Academic researchers have uncovered security vulnerabilities in Bluetooth Classic that allows attackers to spoof paired devices: They found that the bugs allow an attacker to insert a rogue device into an established Bluetooth pairing, masquerading as a trusted endpoint. This allows attackers to capture sensitive data from the other device. The bugs allow Bluetooth Impersonation Attacks (BIAS) on everything from internet of things (IoT) gadgets to phones to laptops, according to researchers at the École Polytechnique Fédérale de Lausanne (EPFL) in France. The flaws are not yet patched in the specification, though some affected vendors may have implemented workarounds.
Experts Comments
Linkedin Message
@Javvad Malik, Security Awareness Advocate, provides expert commentary at @Information Security Buzz.
"However, the saving grace for many is that in order to work, the attacker has to be within Bluetooth range...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/bluetooth-bugs-allow-impersonation-attacks-on-legions-of-devices-experts-reaction
Facebook Message
@Javvad Malik, Security Awareness Advocate, provides expert commentary at @Information Security Buzz.
"However, the saving grace for many is that in order to work, the attacker has to be within Bluetooth range...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/bluetooth-bugs-allow-impersonation-attacks-on-legions-of-devices-experts-reaction
Be part of our growing Information Security Expert Community (1000+), please register here.
Linkedin Message
@Chris Hauk, Consumer Privacy Champion, provides expert commentary at @Information Security Buzz.
"Phone manufacturers may have updated their devices to fix the Bluetooth security issue...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/bluetooth-bugs-allow-impersonation-attacks-on-legions-of-devices-experts-reaction
Facebook Message
@Chris Hauk, Consumer Privacy Champion, provides expert commentary at @Information Security Buzz.
"Phone manufacturers may have updated their devices to fix the Bluetooth security issue...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/bluetooth-bugs-allow-impersonation-attacks-on-legions-of-devices-experts-reaction