct 2023 09:27:25 GMT AppDefects 2023-10-09T09:27:25Z https://community.isc2.org/t5/Tech-Talk/Kr00k-Broadcom-Cypress-WiFi-Chip-Vulnerability/m-p/33297#M2407 <P>Happy Monday!&nbsp;</P><P>&nbsp;</P><P>CVE-2019-15126 or more affectionately "Krook" is a vulnerability in Broadcom and Cypress Wi-Fi chips that allows unauthorized decryption of some WPA2-encrypted traffic. These are the most common Wi-Fi chips used by well-known manufacturers including Amazon (Echo, Kindle), Apple (iPhone, iPad, MacBook), Google (Nexus), Samsung (Galaxy).&nbsp;Wi-Fi Access points and routers are also affected by Kr00k, making even environments with patched client devices vulnerable. All-in-all, before patching there were more than a billion affected devices.&nbsp;What is the state of patching of Kr00k for iOS, MacOS, Cisco, and Huawei <IMG id="smileywink" class="emoticon emoticon-smileywink" src="https://community.isc2.org/i/smilies/16x16_smiley-wink.png" alt="Smiley Wink" title="Smiley Wink" /> devices? Check <A href="https://www.eset.com/int/kr00k/" target="_blank" rel="noopener">here</A>. For more info watch the RSA Conference presentation <A href="https://www.rsaconference.com/usa/agenda/kr00k-how-kracking-amazon-echo-exposed-a-billion-vulnerable-wifi-devices" target="_blank" rel="noopener">here</A>.</P> Mon, 09 Oct 2023 09:27:25 GMT https://community.isc2.org/t5/Tech-Talk/Kr00k-Broadcom-Cypress-WiFi-Chip-Vulnerability/m-p/33297#M2407 AppDefects 2023-10-09T09:27:25Z