iPhones Vulnerable to Attack Even When Turned Off

Attackers can target iPhones even when they are turned off due to how Apple implements standalone wireless features Bluetooth, Near Field Communication NFC and Ultra-wideband UWB technologies in the device, researchers have found. These features—which have access to the iPhone’s Secure Element SE...

Intel Corporation: [BrakTooth] Bluetooth vulnerability allows attacker to disconnect or deny reconnection to BT devices connected to a target. Attack #1

This bug was reported directly to Intel Corporation...

BrakTooth Bluetooth Bugs Bite: Exploit Code, PoC Released

The embargo period is over for a proof-of-concept PoC tool to test for the recently revealed BrakTooth flaws in Bluetooth devices, and the researchers who discovered them have released both the test kit and full exploit code for the bugs. BrakTooth is a collection of flaws affecting commercial...

BrakTooth Proof of Concept Tool Demonstrates Bluetooth Vulnerabilities

On November 1, 2021, researchers publicly released a BrakTooth proof-of-concept PoC tool to test Bluetooth-enabled devices against potential Bluetooth exploits using the researcher’s software tools. BrakTooth—originally disclosed in August 2021—is a family of security vulnerabilities in commercia...

A week in security (August 30 – September 5)

Last week on Malwarebytes Labs ProxyToken: another nail-biter from Microsoft Exchange Macs turn on apps signed by Symantec, treat them as malware Google Play sign-ins can be abused to track another person’s movements FTC bans SpyFone and its CEO from continuing to sell stalkerware BrakTooth...

BrakTooth Flaws Affect Billions of Bluetooth Devices

Plus: A spyware ban, a big WhatsApp fine, and more of the week's top security news...

BrakTooth 输入验证错误漏洞

BrakTooth is a family of 20 vulnerabilities affecting over 1,400 products based on 13 different Bluetooth devices sold by 11 of the world's leading vendors. An input validation error vulnerability exists in the BrakTooth Business Bluetooth Stack BT, which could lead to a DoS and arbitrary code...

Bluetooth Bugs Open Billions of Devices to DoS, Code Execution

Researchers have disclosed a group of 16 different vulnerabilities collectively dubbed BrakTooth, which impact billions of devices that rely on Bluetooth Classic BT for communication. According to an academic paper from the University of Singapore, the bugs are found in the closed commercial BT...

BrakTooth Bluetooth vulnerabilities, crash all the devices!

Security researchers have revealed details about a set of 16 vulnerabilities that impact the Bluetooth software stack that ships with System-on-Chip SoC boards from several popular vendors. The same group of researchers disclosed the SweynTooth vulnerabilities in February 2020. They decided to du...

New BrakTooth Flaws Leave Millions of Bluetooth-enabled Devices Vulnerable

A set of new security vulnerabilities has been disclosed in commercial Bluetooth stacks that could enable an adversary to execute arbitrary code and, worse, crash the devices via denial-of-service DoS attacks. Collectively dubbed "BrakTooth" referring to the Norwegian word "Brak" which translates...