BrakTooth Flaws Affect Billions of Bluetooth Devices

When Apple announced in August that it would check for child sexual abuse materials on its customers’ devices, privacy advocates and cryptographers immediately and loudly rejected the idea. In the face of that sustained backlash, the company said Friday that it would stand down, at least for now. While Apple hasn’t reversed course completely, many of its critics were at least relieved that it’s taking more time to hear out their concerns before pushing the system live.

In Louisiana, hundreds of thousands of people remain without power several days after Hurricane Ida tore through. We took a look at what it takes to get lights back on in New Orleans and the surrounding parishes, and why it could be weeks still until everyone’s back up and running.

Happy Labor Day weekend to those who celebrate! Well, except for ransomware gangs and other hackers, who use long weekends and holidays to inflict maximum pain on targets who are likely to be short-staffed or distracted. The biggest ransomware hacks of the year have taken place before Mother’s Day, Memorial Day, and the Fourth of July. Like clockwork, not long after we published this story US Cyber Command warned of a “mass exploitation” of a flaw in remote management software from Atlassian. Hope you got your patches done! On a more individual level, here’s a guide from our friends at WIRED UK to help prevent getting hacked yourself.

And there’s more! Each week we round up all the security news WIRED didn’t cover in depth. Click on the headlines to read the full stories, and stay safe out there.

We’ve written about big Bluetooth flaws so many times, not to mention why they keep happening and why you might want to turn Bluetooth off when you’re not using it as a result. Which is to say that the existence of a new set of flaws, known collectively as BrakTooth, should not be surprising. But it also shouldn’t be ignored; the vulnerabilities can lead to a range of outcomes, up to and including the ability to execute malware on a device. On a less destructive but still annoying level, an attacker could us the flaws to crash a nearby Bluetooth device. Given the huge number of affected companies, it’s impossible to know how many potential targets are patched or ever will be. Add BrakTooth to the increasingly alarming pile.

The FTC this week banned a company called SpyFone from selling surveillance software, a first for the agency. It took the additional step of ordering SpyFone to notify anyone who had the spyware installed on their device. The app and others like it can give stalkers an abusers a way to monitor a victim’s photos, texts, emails, location, and more. The FTC ordered the company to delete any of that information it may still have on its servers. Spyware remains a bustling industry in general, so the FTC should have no shortage of opportunities for further enforcement.

Speaking of enforcement! Ireland’s Data Protection Commission fined WhatsApp the equivalent of close to $270 million for not properly informing European Union residents what it does with their data. The ruling relates to WhatsApp’s longstanding practice of sharing user data with parent company Facebook, which many people were surprised to discover when the secure messaging company finally got around to updating its privacy policy earlier this year. The ruling gives WhatsApp three months to come into compliance with the EU’s General Data Protection Regulation; WhatsApp has said it will appeal the decision.

The OMG cable, first introduced in 2019, is something of a hacker’s delight. While it looks like a normal Lightning cable, it creates its own hotspot, allowing hackers connect to any device that it plugs into. From there, they can implant malware, steal data, or record keystrokes. The latest version, demonstrated this week, comes in new formats like Lightning to USB-C and USB-C to USB-C, has a wider range, and introduces geofencing features. You should only be using cables from trusted sources anyway, but let this be a reminder.


More Great WIRED Stories

Source: BrakTooth Flaws Affect Billions of Bluetooth Devices

*This is a free press release. Upgraded press releases are ad-free!

New Tropical Depression Forms; Odette Well Offshore

A file photo of a tropical storm over Florida and Georgia. (NOAA via Getty Images) MIAMI—Forecasters announced the formation of a new tropical depression in the Atlantic Ocean on Saturday night, as the former tropical storm named Odette headed well offshore of Nova Scotia in Canada. Tropical depression Sixteen was located 670 miles (1,080 kilometers)…

Read Press Release

Emmys 2021 on Sunday: Start time and how to watch or stream online – CNET

The Emmys are absolutely stacked this year. VALERIE MACON/AFP via Getty Images It’s been a huge year for TV, and you’re probably more than ready to watch the 2021 Primetime Emmys. The award ceremony takes place Sunday, with shows like Mare of Easttown, The Queen’s Gambit, I May Destroy You and WandaVision competing in the night’s many categories.Recently, the Creative Emmys…

Read Press Release

Evergrande Moment of Truth Arrives With Bond Payment Deadlines

(Bloomberg) — China Evergrande Group bondholders are about to find out if the property giant’s liquidity crisis is as dire as it appears.Interest payments on two Evergrande notes come due Thursday, a key test of whether the developer will continue meeting obligations to bondholders even as it falls behind on payments to banks, suppliers and…

Read Press Release

ADA Price Slides 20% Over 2 Weeks

Cardano network is looking at a massive bounty of new smart contractsSmart contract application delay affecting Cardano prices negatively2,352 smart contracts which have been initiated in the Cardano platformFlush with the success of the Alonzo hard fork, the Cardano network is looking at a huge swathe of new smart contracts. However, it will be some…

Read Press Release

BrakTooth Flaws Affect Billions of Bluetooth Devices - Click To Share

Share on facebook
Share on twitter
Share on reddit
Share on linkedin
Share on email
Share on whatsapp