Cyber security news for all

More

    Security gaps in Bluetooth low-energy implementation systems

    When it comes to vulnerabilities, most people will think of the internet first. This is in fact the greatest source of danger, but by no means the only one, because malware or hackers can also exploit errors in other device connections.

    3 Taiwanese security researchers, known as Sweyntooth have announced bugs in the implementation of Bluetooth low-energy technology in the system on-chips of various manufacturers. The good news: Before the release of their proof-of concept, the discoverers gave the producers time to provide patches. Four of the companies mentioned that they have already done this. In addition, the researchers consider only one of the security vulnerabilities to be critical, while the rest only freeze or crash the devices.

    Bluetooth vulnerabilities

    Bluetooth-Enabled Devices That Are Installing The Affected Chips

    But there is also bad news: There are countless manufacturers on the market for Bluetooth-enabled devices that are installing the affected chips. It is therefore difficult to determine which and how many devices are vulnerable in this way. All device types from wearables and smart home applications to medical products are probably affected. It is also difficult to assess whether the patches are already available that have actually been imported.

    The security researchers name seven chip manufacturers affected in their publication, but at the same time emphasize that their list is not exhaustive. Other manufacturers not mentioned are not necessarily safer. In addition, users must first check which chip has been installed in their device and then hope that the manufacturer of the device will also pass on the update from the chip manufacturer.

    How Bad Are The Security Gaps Really?

    First, let’s take a closer look at the critical vulnerability. This is a bug when connecting new devices via Bluetooth, which enables attackers to bypass the actually intended, secure authentication process. In this way, they could gain both read and write access. Fortunately, only one manufacturer’s chip is affected by this problem. In addition, the attacker must be in close proximity to the device to connect. Attacks from a distance are thus already ruled out.

    Recent Articles

    Millions of RDP attacks on home offices

    Since the corona related move to the home office, the number of daily hacker attacks on remote desktop connections has increased more than tenfold....

    KuCion crypto confirms 150 million dollar security breach

    Cyber criminals were able to steal from the KuCion crypto and stole coins worth millions. On the evening of last Friday, KuCion crypto noticed...

    Hungarian banks were the target of a massive DDoS attack

    Several banks and the Hungarian Telekom have been the target of a cyber attack. The attacks are said to have come in several waves...

    The source code of Windows XP is leaked

    The source code of Windows XP is currently freely accessible. The media says that data first appeared on 4chan and is currently being exchanged...

    Hackers send malicious Azure Cloud apps to Microsoft

    Microsoft has banned some Azure Cloud applications from its cloud that the company identified as part of an attack infrastructure. Microsoft describes the approach...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox