Security News

Bluetooth vulnerabilities that a Google security researcher has identified in the Linux kernel could be exploited to run arbitrary code or access sensitive information. The most severe of these flaws is CVE-2020-12351, a heap-based type confusion that affects Linux kernel 4.8 and higher.

When, say, an iPhone is getting ready to pair up with Bluetooth-powered device, CTKD's role is to set up two separate authentication keys for that phone: one for a "Bluetooth Low Energy" device, and one for a device using what's known as the "Basic Rate/Enhanced Data Rate" standard. Different devices require different amounts of data - and battery power - from a phone.

A team of academic researchers have discovered a Bluetooth Low Energy vulnerability that allows spoofing attacks that could affect the way humans and machines carry out tasks. It potentially impacts billions of Internet of Things devices, researchers said, and remains unpatched in Android devices.

A "Hack-proof" smart padlock with security based on blockchain technology could be defeated by a simple Bluetooth replay attack - or a 1kg lump hammer. Its unique selling point is that the padlock can be locked and unlocked using an app that transmits over a Bluetooth Low Energy connection, rather than a physical key or combination lock.

Named BLURtooth, aka CVE-2020-15802, the flaw was present in the Bluetooth BR/EDR from specification version 4.2 to 5.0. The latest version of the Bluetooth spec is 5.2.

There are two types of Bluetooth protocols related to the attack - the older Bluetooth Classic and newer Bluetooth Low Energy. The process of CTKD is utilized when two dual-mode devices pair with each other - "Dual-mode" meaning that they support both BLE and BR/EDR. The process means the devices only need to pair over either BLE or BR/EDR to get the encryption keys - called Link Keys - for both transport types in one go.

Bluetooth SIG-an organization that oversees the development of Bluetooth standards-today issued a statement informing users and vendors of a newly reported unpatched vulnerability that potentially affects hundreds of millions of devices worldwide. Discovered independently by two separate teams of academic researchers, the flaw resides in the Cross-Transport Key Derivation of devices supporting both - Basic Rate/Enhanced Data Rate and Bluetooth Low Energy standard.

A security vulnerability in the Cross-Transport Key Derivation of devices supporting both Bluetooth BR/EDR and LE could allow an attacker to overwrite encryption keys, researchers have discovered. The implementation of CTKD in older versions of the specification "May permit escalation of access between the two transports with non-authenticated encryption keys replacing authenticated keys or weaker encryption keys replacing stronger encryption keys," the Bluetooth Special Interest Group explains.

As first reported by Ars Technica, Bridgefy was promoting itself earlier this year as the app of choice for protesters in Hong Kong and India to organise their activities without being easily spied upon by law enforcement agencies. The app uses both the internet and Bluetooth Low Energy for passing messages between users, falling back to the latter as a mesh network if wider internet connectivity is unavailable.

Offensive Security has released Kali Linux 2020.3, the latest iteration of the popular open source penetration testing platform. Kali NetHunter - Kali's mobile pentesting platform/app - has been augmented with Bluetooth Arsenal, which combines a set of Bluetooth tools in the app with pre-configured workflows and use cases.