SweynTooth 취약점의 영향을받는 Bluetooth LE 장치

ment 2/24 '20 posted (2/24 '20 edited) 뉴스 IT

• 일부 장치는 충돌 또는 오류 후에 자동으로 재부팅됩니다. 다른 것들은 원하지 않는 상태로 실패 할 수 있습니다.

• BLE는 심박 조율기, 혈당 모니터, 피트니스 트래커, 스마트 잠금 장치 및 수십 가지 의료 도구 및 임플란트와 다른 IoT 및 스마트 홈 장치에 사용됩니다.

• BLE는 모바일 및 사물 인터넷 (IoT) 장치의 배터리 소모를 줄이도록 설계된 무선 통신 기술입니다.

• 6 개의 주요 SoC 공급 업체의 BLE 소프트웨어 개발 키트 (SDK)에는 Bluetooth 범위 내의 공격자가 트리거할 수있는 많은 취약점이 포함되어 있습니다.

• Texas Instruments, NXP, Cypress, Dialog Semiconductors, Microchip, STMicroelectronics 및 Telink Semiconductor를 포함한 영향을 받는 공급 업체에 통보되었으며 거의 모든 패치가 이미 릴리스되었습니다.

Bluetooth bugs - researchers find 10 “Sweyntooth” security holes [nakedsecurity.sophos.com]

ğŸ˜· Corona why us? / Humans + Tech - #17 [humansplustech.substack.com]

SweynTooth: Bluetooth Vulnerabilities Expose Many Devices to Attacks [www.securityweek.com]

Bluetooth LE devices impacted by SweynTooth vulnerabilities [www.zdnet.com]

newest replies popular replies

Open Wiki - Feel free to edit it. -

2/24 '20 answered

“For all of these affected devices, they either won't be patched at all or will require huge effort to be updated."

?‍♂️ #healthcare https://t.co/9zNsjrxGCz
— Aaron Miri (@AaronMiri) February 21, 2020

Bluetooth is used in everything from speakers to implanted pacemakers, which means that Bluetooth-related vulnerabilities can affect a dizzying array of devices—in this case more than 480 of them. https://t.co/Wt0hgRQUoI
— WIRED (@WIRED) February 20, 2020

It should be ILLEGAL to install pacemakers that don’t have the same level of quality scrutiny as safety-critical transportation systems... wait, those criteria are all eff’d up too. https://t.co/iTr7mZZDf2
— Matt (@mattk) February 22, 2020

Researchers from Singapore have identified a number of security holes in #Bluetooth chips from several different vendors. ?#cybersecurity #devicesecurity #infosecurity https://t.co/C3XxNgjHvJ
— MRG Effitas (@mrgeffitas) February 21, 2020

#Bluetooth bugs – researchers find 10 “#Sweyntooth” security holes: More trouble in the Internet of… https://t.co/GN9bVdy5HW @RedSeal_co pic.twitter.com/zBfe19igsf
— Debra Baker (@deb_infosec) February 16, 2020

Bluetooth bugs – researchers find 10 “Sweyntooth” security holes https://t.co/bucE82kYH6 #cybersecurity #cybernews
— Moix Security (@moixsec) February 15, 2020

Bluetooth bugs – researchers find 10 “Sweyntooth” security holes https://t.co/XnmoJXUoQk #infosec pic.twitter.com/g5fNB0j4Nm
— #AI (@AI__TECH) February 15, 2020

St. Valentine's Sweyntooth massacre!! ??? https://t.co/t98ynH9Oeu #infosec #EthicalHacking #ITSecurity #ITSEC #CyberSecurity #hacking #ransonware #PatchTuesday #windows #Microsoft #android #StaySafeOnline #Taiyyib #ransonware #malware #SecurityIntelligence
— Tᵃᶦʸʸᶦᵇ Aᶻᵃᵐ ? (@taiyyib) February 15, 2020

Bluetooth-Related Flaws Threaten Dozens of Medical Devices https://t.co/XROSnhXlu6 #cybersecurity #securitynews #breaches #russia #privacy #malware Thanks to Wired for this story Hundreds of smart devices—including pacemakers—are exposed thanks to a series of vulnerabilities in…
— cyberpress (@cyberpress_ak) February 23, 2020

“For all of these affected devices, they either won't be patched at all or will require huge effort to be updated."

