all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Attack vectors on Yubikeys?

Add to bookmarks
May 9, 2023, 4:56 p.m. | /u/madGeneralist

cybersecurity www.reddit.com

I’m looking into what possible ways could yubikeys be bypassed, hacked, or tricked.

My understanding is that Yubikeys have credentials bound to the URL of registration, meaning a phishing site would not be able to pull credentials if the user is tricked.
Now I’m wondering, is there a way to “trick” the yubikey into thinking your website is the actually one tied to the account? (Dunno, DNS spoofing/poisoning?)

What happens if it gets stolen? (I know if you have them …

attack attack vectors credentials cybersecurity hacked phishing registration thinking understanding url yubikey

Visit resource

More from www.reddit.com / cybersecurity

Tryhack me and HTB 4 hours ago | www.reddit.com
advice cybersec cybersecurity experience +8
CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation 4 hours ago | www.reddit.com
cisa cybersecurity exploitation flaw +7
Millions of Docker repos found pushing malware,phishing sites 5 hours ago | www.reddit.com
cybersecurity
NCSC Guidance - Business email compromise: defending your organisation 8 hours ago | www.reddit.com
attacks budget business business email compromise +14
Federal Hiring Practices Revisited for Cyber Professionals? 8 hours ago | www.reddit.com
article cybersecurity experience hiring +5
CySA+ difficulty 8 hours ago | www.reddit.com
aim clear cybersecurity cysa +7
GeekWire: Generative AI is a dual concern for cybersecurity industry — and will drive increased … 11 hours ago | www.reddit.com
cybersecurity cybersecurity industry demand drive +4
Forbes Council Post: The Danger Of Zombie Leaks 11 hours ago | www.reddit.com
council cybersecurity forbes leaks +1
Change Healthcare hacked using stolen Citrix account with no MFA 11 hours ago | www.reddit.com
account change change healthcare citrix +5

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Senior Security Architect - Northwest region (Remote)

@ GuidePoint Security LLC | Remote
View on infosec-jobs.com

Senior Consultant, Cyber Security Architecture

@ 6point6 | Manchester, United Kingdom
View on infosec-jobs.com

Junior Security Architect

@ IQ-EQ | Port Louis, Mauritius
View on infosec-jobs.com

Senior Detection & Response Engineer

@ Expel | Remote
View on infosec-jobs.com

Cyber Security Systems Engineer ISSE Splunk

@ SAP | Southbank (Melbourne), VIC, AU, 3006
View on infosec-jobs.com
View more jobs