HackDig : Dig high-quality web security articles

Car owners warned of another theft-enabling relay attack

Tesla owners are no strangers to seeing reports of cars being tampered with outside of their control. Back in 2021, a zero-click exploit aided a drone in taking over the car’s entertainment system. In 2016, we had a brakes and doors issue. 2020 saw people rewriting key-fob firmware via Bluetooth. Andin January this year, a teen claimed he had managed t
Publish At:2022-05-17 16:57 | Read:1755 | Comments:0 | Tags:Hacking bluetooth car hacked key fob key-fob keyless entry r

Change Your BLE Passkey Like You Change Your Underwear

Using a static passkey for Bluetooth Low Energy pairing is insecure. Recent versions of the Bluetooth specification contain an explicit warning about this. However, in practice, we often see static passkeys being used. Moreover, there are no public implementations of proofs-of-concept that can practically show why using a static passkey is an issue. This is
Publish At:2021-10-21 12:21 | Read:2606 | Comments:0 | Tags:Breaking Misc Bluetooth IoT tool

BrakTooth Bluetooth vulnerabilities, crash all the devices!

Security researchers have revealed details about a set of 16 vulnerabilities that impact the Bluetooth software stack that ships with System-on-Chip (SoC) boards from several popular vendors. The same group of researchers disclosed the SweynTooth vulnerabilities in February 2020. They decided to dub this set of vulnerabilities BrakTooth. BrakTooth affects
Publish At:2021-09-02 15:15 | Read:1543 | Comments:0 | Tags:Exploits and vulnerabilities BLE bluetooth braktooth cve-202

New BrakTooth flaws potentially impact millions of Bluetooth-enabled devices

Security flaws in commercial Bluetooth stacks dubbed BrakTooth can be exploited by threat actors to execute arbitrary code and crash the devices via DoS attacks. A set of 16 security flaws in commercial Bluetooth stacks, collectively tracked as BrakTooth, can be exploited by threat actors to execute arbitrary code and crash the devices via DoS attacks.
Publish At:2021-09-02 14:25 | Read:3465 | Comments:0 | Tags:Breaking News Hacking Bluetooth braktooth Cybercrime hacking

NSA issues advice for securing wireless devices

By releasing an information sheet that provides guidance on securing wireless devices while in public (pdf)—for National Security System, Department of Defense, and Defense Industrial Base teleworkers—the NSA has provided useful information on malicious techniques used by cyber actors, and ways to protect against them. And anyone that does not belong to t
Publish At:2021-08-04 14:51 | Read:3820 | Comments:0 | Tags:101 bluetooth encrypted traffic HTTPS LLMNR masquerading mfa

French intel found flaws in Bluetooth Core and Mesh specs

Attackers could exploit a set of Bluetooth vulnerabilities, affecting the Core and Mesh Profile specifications, to conduct man-in-the-middle (MitM) attacks. Researchers at the french intelligence agency ANSSI discovered multiple flaws in the Bluetooth Core and Mesh Profile specifications that could be used to impersonate legitimate devices durin
Publish At:2021-05-24 20:33 | Read:2046 | Comments:0 | Tags:Breaking News Hacking Bluetooth Cybersecurity cybersecurity

How hackers are targeting your phone through Bluetooth

Bluetooth is an amazingly useful wireless technology built into almost every smartphone, tablet and laptop. We can use it to transfer files, play audio wirelessly, collect health data from wearable trackers and more. But like WiFi, Bluetooth is being targeted by hackers as a way to break into your devices and steal personal data. Because it is so useful, mos
Publish At:2021-03-29 05:24 | Read:1954 | Comments:0 | Tags:Mobile News Security bluetooth Mobile Security security hack

