Xeno Kovah

Q for IT defenders: How would you tell if your Bluetooth-enabled light switches, WiFi access points, phones, door access control, HVAC, TVs, vending machines, etc had a worm spreading via BT?

The answer today is, you wouldn't. The goal of this class is to provide you with the start of an answer for tomorrow. This class covers a tool that can be used to look for out of date patch status or tomorrow's indicators of compromise.

And lest you think there aren’t wormable unpatched BT arbitrary code execution vulns out there. Here’s a very recent one which is still not patched on a bunch of devices (primary headphones): https://darkmentor.com/bt.html#Headphone%20Jacking%3A%20A%20Key%20to%20Your%20Phone:%5B%5BHeadphone%20Jacking%3A%20A%20Key%20to%20Your%20Phone%5D%5D%20%5B%5BBluetooth%20Security%20Timeline%5D%5D
From: @OpenSecurityTraining2
https://infosec.exchange/@OpenSecurityTraining2/114891137837815818

Bluetooth Security Timeline — By Xeno Kovah of Dark Mentor

Jul 25 at 12:04pmWeb
Show threadFritz AdalisJul 25
@xenokovah @OpenSecurityTraining2
@nzyme has the beginnings of this as well.
Show threadXeno KovahJul 25
@FritzAdalis @xenokovah @OpenSecurityTraining2 @nzyme Sure. It looks like “the beginnings” in the “printing default stuff Linux tells you” sense of the word. In that case there are 30 other people and companies which have the beginnings of this. This is not that.