The guys are one short this week as they take on BlueBorne, KRaCK and a 4G/5G network flaw.

Topic 1 – BlueBorne Bluetooth Vulnerabilities 

Blueborne is a collection of bluetooth vulnerabilities that affects many devices including IoT devices: 

https://www.armis.com/blueborne/

https://www.theverge.com/2017/9/12/16294904/bluetooth-hack-exploit-android-linux-blueborne

https://arstechnica.com/information-technology/2017/09/bluetooth-bugs-open-billions-of-devices-to-attacks-no-clicking-required/

Topic 2 – Key Reinstallation Attack (KRACK) – WPA2 Encryption Vulnerability

This is a new serious vulnerability that affects WPA2 used by the majority of wi-fi routers. 

https://papers.mathyvanhoef.com/ccs2017.pdf

https://www.reddit.com/r/PFSENSE/comments/76ksdi/core_protocollevel_flaw_in_wpa2_possible_impact/

WPA2: Broken with KRACK. What now?

https://www.krackattacks.com/

Topic 3 – New 4G, 5G Network Flaw

A “worrisome” new network flaw that affects 4G, 5G voice and data convergence technologies that allow attackers to hijack mobile data and launch DDOS attacks. 

https://www.darkreading.com/perimeter/new-4g-5g-network-flaw-worrisome-/d/d-id/1330062