Author : Peter Hunt
On September 3, 2019, the ASSET Research Group published their discovery of three security vulnerabilities in the Wi-Fi protocol code used in the popular ESP32 and ESP8266 chipsets from Espressif, specifically relating to the extensible authentication protocol (EAP).
Providing IoT security is an ongoing effort, not a one-time process. New threats will always emerge. The latest vulnerability to present itself is the Key Reinstallation Attack (KRACK), which exploits a vulnerability in the WPA2 protocols that are commonly used on Wi-Fi networks. The vulnerability allows attackers to intercept and inspect data that was encrypted by the Wi-Fi network.