Wired

YubiKeys Are a Security Gold Standard—but They Can Be Cloned

The YubiKey 5, the most widely used hardware token for two-factor authentication based on the FIDO standard, contains a cryptographic flaw that makes the finger-sized device vulnerable to cloning when ...
The Verge

YubiKeys have an unfixable security flaw — but it’s difficult to exploit

Posts from this topic will be added to your daily email digest and your homepage feed. The vulnerability impacts almost all older YubiKey security tokens. The vulnerability impacts almost all older ...
Forbes

Yubico Issues YubiKey Manager Security Alert For Windows Users

When it comes to user authentication, there are many options available, from passwords at the weaker end of the security spectrum to hardware keys at the other. But what if the hardware security key ...
Bleeping Computer

New Eucleak attack lets threat actors clone YubiKey FIDO keys

A new "EUCLEAK" flaw found in FIDO devices using the Infineon SLE78 security microcontroller, like Yubico's YubiKey 5 Series, allows attackers to extract Elliptic Curve Digital Signature Algorithm ...
Ars Technica

YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel

That's a bad tradeoff that mostly leads to people continuing to use vulnerable products. Instead they should support digitally signed firmware updates, perhaps zeroizing existing keys during the ...
TechRepublic

Hardware-bound passkeys are still ultimate in security: Yubico VP

Hardware-bound passkeys are still ultimate in security: Yubico VP Your email has been sent Derek Hanson, Yubico’s VP of standards and alliances and an industry expert on passkeys, discusses why device ...