Breaking News: new Bluetooth vulnerabilities
September 2017 by David Dufour, Senior Director of Security Architecture at Webroot
The comment from David Dufour, Senior Director of Security Architecture at Webroot on the newly discovered suite of security vulnerabilities in Bluetooth devices that gives attackers the ability to take over major mobile, desktop, and IoT operating systems, including Android, iOS, Windows and Linux.
“BlueBorne is another example of how simple it is for hackers to quickly scan for and then exploit, open Bluetooth devices. The learning curve to scan for Bluetooth devices isn’t that much greater than scanning for WiFi access points. To protect devices, users should turn off Bluetooth immediately after they are finished using it. Additionally, users should never connect to Bluetooth with a device that is running an old version of the software.
For a while, Bluetooth vulnerabilities had died down as the industry responded and fixed known exploits, but this incident may be the tip of the iceberg once again. Just as we’ve seen a resurgence in worms, hackers often come back to repurpose the same exploits. Unfortunately in these cases, many connected devices don’t allow for patch management and become easy targets.”