// Security NEWS // A Flaw in Yubikey Security Keys Allows Identity Theft
Due to cryptographic weakness, Yubikey FIPS keys with 4.4.2 or 4.4.4 firmware are eligible for free replacement by the supplier.
Source
Yubico has detected a security breach in Yubikey FIPS security keys with firmware versions 4.4.2 or 4.4.4, some cryptographic elements of these models are predictable and, in some situations, would allow an attacker to rebuild FIDO U2F private keys.
It would then be possible to usurp the user's identity on the services in question. An attacker could also retrieve single-use codes or reconstruct secret keys used to sign documents.
These attacks would not be easy to perform and would require malware to be installed on the computer. But since the clients of Yubikey FIPS models are mainly American government agencies, this risk is not to be taken lightly.
Yubico therefore offers a free replacement of vulnerable FIPS keys. Other key ranges are not affected by this problem.
Yubico has discovered and fixed an issue with our YubiKey FIPS Series keys, see the following Advisory for technical details and information on how to obtain a free replacement device. No other YubiKey, Security Key or Yubico products are affected. https://www.yubico.com/support/security-advisories/ysa-2019-02/ ...
Security Advisory YSA-2019-02 Reduced initial randomness on FIPS keys Summary Who should read this advisory? Customers, IT Managers, or FIPS Crypto Officers who use or manage YubiKey FIPS Series...
See the Affected Scenarios in this advisory for information about what types of use cases might be affected by this issue.
And see the Technical Details section for additional information.
They say: We are not aware of any security breaches due to this issue and are committed to always improve how we help protect our customers and continuously invest in making our products even more secure. Hopefully!
Yubico is not the only one to have returned security keys. Last May, Google also implemented a replacement program for some Titan security keys, due to a flaw in the implementation of the Bluetooth Low Energy protocol.
Source: Yubico
I've made a lot of articles with tools, explanations and advises to show you how to protect your privacy and to secure your computer, GO check them out!
This is my guide To Secure your PC after a fresh installation of Windows
If you think that your Phone or your PC has been hacked, you have to check it right now!
That's how you can be more Anonymous on the internet!
The Future of Cyber-Security, what to expect?
The best Crypto debit card – Wirex!
These are the best VPN to protect your numeric life: NordVPN, ExpressVPN and CyberGhost!
Your PC is slow? That's why!
Why is it important to Be Discreet on the Internet
What Do Tech Giants Know About You? A New Tool To Get An Idea!
Feel hot? Your Computer also!
How an Adware works?
That's how you should guard against Trojan!
What are the different Types of hackers?
These are magical and classic, friend.