BrakTooth Flaws Affect Billions of Bluetooth Devices
When Apple announced in August to do so checking for child sexual abuse material on customers ’devices, privacy advocates and cryptographers immediately and vehemently rejected the idea. In the face of lasting backlash, the company said on Friday it would stand, at least for now. While Apple hasn’t completely changed the course, most of its critics at least need a lot of time to hear their concerns before pushing the system to life.
In Louisiana, hundreds of thousands of people remained without power several days after Hurricane Ida devastated. We watched what it takes to get the lights back on in New Orleans and nearby parishes, and why it could take a few more weeks until everything is up and running.
Happy working day weekend to the celebrants! Well, except Ransomware gangs and other hackers, who use many weekends and holidays to inflict the most pain at targets that are likely to be staffed or distracted. The most hackware ransomware of the year occurred before Mother’s Day, Memorial Day, and the Fourth of July. As the clock ticks, not long after we published this story the U.S. Cyber Command warned about a “exploitation of the majority“on a remote error management software from Atlassian. Hope you’ve finished your patches! On a more individual level, here’s a tutorial from our friends at WIRED UK to help avoid the hack yourself.
And there is more! Each week we focus on all the WIRED security news not covered in depth. Click on the news headlines to read the full stories, and stay safe there.
We wrote about the many Bluetooth bugs that’s it more seasons, nothing to do why they keep happening and why you want to turn off Bluetooth if you are not using it as a result. That being said the existence of a new set of flaws, known throughout BrakTooth, is not surprising. But neither should it be ignored; vulnerabilities can carry a variety of consequences, up to and including the ability to execute malware on a device. On a less destructive but still annoying level, we could be an attacker of errors to crash a nearby Bluetooth device. Given the large number of companies affected, it is impossible to know how many potential targets will be patched or even reached. Add BrakTooth to the more alarming group.
The FTC this week banned a company called SpyFone from selling surveillance software, a first for the agency. It took the extra step of ordering SpyFone to notify anyone that spyware was installed on their device. The app and others like it can give stalkers an abuser a way to monitor photos, text, email, a victim’s location, and more. The FTC ordered the company to delete any information that may still be on its servers. Spyware remains a thriving industry as a whole, so the FTC should have no shortage of opportunities for further enforcement.
OMG cable, first introduced in 2019, is something a hacker is happy about. While it looks like a normal Lightning cable, it makes itself a hotspot, allowing hackers to connect to any device it’s plugged into. From there, they can plant malware, steal data, or record keystrokes. The latest version, unveiled this week, features new formats such as Lightning to USB-C and USB-C to USB-C, has a wider range, and introduces geofencing features. You should only use cables from trusted sources though, but make it a reminder.
More WIRED Stories