Bluetooth Security Flaw Puts Billions at Risk -- Security Today

Bluetooth Security Flaw Puts Billions at Risk

Bluetooth Security Flaws Puts Billions at Risk

A set of vulnerabilities present in "almost every" device with Bluetooth capabilities has been revealed by researchers at security firm Armis.

Sep 13, 2017

A set of vulnerabilities present in "almost every" device with Bluetooth capabilities has been revealed by researchers at security firm Armis, according to ZDNet.

Armis found that eight separate flaws, known collectively as "BlueBorne," affect devices with the Bluetooth short-range wireless protocol. The most serious flaws allow a hacker to gain control of an affected device and its data. The flaws also leave network computers vulnerable, meaning sensitive business data could be at risk as well.

The researchers explained that the malware exploiting the attack may be particularly infectious by passing peer-to-peer and jumping laterally, poisoning adjacent devices when the Bluetooth is switched on. For example, a single infected device moving through a busy office past dozens of people with phones, tablets and computers with their Bluetooth switched on could cause an epidemic of exposed devices. This could ultimately lead to network infiltration, ransomware attacks or data theft.

"These silent attacks are invisible to traditional security controls and procedures," said Yevgeny Dibrov, Armis' chief executive. "Companies don't monitor these types of device-to-device connections in their environment, so they can't see these attacks or stop them."

These nearly undetectable flaws put the majority of devices around the world at risk - nearly 5.3 billion devices, including Windows, Android, Linux and Apple products.

IDIS Americas Continues Expansion With Technology Innovation and Growing Team Ahead of ISC West
01/31/2025
Paxton Announces New US Headquarters in Greenville, SC
01/31/2025
Napco Introduces New StarLink Signal Strength/Site Survey Tool
01/30/2025
Arrow Security Adds Two Security Industry Leaders
01/28/2025
Security Industry Association Releases New and Enhanced Privacy Resources on Data Privacy Day 2025
01/28/2025
Security LeadHER Opens Call for Speakers and Registration for 2025 Event
01/24/2025
Stronger Together: Stone Security, BearCom Team Up
01/23/2025
Genetec Named One of Canadas 2025 Top Employers for Young People
01/22/2025

Featured

5 Tips to Improve Your Password Security

Change Your Password Day is right around the corner. Observed every year on February 1, the day aims to raise awareness about cybersecurity and underscores the importance of keeping passwords strong and up to date. Read Now
- Cybersecurity
Enhancing Port Security

DP World Yarimca, one of the largest container terminals of the Gulf of İzmit and Turkey, is a strong proponent of using industry-leading technology to deliver unrivaled value to its customers and partners. As the port is growing, DP World Yarimca needs to continue to provide uninterrupted operations and a high level of security.To address these challenges, DP World Yarimca has embraced innovative technological products, including FLIR's comprehensive portfolio of security monitoring solutions. Read Now
- Infrastructure
Hot AI Chatbot DeepSeek Comes Loaded With Privacy, Data Security Concerns

In the artificial intelligence race powered by American companies like OpenAI and Google, a new Chinese rival is upending the market—even with the possible privacy and data security issues. Read Now
- Artificial Intelligence
- Cybersecurity
Survey: CISOs Increasing Budgets for Crisis Simulations in 2025

Today, Cyber Performance Center, Hack The Box, released new data showcasing the perspectives of Chief Information Security Officers (CISOs) towards cyber preparedness in 2025. In the aftermath of 2024’s high-profile cybersecurity incidents, including NHS, CrowdStrike, TfL, 23andMe, and Cencora, CISOs are reassessing their organization’s readiness to manage a potential “chaos” of a full-scale cyber crisis. Read Now
- Cybersecurity

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

QCS7230 System-on-Chip (SoC)

The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge.
A8V MIND

Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.
Compact IP Video Intercom

Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.