Engadget

YubiKey vulnerability will let attackers clone the authentication device

NinjaLab, a security research company, has discovered a vulnerability that would allow bad actors to clone YubiKeys. As the company has explained in a security advisory, NinjaLab found a vulnerability ...
Wired

YubiKeys Are a Security Gold Standard—but They Can Be Cloned

The YubiKey 5, the most widely used hardware token for two-factor authentication based on the FIDO standard, contains a cryptographic flaw that makes the finger-sized device vulnerable to cloning when ...
TechSpot

Newly discovered flaw makes some YubiKeys vulnerable to cloning

In context: The YubiKey is a hardware security key that simplifies two-factor authentication. Instead of receiving codes via text or an app, users simply tap the YubiKey when logging into accounts, ...
CSOonline

Hackers are cloning YubiKeys via new side-channel exploit

Rated of moderate severity, the flaw affects YubiKey 5 series and Security Key Series with firmware earlier than version 5.7, and YubiHSM 2 versions prior to 2.4.0. And the devices are impossible to ...
Redmond Magazine

Microsoft and Yubico Preview Certificate-Based Authentication for Mobile Devices Using Security Keys

Microsoft on Wednesday announced a preview of Azure Active Directory Certificate-Based Authentication (CBA) support for Android and iOS devices using hardware security keys. The Azure AD CBA support ...