104
Bluetooth security flaws reveals all devices launched after 2014 can be hacked (lemmy.world)
submitted 11 months ago* (last edited 11 months ago) by bless@lemmy.world to c/cybersecurity@lemmy.capebreton.social
16 comments fedilink hide all child comments

  • Security researchers have discovered new Bluetooth security flaws that allow hackers to impersonate devices and perform man-in-the-middle attacks.

  • The vulnerabilities impact all devices with Bluetooth 4.2 through Bluetooth 5.4, including laptops, PCs, smartphones, tablets, and others.

  • Users can do nothing at the moment to fix the vulnerabilities, and the solution requires device manufacturers to make changes to the security mechanisms used by the technology.

Research paper: https://dl.acm.org/doi/pdf/10.1145/3576915.3623066

Github: https://github.com/francozappa/bluffs

CVE: https://nvd.nist.gov/vuln/detail/CVE-2023-24023

you are viewing a single comment's thread
view the rest of the comments
[-] XbSuper@lemmy.world 3 points 11 months ago

Could they possibly intercept a call between a smartwatch and phone, during a gpay or apple pay? This is the biggest concern I have, as I use my watch to pay for everything.

[-] andrew_bidlaw@sh.itjust.works 1 points 11 months ago

Depends on how often they contact each other, I guess. Is phone even needed to do so once you authorized the watch? Can you pay with your phone being anywhere else?

this post was submitted on 01 Dec 2023
104 points (99.1% liked)

Cybersecurity News

1326 readers
1 users here now

Welcome to Cybersecurity News!

A community that collect news and other tidbits related to cybersecurity in all its domains.

There are no hard and fast rules regarding what to post here-- we are fine with both pop news articles and more technical pieces regarding cybersecurity.

We use a bot called flynnbot to repost some rss feed content but the majority of posts are human-curated.

New to Cybersecurity?

Here are some resources to get you started:

Related Communities

!security_cpe@infosec.pub
!cybersecurity@zerobytes.monster
!packetstorm@zerobytes.monster
!security@programming.dev
!secops@lemmy.world
!cybersecurity@sh.itjust.works
!netsec@zerobytes.monster
!securitynews@infosec.pub
!cloudsecurity@infosec.pub
!netsec@links.hackliberty.org
!cybersecurity@infosec.pub
!cybersecuritymemes@lemmy.world

founded 1 year ago
MODERATORS
videodrome@lemmy.capebreton.social
flynnbot@lemmy.capebreton.social