Security researchers find flaws in chips used in hospitals, factories and stores

[InfoSec News <alerts () infosecnews org>]

https://www.cnet.com/news/security-researchers-find-flaws-in-chips-used-in-hospitals-factories-and-stores/

By ALFRED NG
CNet News
NOVEMBER 1, 2018

Popular Wi-Fi access points used by businesses are open to two critical 
security flaws, researchers said Thursday.

Researchers at Armis Labs, a security company with a focus on internet of 
things devices, found in tests that a hacker could completely take over 
network access points using the vulnerabilities on Bluetooth Low Energy 
chips.

BLE is a different standard from Bluetooth. First introduced in 2011 as 
Bluetooth 4.0, it boasts a much longer battery life than its predecessor. 
Because of that longevity, BLE chips are more likely to be used in IoT 
devices and medical devices.

The BLE chip vulnerabilities -- researchers are labeling the pair of flaws 
"Bleeding Bit" -- would let attackers hijack vulnerable networks and 
spread malware to any devices connected to those networks, Armis Labs 
said. Though the hacker would have to be in the device's Bluetooth range, 
and the Wi-Fi access point would also need to be in scanning mode for the 
attack to work.

[...]



--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_