New Blast-RADIUS attack exploits 30-year-old protocol vulnerability

Ars Technica — July 9, 2024, 09:00 PM UTC

Summary: A new Blast-RADIUS attack exploits the 30-year-old RADIUS protocol's use of MD5 for authentication, affecting networks worldwide. RADIUS is crucial for VPNs, ISPs, Wi-Fi, cellular roaming, and more. Despite MD5's known vulnerabilities since 2004, RADIUS has not been updated. The attack allows adversaries to gain administrator access to devices. Security bulletins from 90 vendors are being issued with patches and long-term solutions in progress.

Full article

Article metrics

Significance6.0

Scale & Impact0.0

Positivity2.0

Credibility7.8

What is this?

This is article metrics. Combined, they form a significance score, that indicates how important the news is on a scale from 0 to 10.

My algorithm scores 10,000 news articles daily, and creates a single significance-ordered list of news.

Read more about how I calculate significance, or see today's top ranked news on the main page:

See today's news rankings

Timeline:

[2.8]
Critical RADIUS protocol vulnerability, BlastRADIUS, exposes networking equipment (Help Net Security)
104d 14h
Source