An email asks the victim to open a link to confirm the delivery details. It directs to a fake courier page in which user has to digit only the password.
Security Affairs: BrakTooth is a bunch of 16 security flaws in Bluetooth stacks. The vulnerabilities impact 13 chipsets from 11 vendors, and can be exploited to execute arbitrary code and crash the devices via DoS attacks
BrakTooth is a bunch of 16 security flaws in commercial Bluetooth stacks, that can be exploited by threat actors to execute arbitrary code and crash the devices via DoS attacks. It has been denounced by Security Affairs. The issues were discovered by the ASSET (Automated Systems SEcuriTy) Research Group from the Singapore University of Technology and Design (SUTD), their name comes from the Norwegian word “Brak” which translates to ‘crash’. The vulnerabilities impact 13 Bluetooth chipsets from 11 vendors, including Intel, Qualcomm, and Texas Instruments, experts estimated that more than 1,400 commercial products may be impacted. As of today, the cybersecurity experts discovered 16 security vulnerabilities, with 20 common exposures (CVEs) already assigned and four vulnerabilities are pending CVE assignment from Intel and Qualcomm. The ASSET group has released the PoC tool to allow vendors to test their devices against the vulnerabilities.