WiFicalypse continued
Table of contents
Crack of WPAv1 / WPAv2 Pre-shared keys
As announced some days ago in Hashcat forum a new method was found to crack WPAv1 / WPAv2 Pre-shared keys. The method speeds up the time to crack WPAv1 / WPVA2 Pre-sharded keys because an attcker does not need to wait for network traffic and the four-way handshake process (EAPOL - Extensible Authentication Protocol over LAN).
Cisco Security Advisory
Cicso just announced some hours ago the Informational Advisory https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180809-wpa2 that their products are not affected due to the lack of PMKID (Pairwise master key identifier) support.
However Cisco recommends:
When possible, migrate to 802.1x from any Wi-Fi authentication mechanism that
uses a PSK. Cisco does not recommend using a PSK as an authentication mechanism,
and its use should be relegated to specific compatibility scenarios
If migrating from a PSK to 802.1x is not possible, configure a strong PSK with
a minimum length of 18 characters or more
News articles
See also some news article at The Register Security (english) and Heise Online Security (german).