A newly discovered Bluetooth vulnerability that was published this week by Intel has the potential to allow a nearby hacker to gain unauthorized access to a device, intercepting traffic and sending forged pairing messages between two vulnerable Bluetooth devices.
The vulnerability affects Bluetooth implementations and operating system drivers of Apple, Broadcom, Intel, and Qualcomm.
From Intel’s explanation:
A vulnerability in Bluetooth(R) pairing potentially allows an attacker with physical proximity (within 30 meters) to gain unauthorized access via an adjacent network, intercept traffic and send forged pairing messages between two vulnerable [...]
iOS 12 introduces USB restrictions that effectively put an end to law enforcement access to iPhones and iPads using devices like the GrayKey box, but Grayshift, the company that makes the box, may have already developed a workaround.
VICE’s Motherboard shared an email from a forensic expert who planned to meet with Grayshift, which said the company had „gone to great lengths“ to futureproof its technology and that USB Restricted Mode had been „already defeated.“
Grayshift’s GrayKey iPhone unlocking box, via MalwareBytes
„Grayshift has gone to great lengths to future proof their technology and stated that they have [...]
Apple today confirmed that it has addressed the recent „Meltdown“ vulnerability in previously released iOS 11.2, macOS 10.13.2, and tvOS 11.2 updates, with additional fixes coming to Safari in the near future to defend against the „Spectre“ vulnerability.
Apple has also confirmed that the two vulnerabilities affect all Mac and iOS devices. The company’s full statement, available through a new support document covering Meltdown and Spectre, is below:
Security researchers have recently uncovered security issues known by two names, Meltdown and Spectre. These issues apply to all modern processors and affect nearly all computing devices and [...]
A serious design flaw and security vulnerability discovered in Intel CPUs has reportedly already been partially addressed by Apple in the recent macOS 10.13.2 update, which was released to the public on December 6.
According to developer Alex Ionescu, Apple introduced a fix in macOS 10.13.2, with additional tweaks set to be introduced in macOS 10.13.3, currently in beta testing. AppleInsider also says that it has heard from „multiple sources within Apple“ that updates made in macOS 10.13.2 have mitigated „most“ security concerns associated with the KPTI vulnerability.
The question on everyone's minds: Does [...]