As we are living the "fallout" from the recently disclosed KRACK (Key Reinstallation AttaCK) vulnerabilities, I would like to know if anyone has any additional information or insights about it and also what Check Point has to say about it...
KRACK is an attack that targets the WPA2 (Wi-Fi Security Protocol) 4-way handshake and allows the attacker to do many nasty things like MITM, SSL strip, inject malicious data into communications, etc. The big issue here is that almost every implementation of WPA2 is affected, so all(most) of our Wi-Fi enabled devices (including our loved IoT) are at risk.
Details about the KRACK (official website):
Any additional thoughts here are welcome, including advisories about mitigations and what to do.