Últimas notícias

Fique informado

Bluetooth Flaw Could Let Hackers Attack You Wirelessly From 800 Feet Away

14 de setembro de 2020


Reconhecimento facial sem prova de vida está com os dias contados, afirma CEO de uma das principais plataformas brasileiras de biometria facial

Conversamos com José Luis Volpini, CEO da CredDefense, uma das pioneiras e mais conceituadas plataformas de biometria facial do mercado brasileiro.

6 de janeiro de 2021

Carimbo do Tempo dá início ao fim da era dos protocolos proprietários na ICP-Brasil. Ouça

Segundo Dr. Roberto Gallo, o fim da era dos protocolos proprietários na ICP-Brasil tem data marcada e deve beneficiar fabricantes, prestadores de serviços e clientes finais.

28 de dezembro de 2020

Em tempo de mobilidade extrema e home office, como controlar o perímetro de segurança da empresa? Ouça

Conversamos com Jan Rochat da AET Europe, sobre a eficiência das tecnologias que protegem as informações das empresas, especialmente nesse momento de extrema necessidade de mobilidade das pessoas em “home office.

8 de dezembro de 2020

Identificar, confiar e conectar. Quantas vezes por dia nos autenticamos?

Controlar credencias de acesso nas organizações é tão difícil quanto

2 de dezembro de 2020

Doutor Fabiano Menke Concede Entrevista Sobre a Evolução das Assinaturas Eletrônicas

Nesta entrevista Dr. Fabiano Menke fala sobre a Lei 14.063 de setembro de 2020 e sobre o Decreto 14.543 de novembro de 2020 sobre os tipos de assinaturas eletrônicas

25 de novembro de 2020

Performance Improvements via Formally-Verified Cryptography in Firefox

Cryptographic primitives, while extremely complex and difficult to implement, audit, and validate, are critical for security on the web.

7 de julho de 2020

Maximum SSL/TLS Certificate Validity is Now One Year. By Patrick Nohe

Starting on September 1st, SSL/TLS certificates cannot be issued for longer than 13 months (397 days). This change was first announced by Apple, at the CA/Browser Forum Spring Face-to-Face event in Bratislava back in March.

1 de julho de 2020

Your laptop, smartphone or tablet’s Bluetooth chip provides an easy way to connect wireless speakers, keyboards and other accessories. It may also be opening you up to a nasty new cyber attack

By Lee Mathews

Lee Mathews – Contributor at Forbes

Two independent teams of researchers, one from Purdue University and another at the École polytechnique fédérale de Lausanne, identified a new flaw that affects Bluetooth 4.0 and Bluetooth 5.0. This new vulnerability has been dubbed BLURtooth.

Both version allow connections from a fair distance away — up to 200 feet for Bluetooth 4.0 and around 800 feet for Bluetooth 5.0. A malicious hacker could potentially attack a vulnerable device from more than two football fields away.

What makes a device vulnerable? It has to support both the Bluetooth Basic Rate/Enhanced Data Rate and Bluetooth Low Energy protocol and protocols. It also has to support Cross-Transport Key Derivation (CTKD) for device pairing.

That covers a broad swath of Bluetooth-enabled devices, from smartphones to fitness trackers to speakers. According to the researchers, any of these devices could be compromised wirelessly by an attacker.

Properly exploited, BLURtooth would allow the attacker to pair his or her own devices without the user’s knowledge. No prompt would ever appear asking the user to confirm the connection or enter a PIN because the attacker is able to either overwrite encryption keys or forced the connection to use weaker encryption.

Once connected, the attacker could “gain additional access to profiles or services that are not otherwise restricted.” These ‘man-in-the-middle’ attacks could allow a hacker to do things like steal keystrokes or eavesdrop on audio.

The research team has disclosed the BLURtooth vulnerability to Bluetooth SIG, which in turn began notifying hardware vendors. The researchers note that the SIG has provided guidance on how the threat can be mitigated — including only allowing pairing operations when a user manually enables pairing mode.

Many devices will require either software or firmware updates. While assurances have been made that those patches will be delivered, there’s really no way to know how long it will take at this point.

It’s an incredibly complicated proposal given the wide variety of devices impacted. Fortunately, there are certain ones that can be protected right now.

The newer Bluetooth 5.1 standard already supports features that should be able to prevent a BLUR attack. Manufacturers of devices utilizing Bluetooth 5.1 may be able to deliver patches much more rapidly.

Source: Forbes

North Korea-Linked Hackers Are Now Spreading Their Own Ransomware

The Future of Privacy – Why Using and Protecting Personal Data Is a Vital Business Imperative

Safe handling of digital identities: 5 key questions.

Content Syndication

Content Syndication – the content distribution is a method of republishing content developed by your company on other websites to reach a wider audience and bring new visitors to your site. Contact us about Content Syndication, contato@cryptoid.com.br | +55 11 3881 0019.

Surprise yourself with the quality of our audience! Media Kit.