The level and speed of innovations taking place in the biotech industry are baffling. On the one hand, it makes us hopeful we can quickly reduce the number of illnesses and their consequences through technological advancement—saving thousands of lives. On the other, concerns about the application of Internet-connected technology leave us wondering: at what c

Security experts have discovered multiple flaws, dubbed SweynTooth, in the Bluetooth Low Energy (BLE) implementations of major system-on-a-chip (SoC) vendors. A group of researchers has discovered multiple vulnerabilities, tracked as SweynTooth, in the Bluetooth Low Energy (BLE) implementations of major system-on-a-chip (SoC) vendors. The group was co

byPaul DucklinA trio of researchers from Singapore just published a paper detailing a number of security holes they discovered in Bluetooth chips from several different vendors.The good news is that they disclosed the holes responsibly back in 2019 and waited 90 days – a sort-of industry standard period popularised by Google’s Project Zero team &

Google addressed a critical vulnerability in its Android OS that affects the Bluetooth subsystem and could be exploited without user interaction. Google has addressed a critical flaw in Android OS that affects the Bluetooth subsystem and could be exploited without user interaction. The vulnerability tracked as CVE-2020-0022 is a remote code execution

Security researchers with Pen Test Partners have discovered a vulnerability in the Lovense Hush sex toys, an IoT-enabled butt plug. The recent discovery that internet connected sex toys have major security and privacy flaws should come as no shock but this does raise the issue of how to both satisfy the consumer’s needs while providing maximum protection.  T

by Vít Šembera (Cyber Threat Researcher) BlueBorne is a set of vulnerabilities affecting the implementation of Bluetooth in iOS, Android, Linux, Windows and Mac OS* devices. According to the researchers who uncovered them, BlueBorne affects around 5.3 billion Bluetooth-enabled devices. The immediate mitigation for BlueBorne is to patch the device, if there’s

This blog has featured several stories about “overlay” card and PIN skimmers made to be placed atop Ingenico-brand card readers at store self-checkout lanes. I’m revisiting the topic again because a security technician at a U.S.-based retailer recently shared a few photos of several of these devices pulled from compromised card terminals, a

Most users take Bluetooth security for granted. When you’re enjoying the convenience of hands-free phone conversations, streaming podcasts in your car or jogging with your awesome new wireless headphones, do you need to worry about whether the communication channel is secure or not? What’s acceptable for consumers may not meet corporate standards

This blog has featured several stories about payment card skimming devices designed to be placed over top of credit card terminals in self-checkout lanes at grocery stores and other retailers. Many readers have asked for more details about the electronics that power these so-called “overlay” skimmers. Here’s a look at one overlay skimmer  e

Crooks who deploy skimming devices made to steal payment card details from fuel station pumps don’t just target filling stations at random: They tend to focus on those that neglect to deploy various tools designed to minimize such scams, including security cameras, non-standard pump locks and tamper-proof security tape. But don’t take my word for

Internal workshops are one of the reoccurring events at ERNW, that help us to gain knowledge in areas outside our usual expertise. One of the recent workshops which happened during the week from August 22nd-25th was Hardware Hacking. Held by Brian Butterly (@BadgeWizard) and Dominic Spill (@dominicgs), this workshop took place in two parts. Brian kickstarted

Security Researchers demonstrated at the Def Con hacker conference how it is easy to open some Bluetooth-based smart locks. Last week security researchers Ben Ramsey and Anthony Rose of Merculite Security demonstrated at the Def Con conference how it is easy to open some Bluetooth-based smart locks. The duo analyzed 16 smart locks from companies such as Ceom

A security researcher has developed a method by which one can exploit a vulnerability in FitBit fitness trackers and subsequently deliver malware to the target device in 10 seconds.FitBit (Source: PCMag)Axelle Apvrille (@cryptax), a malware researcher at network security firm Fortinet, has found that FitBit wearables are open on their Bluetooth ports, a prop

-Sept. 9, 12:30 p.m. CT, Yucatan Peninsula, Mexico: Halfway down the southbound four-lane highway from Cancun to the ancient ruins in Tulum, traffic inexplicably slowed to a halt. There was some sort of checkpoint ahead by the Mexican Federal Police. I began to wonder whether it was a good idea to have brought along the ATM skimmer instead of leaving it in t

BTCrawler is an application used to to discover Bluetooth devices and the services they provide, it is useful if you wish to know which Bluetooth enabled devices are in your proximity for debugging, spying, curiosity or any other purpose.With this program you’ll be even able to find every service provided by those devices and to list all its Bluetooth