"New BLUFFS Attack Lets Attackers Hijack Bluetooth Connections"

Researchers at Eurecom have developed six new attacks collectively dubbed BLUFFS that can breach Bluetooth session confidentiality, enabling device impersonation and Man-in-the-Middle (MitM) attacks. BLUFFS exploits two previously unknown vulnerabilities in the Bluetooth standard related to how session keys are derived for decrypting data in exchange. These flaws are architectural rather than hardware or software configuration-specific, affecting Bluetooth at a fundamental level. Given the widespread use of the wireless communication standard and the versions impacted by the exploits, BLUFFS could be used to attack billions of devices, including laptops, smartphones, and other mobile devices. This article continues to discuss how BLUFFS works.

Bleeping Computer reports "New BLUFFS Attack Lets Attackers Hijack Bluetooth Connections"

Submitted by grigby1