One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 1761425 |
| Date de publication | 2020-06-11 11:00:00 (vue: 2020-06-11 12:01:09) |
| Titre | Bluetooth security risks explained |
| Texte | What would we do without Bluetooth these days? Our earbuds and headphones would have to use annoying wires. We would have one less way to transfer files between your laptop and your phone. And how would you connect your phone to your car? But as a wireless data transfer standard, of course Bluetooth has some associated cybersecurity risks. You don’t want unauthorized parties to access the data you’re transferring via Bluetooth, nor do you want them to have access to your Bluetooth-enabled devices. It helps to know what the security risks with Bluetooth are so you can enjoy all of the convenience of the widespread wireless technology while mitigating its risks. The most common types of Bluetooth attacks BlueSmacking BlueSmacking is a way to execute a Denial of Service attack against a Bluetooth-enabled device. What’s a Denial of Service attack, you might ask? It’s when a target such as a server or device gets way more data packets or oversized data packets than it’s designed to handle. The target gets overwhelmed, so it shuts down. Thankfully Denial of Service attacks are relatively minor as far as cyber attacks in general are concerned. You can usually recover from one by rebooting the targeted device. But through the distraction or inconvenience of a Denial of Service attack, attackers are able to conduct more destructive cyber attacks. So Denial of Service attacks shouldn’t be underestimated. To get technical, a BlueSmack attack uses the L2CAP layer of Bluetooth’s networking stack to send a really oversized data packet. I couldn’t finish a large pizza in one sitting, and if I tried to force myself to I’d probably “shutdown” with a stomach ache on my couch. BlueSmack and Bluetooth is a similar concept. BlueJacking BlueJacking sounds like Bluetooth plus hijacking for a reason. BlueJacking is when one Bluetooth device hijacks another with spam advertising. Bluetooth usually has a broadcasting range of ten meters or about thirty feet. So your BlueJacking attacker would probably be in the same room as you. Or perhaps an attacker could leave a BlueJacking device on the street and target your phone while you walk past it. Like BlueSmacking, this attack is more of an annoyance than anything else. But phone messages can be a means of phishing attacks. Phishing is when an attacker pretends to be a trusted entity like your bank, phone company, or Amazon to entice the victim into clicking on a link or entering their sensitive information. A message sent by BlueJacking could contain a hyperlink to a website that has malware, or a website that grabs sensitive information from its victim. BlueSnarfing You probably notice a trend in the naming of these Bluetooth security risks. They’re all Bluetooth-specific exploits with the word Blue in their names. That helps make everything easy to understand. So what is BlueSnarfing? It’s similar to BlueJacking in some ways, but much more dangerous. You see, a BlueJacking attack just sends data, whereas a BlueSnarfing attack can take data. Data that is dangerous in the hands of cyber attackers, such as your text messages, emails, photos, and the unique identifying information that your phone or laptop uses with your cellular provider or ISP. An attacker could receive enough information about your phone or laptop to conduct more harmful cyber attacks. BlueBugging BlueBugging is an exploit that was developed after it was seen how easy BlueJacking and BlueSnarfing can be to conduct. BlueBugging uses Bluetooth to establish a backdoor on a victim’s phone or laptop. Backdoors are very dangerous because they can give a malicious outsider inside access to your device and sensitive information. Basically they can use the backdoor to spy on your activity. They may even be able to pretend to be you on social media or your online banking! 4 Bluetooth security tips Fortunately there’s a lot you c |
| Envoyé | Oui |
| Condensat | “find able about access ache activity advertising after against all already also always amazon annoyance annoying another anything apple are ask associated attack attacker attackers attacks avoid backdoor backdoors bank banking basically battery because between blue bluebugging bluejacking bluesmack bluesmacking bluesnarfing bluetooth bluetooth’s broadcasting but can car cellular clicking close code common communicate company concept concerned conduct connect contain convenience couch could couldn’t course cyber cybersecurity dangerous data days denial designed destructive developed device device” devices discoverable distraction don’t down earbuds easier easy else emails enabled encrypt enjoy enough entering entice entity establish even everything execute explained exploit exploits far feet files find finish first force forms fortunately from general get gets give google grabs handle hands harmful has have headphones helps hijacking hijacks how hyperlink i’d identifying income inconvenience information inside isp it’s its just know l2cap laptop large layer least leave less like link lock lose lot make malicious malware may means media message messages meters might minor mitigate mitigating mode more most much must myself names naming need networking new nor not notice off one online only outsider overall oversized overwhelmed packet packets pairing parties passwords past perhaps peripheral peripheral’s phishing phone photos physically pizza plus possible power pretend pretends probably provider range really reason reasons rebooting receive recover relatively remotely risks room same save security see seen send sends sensitive sent server service set should shouldn’t shuts similar sitting social some sounds spam specific spy stack standard stomach street such take target targeted tax technical technologies technology ten text than thankfully them there’s these they’re thirty through tips transfer transferring trend tried trusted trustworthy turn types unauthorized underestimated understand unique use uses using usually vector very victim victim’s walk want way ways website what what’s whatever when where whereas whichever widespread wifi will wireless wires without word worrisome would you’ll you’re your |
| Tags | Spam |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.