Bluetooth keyboards have a vulnerability exposing operating systems to takeover flaws. Android, Apple, and Linux operating systems are in the crosshairs thanks to the flaw and all three OS hosts are releasing fixes for the bug. What you need to know can help save you from a weakness no one saw coming for nearly 20 years.
Security researcher Marc Newlin discovered the bug can lead to remote takeovers of devices. It involves using a fake Bluetooth keyboard to sidestep operating system user verification. This allows an attacker to take control of devices running on the three major operating systems as if they were the legitimate user. Since an attacker needs to be near the victim for it to work, it rules out attacks on a mass scale. But security professionals warn it can still be used for very specialized targeting.
OS Vulnerabilities
Android OS:
This flaw is exploitable whenever Bluetooth is enabled. An attacker inserts keystrokes and mimics the victim's keyboard even when the lock screen is enabled.
Linux OS: These devices are exploited similarly to Android when Bluetooth is enabled and connected. The attacker's keyboard is paired and matched without the user’s verification.
Mac OS:
Flaws are exploited when Bluetooth is enabled and a phone or computer is paired with a Magic Keyboard.
Ditching the messy wires and connections for Bluetooth is great but like many technology benefits, a cybercriminal may be lurking right around the corner. Fortunately, this OS vulnerability was found by one of the good guys. The cyber-smart thing to do is keep your software and hardware patched with the latest updates because you never know when they'll be needed. And remember to lock your computers and devices when you’re not using or near them.
Tips for Securing Your Mobile Devices
Published January 5, 2024
Nearly all of us these days have some type of mobile device that is essentially a part of us. It is filled with all kinds of personal information, such as our contacts, our email conversations, and perhaps even our health information. Losing it, having it accessed without permission, or finding out it’s infested with malware can be a really scary moment. Fortunately, there are some things you can do to protect those devices and the information on them.
Looney Tunables Linux OS Exploit Is Anything But Amusing
Published December 4, 2023
There’s a comical name for a serious Linux OS security vulnerability called Looney Tunables. This latest vulnerability exploit leads to elevated privileges, via a backdoor; a dangerous outcome. Like other operating systems, a Linux OS directly manages software, memory, storage, hardware, and other critical functions. So, when a vulnerability exploit like Looney Tunables targets the largest open-sourced OS in the world, it’s time for a closer look.
Linux Systems Targeted By Notorious Ransomware Hacking Group
Published April 1, 2023
A well-known ransomware group is focusing its efforts on Linux systems, a noticeable departure from their previous attacks on Windows operating systems. It’s a sign the notorious Clop hacking group continues to grow its ransomware campaigns despite prior efforts to shut the group down. Businesses currently using or switching to Linux systems need to be aware of Clop’s new focus for its ransomware attacks and plan their cybersecurity defenses accordingly.
Online Security Tips From The BBB
Published March 30, 2023
Champions of consumers that they are, the Better Business Bureau (BBB) posted a warning reminder on their website about some of the risky online scenario’s consumers face every day. Keeping cyber safety in the forefront of our online activities isn’t always easy, but it’s always possible to do. The BBB knows this and wants consumers to be aware of some of the latest cyber scams and just how truly slippery they can be. It’s well-worth heeding what the BBB has to say about cybercrime and how to avoid the pitfalls that every hacker hopes we fall into.
Researchers Remind MacOS Users They Are Also In Danger From Ransomware Threats
Published March 25, 2023
The continual evolution of ransomware techniques is one of the most pressing issues facing users of online technology. Microsoft’s Security Threat Intelligence group recently detailed several ransomware campaigns that extended their reach beyond Windows operating systems to target MacOS. Yes, it’s true. It’s not just Windows in the crosshairs anymore. Using strategies that are familiar to cyber criminals who attack Microsoft Windows and other operating systems, these attacks call for large ransom payments in exchange for a decryption tool.
