Cyber security news for all

More

    Cyberattack method was described that exploit weaknesses in the classic Bluetooth protocol

    Security researchers of Bluetooth describe gaps in the authentication process of the classic Bluetooth devices that allow a third party device to connect to a nearby device.

    The crux of the matter is the so called pairing when establishing a connection between Bluetooth device. So that a user does not always have to confirm a connection between a smartphone and headphones, a long-term secret key is agreed upon the first connection. This is then sufficient for future connections.

    The researchers have now succeeded in faking a Bluetooth device into the identity of another device that has already been paired, and thus establishing a connection. Before that, an attacker can create a pairing process between two devices and thus learn public information such as the Bluetooth name, addresses, protocol version numbers and capabilities. Here’s the list of the devices tested:

    The Discoverers Call The Attack Method BIAS (Bluetooth Impersonation Attacks)

    Numerous Bluetooth devices and chips are affected because the problem is due to the classic Bluetooth protocol, which practically all devices such as smartphones, tablets and laptops use. The security experts successfully carried out the attack on Bluetooth devices, including iPhone, various notebooks and pixel smartphones.

    The problem was discovered and reported to the Bluetooth Special Internest Group at the end of last year. The group then adapted the Bluetooth core specification. However, firmware updates for the Bluetooth chips are now required. So far, the researchers have not been able to say whether these have already occurred. Apple has not yet released more information on patched security holes for the iOS update.

    To what extent the security vulnerability demonstrated is really being used in practice is unclear. Attacks do not work worldwide, but only within the reception range of Bluetooth devices, which is usually close to 10 meters with a clear view. If you want to protect yourself better, you should switch off Bluetooth when you don’t need it.

    Recent Articles

    Unauthorized access at Scalable Capital

    There has apparently been unauthorized access to individual data at Scalable Capital. The company informed its customers about the incident by mail yesterday, referring...

    The US accuses Russian officers of being in charge for cyber attacks

    The US government has brought charges against Russians who are alleged to have been involved in various cyber attacks as officers of the military...

    Twitter changed its rules for dealing with hacked data

    On Friday night, access to Twitter was disconnected for about two hours. The Chief Engineer announced that the reason was a rebuild in the...

    Norway sees Russia as the perpetrator of the cyber attack

    "It is important that our government refuses to send the Russians a clear sign that we do not know," said the Norway government. According...

    Phishing mail with an incorrect form for Corona bridging aid

    The representation of the European Commission warned of a phishing attempt targeting small and medium sized enterprises. Under the pretext for corona bridging aid,...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox