- Joined
- May 28, 2019
- Messages
- 8,120
- Points
- 113
Researchers have discovered critical Bluetooth vulnerabilities that could potentially affect billions of devices around the world. The newly discovered exploits are categorized as Bluetooth Forward and Future Secrecy Attacks and Defenses, or BLUFFS for short. A researcher at EURECOM published a paper on them detailing how an attacker can utilize a man-in-the-middle (MITM) technique to impersonate a paired device using four flaws in the key derivation process. Once that stage is achieved the attacker can then brute-force attack the device(s) to further decrypt the key for access. The vulnerabilities affect BT 4.2 through the current BT 5.4 version and technically cannot be patched out. However, it's not all bad news as it's possible to mitigate the vulnerabilities with increased security settings. The Bluetooth SIG has posted its statement regarding the findings in a new security bulletin.
See full article...
See full article...