Cyber security news for all

More

    Numerous Apple devices are attacked from a short distance via Bluetooth

    The new security notice, which draws attention to a new vulnerability in the Bluetooth interface is actually only given a medium risk level. However, it does not appear to be quite as harmless. For affected devices, experts recommend that you no longer use the Bluetooth function until a security update closes the vulnerability. An attacker can apparently connect to the connection between the paired devices.

    Not only Apple devices are affected, but also other users of Intel and Samsung too. In addition to notebooks and Android smartphones, routers are also among the affected devices. The security vulnerability is also known as BIAS (Bluetooth Impersonation Attacks).

    Attackers Gain Access To Additional Bluetooth Functions

    Protection is supposed to offer a secure authentication procedure, but according to security researchers it is possible for an attacker to use the pairing process for attacks. Both the configuration methods Bluetooth Low Energy and Basic Rate Core Configuration are affected. Both types of configuration can be attacked. With the latter, the attacker is given the opportunity to gain access to additional Bluetooth functions. However, these are only available after confirmation by the user. Obviously, the danger posed by the security vulnerability is only limited. The range of Bluetooth is also quite limited, which makes attacks more difficult. Apple should close the vulnerability as soon as possible.

    The security researchers of PDF say that the attack pattern looks like this: The attacker pretends to have a trustworthy device and also claims to support one sided authentication. A request is then sent that the attacker device wants to switch roles to take control of the authentication process. Now comes the security flaw: The device under attack agrees to this and the attacker gains control. Fortunately, the vulnerability was discovered and the Bluetooth Special Interest Group was informed as early as possible. This allowed the standard to be adjusted and the manufacturers to be informed in order to develop patches.

    Recent Articles

    Millions of RDP attacks on home offices

    Since the corona related move to the home office, the number of daily hacker attacks on remote desktop connections has increased more than tenfold....

    KuCion crypto confirms 150 million dollar security breach

    Cyber criminals were able to steal from the KuCion crypto and stole coins worth millions. On the evening of last Friday, KuCion crypto noticed...

    Hungarian banks were the target of a massive DDoS attack

    Several banks and the Hungarian Telekom have been the target of a cyber attack. The attacks are said to have come in several waves...

    The source code of Windows XP is leaked

    The source code of Windows XP is currently freely accessible. The media says that data first appeared on 4chan and is currently being exchanged...

    Hackers send malicious Azure Cloud apps to Microsoft

    Microsoft has banned some Azure Cloud applications from its cloud that the company identified as part of an attack infrastructure. Microsoft describes the approach...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox