How Do Password Managers Work and Why Do You Need One? techrepublic.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from techrepublic.com Daily Mail and Mail on Sunday newspapers.
UTSA was awarded a $500k grant from Google in order to expand a cybersecurity clinic dedicated to preparing students who will be going into the cybersecurity workforce. The cybersecurity clinic joins UTSA’s cybersecurity B.B.A. program, which is one of the best in the nation. “Cybersecurity threats are growing and impact every element of a community,”.
The vulnerability allows threat actors to recover the encryption key used by the hardware security key to generate cryptographic tokens for two-factor authentication (2FA) operations.
Once obtained, the two security researchers say the ECDSA private key would allow threat actors to clone Titan, YubiKey, and other keys to bypass 2FA procedures.
Attack requires physical access
However, while the attack sounds disastrous for Google and Yubico security key owners, its severity is not what it seems.
In a 60-page PDF report, Victor Lomne and Thomas Roche, researchers with Montpellier-based NinjaLab, explain the intricacies of the attack, also tracked as
CVE-2021-3011.