It endangers major mobile, desktop, and IoT operating systems, including
Android, iOS, Windows, and Linux, and the devices using them. It can spread
through the air (airborne) and attacks devices via Bluetooth. Armis, the security organization
that first discovered the vulnerability, has also disclosed eight related zero-day
vulnerabilities, three of which are classified as critical. BlueBorne allows
attackers to take control of devices, access corporate data and networks,
penetrate secure “air-gapped” networks, and spread malware laterally to
adjacent devices. This is just another clear indication that the current
standards set by the mainstream security space is inadequate. See BlueBorne Video On how it Operates...
New Dangers...
What
makes BlueBorne special is that unlike similar attacks such as the recent one
against Broadcom
Wi-Fi chips,
which also happened to be airborne, the BlueBorne attack doesn’t affect only
the peripherals of a device but can give an attacker full control over the
infected device right from the start.
against Broadcom
Wi-Fi chips,
which also happened to be airborne, the BlueBorne attack doesn’t affect only
the peripherals of a device but can give an attacker full control over the
infected device right from the start.
Armis,
said that Bluetooth software offers a larger attack surface than Wi-Fi software
does, especially since it's been largely ignored by the security community
until now.
The
airborne attacks are also easier to spread because the user doesn’t have to
download or click anything for the infection to occur. Such attacks are
compatible with all software versions of a device, as long as Bluetooth is
active.
Devices
with Bluetooth enabled are constantly searching for other Bluetooth devices,
which can allow an attacker to use the BlueBorne vulnerability to connect to it
without having to pair with said device. This makes BlueBorne one of the most
broad potential attacks in recent years, while allowing attackers to strike
undetected.
Now - not just one to present a problem and run away, we do know of a solution. The good news is that it doesn't
rely on signatures or behavioral indicators and is over 98% effective at
identifying previously Unknown (zero day) malware.
Light at the end of the Tunnel...
- Identifies
and blocks both known and unknown threats.
- Easy
integration with centralized SIEM solutions.
- Small
footprint client provides real time protection without the use of
signatures.
- Real
time detection and prevention of malware through the application of
Infinity machine learning models.
- Memory
protection and execution control through kernel modules to address
advanced non-resident based threat tactics including Injection/Hijacking
techniques, overflows, and in-memory execution techniques
- Whitelist
and blacklist support for administrative granularity
- Detection
mode (passive auditing mode)
- Self-protection
(prevention against user or attacker tampering)
- Complete
control, update and configuration from the management console
Effective defense requires identifying when popular approaches
are no longer working and then adapting.
Sign up for one of their upcoming webinars or contact Sales at ContinuityFocus.com
(800) 399-6085 x502 or
email rick.ricker@ContinuityFocus.com
___________________________________________
We would like to thank our sponsors, for without them - our fine content wouldn't be deliverable!
Source(s)
- https://www.armis.com/blueborne/
- https://www.tomsguide.com/us/blueborne-bluetooth-security-flaws,news-25836.html
So “Once more unto the breach, dear friends, once more;”
____________________________________________________________
About Rick Ricker
An IT professional with over 23 years experience in Information Security, wireless broadband, network and Infrastructure design, development, and support.
For more information, contact Rick at (800) 399-6085 x502
About Rick Ricker
No comments:
Post a Comment
Thanks for your input, your ideas, critiques, suggestions are always welcome...
- Wasabi Roll Staff