Hacking Christmas Gifts: Brushing with Bluetooth

If high-tech gadgets are on your holiday shopping list, it is worth taking a moment to think about the particular risks they may bring. Under the wrong circumstances, even an innocuous gift may introduce unexpected vulnerabilities. In this blog series, VERT will be looking at some of the Internet’s best-selling holiday gifts with an eye toward thei
Publish At:2021-02-18 02:44 | Read:2099 | Comments:0 | Tags:Internet of Things bluetooth gift IoT security hack

Google researcher found BleedingTooth flaws in Linux Bluetooth

Google security researcher discovered Bluetooth vulnerabilities (BleedingTooth) in the Linux kernel that could allow zero-click attacks. Andy Nguyen, a Google security researcher, has found Bluetooth vulnerabilities, referred to as BleedingTooth, in the Linux kernel that could be exploited by attackers to run arbitrary code or access sensitive information
Publish At:2020-10-14 20:47 | Read:3676 | Comments:0 | Tags:Breaking News Hacking BleedingTooth Bluetooth hacking news i

Beware Drive-By Downloads in Safari – Intego Mac Podcast Episode 154

The popular fitness tracking app Strava can assist stalkers; Facebook is irked about European regulators; a new Bluetooth vulnerability takes a new tack on attacks; and we look at some disturbing drive-by downloads that are coming from rogue Google ads.Strava and stalkersFacebook Says it Will Stop Operating in Europe If Regulators Don’t Back DownShortly afte
Publish At:2020-09-30 12:04 | Read:2365 | Comments:0 | Tags:Intego Mac Security Podcast Bluetooth Facebook Google Intego

Lock and Code S1Ep10: Pulling apart the Internet of Things with JP Taggart

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to JP Taggart, senior security researcher at Malwarebytes, about the Internet of Things. For years, Internet capabilities have crept into modern consumer products, providing sometimes convenient, sometimes extra
Publish At:2020-07-07 14:23 | Read:2488 | Comments:0 | Tags:Podcast beacons bluetooth Chromebook chromebook antivirus In

Why Zero-Click Cyberthreats Should Be on Your Radar

For years, the statistics have told us that human error is the greatest contributor to cyberattacks. We’ve stressed the importance of training, training and more training to prevent the almost inevitable from happening. We’ve been convinced that the key to defending against cyberthreats is to keep the unsuspecting from clicking on phishing emails
Publish At:2020-07-02 15:59 | Read:2728 | Comments:0 | Tags:Application Security Endpoint Mobile Security Advanced Malwa

A week in security (April 27 – May 3)

Last week on Malwarebytes Labs, we looked at how secure the cloud is, understood why unexpected demand can influence an organization to consider their “just in time” (JIT) system, speculated on why the threat actors behind the Troldesh ransomware suddenly released thousands of decryption keys, preached the good news about VPN being mainstream, touched on the
Publish At:2020-05-18 13:43 | Read:2901 | Comments:0 | Tags:Malwarebytes news Apple APT awis bluetooth bluetooth attack

CVE-2020-0022 an Android 8.0-9.0 Bluetooth Zero-Click RCE – BlueFrag

Nowadays, Bluetooth is an integral part of mobile devices. Smartphones interconnect with smartwatches and wireless headphones. By default, most devices are configured to accept Bluetooth connections from any nearby unauthenticated device. Bluetooth packets are processed by the Bluetooth chip (also called a controller), and then passed to the host (Android, L
Publish At:2020-05-03 08:57 | Read:2866 | Comments:0 | Tags:Breaking Android BlueFrag Bluetooth exploit

Mass surveillance alone will not save us from coronavirus

As the pattern-shattering truth of our new lives drains heavy—as coronavirus rends routines, raids our wellbeing, and whiplashes us between anxiety and fear—we should not look to mass digital surveillance to bring us back to normal. Already, governments have cast vast digital nets. South Koreans are tracked through GPS location history, credit card trans
Publish At:2020-04-15 18:12 | Read:8995 | Comments:0 | Tags:Opinion Apple Austria bluetooth Bluetooth contact tracing Bl

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud