Researchers find BrakTooth flaws affect billions of Bluetooth Devices
By MYBRANDBOOK
According to news reports, Singapore University of Technology and Design researchers have revealed a family of 20 vulnerabilities, which they collectively dubbed BrakTooth, that affect more than 1,400 products based on 13 different Bluetooth devices sold by 11 of the world's leading vendors.
The security flaws were confirmed to affect 1,400 smartphones, laptops, keyboards, headphones, and other Bluetooth-enabled devices. But that's a minimum. BrakTooth can reportedly be exploited to conduct denial of service (DoS) attacks and enable arbitrary code execution (ACE) on target devices. DoS attacks can disrupt the victim's Bluetooth connection or, in some cases, require Bluetooth connectivity to be restarted manually. ACE can be used to erase user data, disable wireless connectivity, or interact with other devices.
BrakTooth only enables ACE on the ESP32 system on chip (SoC) made by Espressif Systems. The bad news: The ESP32 is commonly found in Internet of Things (IoT) devices as well as industrial systems. The SoC is so common that the researchers' proof of concept exploit actually uses an ESP32 development kit to conduct attacks on target devices.
The researchers said they disclosed BrakTooth to all of the affected vendors. Some companies have already released firmware patches to address the vulnerability, others are investigating the issue, and a few have said they don't plan to fix the flaw.
The researchers said they don't plan to publicly release the full proof of concept exploit until the end of October 2021 because that's when Intel is supposed to patch its devices. They did, however, release instructions for "a low-cost BT Classic (BR/EDR) Active Sniffer" that will use the proof of concept exploit when it's released.
Singapore to remove One-Time Passwords from Bank Accounts
According to the Monetary Authority of Singapore, clients who utilise secur...
Is 375 million Airtel subscribers database breached?
When a hacker claims to have accessed and put up for sale a customer databa...
The government of India intends to construct a single portal f
A single portal will be launched by the Indian government to list all of it...
OpenAI offers GPT-4o, a faster model available to all users at
GPT-4o, a faster and more sophisticated AI model, is made available to all...
ICONS OF INDIA : SACHIN BANSAL
Sachin Bansal is an Indian entrepreneur. He is best known as the found...
Icons Of India : Deepak Sharma
Deepak Sharma spearheads Schneider Electric India. He brings with him ...
ICONS OF INDIA : RISHAD PREMJI
Rishad Premji is Executive Chairman of Wipro Limited, a $11.3 billion ...
CSC - Common Service Centres
CSC initiative in India is a strategic cornerstone of the Digital Indi...
PFC - Power Finance Corporation Ltd
PFC is a leading financial institution in India specializing in power ...
DRDO - Defence Research and Development Organisation
DRDO responsible for the development of technology for use by the mili...
Indian Tech Talent Excelling The Tech World - Lal Karsanbhai, President & CEO, Emerson
Lal Karsanbhai, President and CEO of Emerson, assumed the leadership i...
Indian Tech Talent Excelling The Tech World - Shantanu Narayen, CEO- Adobe Systems Incorporated
Shantanu Narayen, CEO of Adobe Systems Incorporated, is renowned for h...
Indian Tech Talent Excelling The Tech World - George Kurian, CEO, Netapp
George Kurian, the CEO of global data storage and management services ...