As Robin Wilton discussed a few days ago in Roca: Encryption Vulnerability and What to do About It, yet another security vulnerability has been discovered. If you have one of the ISOC-branded Yubikey 4s that we have given out at some conferences, they were affected by the recently disclosed Infineon vulnerability. See these two links for details:
This issue impacts only some limited uses of the keys. For details, see
You can get your ISOC-branded Yubikey 4 replaced at no cost to you by going to this page and following the instructions.
If you have questions or concerns, please contact Steve Olshansky, Internet Technology Program Manager, at <email@example.com>.