Bluetooth


BlueBorne affects devices supporting Bluetooth. As such, the PoC they demoed does not spread over Bluetooth: it takes control of a given Bluetooth victim. Apparently, the researchers said they locally created a botnet. But that was clearly a local inside test, and we have no details regarding the botnet's payload. [Read More]
by RSS Axelle Apvrille  |  Sep 19, 2017  |  Filed in: Security Research
Bluetooth is one of the most widely deployed and used connectivity protocols in the world. Everything from electronic devices to smartphones uses it, as do a growing number of IoT devices. Now, a new Bluetooth exploit, known as BlueBorne, exploits a Bluetooth, making literally billions of devices potentially vulnerable to attack. BlueBorne is a hybrid Trojan-Worm malware that spreads thru the Bluetooth protocol. Because it includes worm-like properties, any infected system is also a potential carrier, and will actively search for vulnerable hosts.... [Read More]
by RSS Aamir Lakhani  |  Sep 14, 2017  |  Filed in: Security Research
In the new digital economy, access to data is critical. Meeting the shifting demands of consumers, monitoring and managing critical network and system components in real time, and creating algorithms to extract meaningful information from the Big Data these devices can generate are all necessary to compete in the new digital marketplace. Part of this digital transformation is the adoption of IoT devices and networks, which continue to be deployed in networks at an unprecedented rate. [Read More]
by RSS Phil Keeley, Peter Newton  |  Sep 13, 2017  |  Filed in: Industry Trends
Quite strangely, there is no easy way to check the battery level of your Fitbit tracker. You can configure your profile to send you notifications when the battery is low, but that's about all. As I was researching Bluetooth Low Energy (BLE), I noticed however that Fitbit trackers do offer the standard Battery Service (0x180f) along with the (standard) Battery Level characteristic (0x2a19). [Read More]
by RSS Axelle Apvrille  |  Dec 09, 2016  |  Filed in: Security Research
Part II: Fortinet Analysis Developing our own opinion In part one of this two-part series, I provided an overview of smart lock technology and some of its vulnerabilities and risks. We also decided to ‘try our luck’ with the security of these solutions in the Fortinet FortiGuard Lab, so we ordered some random brand smart locks for testing. Two of our main vulnerability researchers, Tony Loi and Tien Phan, were able to do some in-depth analysis these last few weeks. Not only were they able to confirm the attacks demonstrated by... [Read More]
by RSS David Maciejak  |  Oct 07, 2016  |  Filed in: Security Research
Part I: The Problem About 4000 years ago, as we began the development of our modern way of life, people started to also want their own privacy and the ability to safeguard their possessions. The lock and key concept was created at that time. The first were made with hardwoods, then metals. Some were amazingly intricate. But eventually, they evolved to become the latest iteration of that ancient concept, something we have seen developing over the last few years: the smart lock. The key has been replaced by your smartphone or smartwatch, but the... [Read More]
by RSS David Maciejak  |  Oct 06, 2016  |  Filed in: Security Research