?‍♂️ #healthcare https://t.co/9zNsjrxGCz
— Aaron Miri (@AaronMiri) February 21, 2020

Bluetooth-Related Flaws Threaten Dozens of Medical Devices https://t.co/xGvRB7ropB
— Evan Kirstel (@evankirstel) February 21, 2020

Hundreds of smart devices—including pacemakers—are exposed thanks to a series of vulnerabilities in the Bluetooth Low Energy protocol. https://t.co/PQYeCLg9Ei
— Adam Levin (@Adam_K_Levin) February 20, 2020

Bluetooth-Related Flaws Threaten Dozens of Medical Devices https://t.co/xGvRB7ropB #HIMSS20 #CyberSecurity #healthIT pic.twitter.com/j8h44Xmwjl
— Evan Kirstel (@evankirstel) February 21, 2020

[VUL] Unknown number of Bluetooth LE devices #impacted by #SweynTooth #vulnerabilities.
To read more visit: https://t.co/Ta0TzTVgSr #CyberSecurity #security #ThreatIntel
— Paladion Threat Anticipation (@CtacPaladion) February 15, 2020

SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors#cybersecurity #informationsecurity #networksecurity #informationtechnology #vulnerability #security #hacking #bluetooth #securitynews #vaultinfosec #wevowyoursecurity https://t.co/7mCDtnIpys
— Vault Infosec (@vaultinfosec) February 17, 2020

Unknown number of Bluetooth LE devices impacted by SweynTooth vulnerabilities

- SweynTooth impacts BLE SDKs
- Six vendors of BLE-capable SOCs are impacted
- More to be revealed laterhttps://t.co/nLmbbOFEeX pic.twitter.com/Fn8gs8cg67
— Catalin Cimpanu (@campuscodi) February 15, 2020

Affected SoCs: Texas Instruments, NXP, Cypress, Dialog Semiconductors, Microchip, STMicroelectronics, and Telink Semiconductor...https://t.co/q4vyq8EnjY
— Lup Yuen Lee 李立源 (@MisterTechBlog) February 17, 2020

Unknown number of Bluetooth LE devices impacted by SweynTooth vulnerabilities https://t.co/HwhulxHfW1 by @campuscodi
— ZDNet (@ZDNet) February 15, 2020

permanent link

Open Wiki - Feel free to edit it. -

2/24 '20 answered

Bluetooth bugs – researchers find 10 “Sweyntooth” security holes – Naked Security#Bluetooth #Vulnerability #MobileSecurity #InfoSec #CyberSecurity #Podcast https://t.co/8XSR03XAnB
— it-soft GmbH (@itsoftgmbh) February 24, 2020

Bluetooth-Related Flaws Threaten Dozens of Medical Devices https://t.co/xGvRB7IZh9
— Evan Kirstel (@evankirstel) February 24, 2020

Bluetooth-Related Flaws Threaten Dozens of Medical Devices | WIRED https://t.co/xGvRB7ropB
— Evan Kirstel (@evankirstel) February 24, 2020

#CyberSaturday

If you make connected devices/products (aka IoT), be aware of liabilities associated with that connectivity. Ensure your insurance will cover security flaws, no matter how long they take to find. #iot #connecteddevices #cybersecurity https://t.co/o5J33q8jed
— Susan L Combs (@InsuranceVixen) February 22, 2020

permanent link

Featured

Important Notice: Discontinuation of Our Wiki Service

Dear Valued Users,

We hope this message finds you well. We are writing to inform you of an important upcoming change to our services. After careful consideration and analysis, we have made the difficult decision to discontinue our wiki site, effective one month from 2024/04/30.

This was not an easy decision to make, as we understand the importance of the resources and community that have been built around our wiki. However, due to evolving market conditions and strategic realignments, we must redirect our resources and efforts towards other ventures that will allow us to serve you better in the future.

What This Means for You:

Access to Content: You will continue to have full access to all content on the wiki until the discontinuation date. We encourage you to save or migrate any content you wish to retain.
Final Date of Service: The wiki will become inaccessible starting 1st June 2024, after which all content will be permanently removed.

We are immensely grateful for the support and contributions of our user community throughout the years. The wiki is being retired, but our team will be back soon with new services and apps.

Thank you for being a part of our journey.

Warm regards,

editoy Inc.