Researchers find BrakTooth flaws affect billions of Bluetooth Devices
By MYBRANDBOOK
According to news reports, Singapore University of Technology and Design researchers have revealed a family of 20 vulnerabilities, which they collectively dubbed BrakTooth, that affect more than 1,400 products based on 13 different Bluetooth devices sold by 11 of the world's leading vendors.
The security flaws were confirmed to affect 1,400 smartphones, laptops, keyboards, headphones, and other Bluetooth-enabled devices. But that's a minimum. BrakTooth can reportedly be exploited to conduct denial of service (DoS) attacks and enable arbitrary code execution (ACE) on target devices. DoS attacks can disrupt the victim's Bluetooth connection or, in some cases, require Bluetooth connectivity to be restarted manually. ACE can be used to erase user data, disable wireless connectivity, or interact with other devices.
BrakTooth only enables ACE on the ESP32 system on chip (SoC) made by Espressif Systems. The bad news: The ESP32 is commonly found in Internet of Things (IoT) devices as well as industrial systems. The SoC is so common that the researchers' proof of concept exploit actually uses an ESP32 development kit to conduct attacks on target devices.
The researchers said they disclosed BrakTooth to all of the affected vendors. Some companies have already released firmware patches to address the vulnerability, others are investigating the issue, and a few have said they don't plan to fix the flaw.
The researchers said they don't plan to publicly release the full proof of concept exploit until the end of October 2021 because that's when Intel is supposed to patch its devices. They did, however, release instructions for "a low-cost BT Classic (BR/EDR) Active Sniffer" that will use the proof of concept exploit when it's released.
The government of India intends to construct a single portal f
A single portal will be launched by the Indian government to list all of it...
OpenAI offers GPT-4o, a faster model available to all users at
GPT-4o, a faster and more sophisticated AI model, is made available to all...
Paytm brings UPI Lite Wallet for low-value transactions
Paytm’s parent company One97 Communications (OCL) is emphasizing upon UP...
BHIM to join e-commerce, competing with PhonePe and Google Pay
The government-supported payment software BHIM is getting ready to join t...
DRUVA SOFTWARE PVT. LTD.
FINOLEX INDUSTRIES LTD.
INFOSYS TECHNOLOGIES PVT. LTD.
SECUREYE SERVICES PVT. LTD.
Technology Icons Of India 2023: Nandan Nilekani
Nandan Nilekani is the Co-Founder and Chairman of the Board, Infosys T...
Technology Icons Of India 2023: Nikhil Rathi
Nikhil Rathi, Co-founder & CEO of Web Werks, a global leader in Data C...
Technology Icons Of India 2023: Sridhar Vembu
Sridhar Vembu is an Indian billionaire business magnate and the Founde...
CERT-IN protecting the cyber security space of India
CERT-In serves in the area of cyber security threats like hacking and ...
BEL leveraging next generation technologies to keep the country ahead in Defence space
Bharat Electronics Limited (BEL) is a Navratna PSU under the Ministry ...
GSTN aims to integrate indirect tax ecosystem on a shared IT infrastructure
Goods and Services Tax Network (GSTN) has built Indirect Taxation plat...
SATCOM INFOTECH PVT. LTD.
Satcom Infotech Pvt. Ltd is a distribution houses in security in India...
Crayon Software Experts India Pvt Ltd
Crayon helps its customers build the commercial and technical foundati...
SAVEX TECHNOLOGIES PVT. LTD.
Savex Technologies is the 3rd largest Information & Communication Tec...