cybersecurity

3238 readers

1 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 1 year ago

MODERATORS

[email protected]

Bluetooth security flaws reveals all devices launched after 2014 can be hacked (lemmy.world)

submitted 11 months ago* (last edited 11 months ago) by [email protected] to c/[email protected]

1 comments fedilink hide all child comments

Security researchers have discovered new Bluetooth security flaws that allow hackers to impersonate devices and perform man-in-the-middle attacks.
The vulnerabilities impact all devices with Bluetooth 4.2 through Bluetooth 5.4, including laptops, PCs, smartphones, tablets, and others.
Users can do nothing at the moment to fix the vulnerabilities, and the solution requires device manufacturers to make changes to the security mechanisms used by the technology.

Research paper: https://dl.acm.org/doi/pdf/10.1145/3576915.3623066

Github: https://github.com/francozappa/bluffs

CVE: https://nvd.nist.gov/vuln/detail/CVE-2023-24023

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 15 points 11 months ago

Oh fun.

And disabling Bluetooth on phones isn't really a viable option these days because so many people use Bluetooth headphones because of the removal of headphone jacks/the convenience of Bluetooth earphones.

Thankfully the devices I look after are mainly iOS, windows, and macos, so patches should be available in due time.

People with old Android devices are going to be left out in the cold sadly. Thankfully my Samsung s21 is still in support.