DUHK Attack Lets Hackers Recover Encryption Key Used in VPNs & Web Sessions
DUHK — Don’t Use Hard-coded Keys — is a new ‘non-trivial’ cryptographic implementation vulnerability that could allow attackers to recover encryption keys that secure VPN connections and web browsing sessions.
DUHK is the third crypto-related vulnerability reported this month after KRACK Wi-Fi attack and ROCA factorization attack.
The vulnerability affects products from dozens of vendors,
Continue reading DUHK Attack Lets Hackers Recover Encryption Key Used in VPNs & Web Sessions