Threat Post

FreeRADIUS Update Resolves Authentication Bypass

Developers behind FreeRADIUS, an open source implementation of the networking protocol RADIUS, are encouraging users to update to address an authentication bypass found in the server. Developers ...
Bleeping Computer

New Blast-RADIUS attack bypasses widely-used RADIUS authentication

Blast-RADIUS, an authentication bypass in the widely used RADIUS/UDP protocol, enables threat actors to breach networks and devices in man-in-the-middle MD5 collision attacks. Many networked devices ...
Linux Journal

Paranoid Penguin - Securing WLANs with WPA and FreeRADIUS, Part I

Are you worried about the security of your 802.11b wireless local area network (WLAN) because you're using plain-old wired equivalent privacy (WEP)? If you're still relying on WEP alone, you should be ...
CSOonline

MD5 attack puts RADIUS networks everywhere at risk

A design flaw in the decades-old RADIUS authentication protocol allows attackers to take over network devices from a man-in-the-middle position by exploiting MD5 hash collisions. The “secure enough” ...