DUHK Attack Lets Hackers Recover Encryption Key Used in VPNs & Web Sessions

DUHK — Don’t Use Hard-coded Keys — is a new ‘non-trivial’ cryptographic implementation vulnerability that could allow attackers to recover encryption keys that secure VPN connections and web browsing sessions. DUHK is the third crypto-related vulnerability reported this month after KRACK Wi-Fi attack and ROCA factorization attack.

Read full news article on The Hacker News