BlueBorne: Wormable Bluetooth Attack

Armis Labs revealed a new attack vector endangering major mobile, desktop, and IoT operating systems, including Android, iOS, Windows, and Linux, and the devices using them. The new vector is dubbed “BlueBorne”, as it spread through the air (airborne) and attacks devices via Bluetooth. Armis has also disclosed eight related zero-day vulnerabilities, four of which are classified as critical. BlueBorne allows attackers to take control of devices, access corporate data and networks, penetrate secure “air-gapped” networks, and spread malware laterally to adjacent devices. Armis reported these vulnerabilities to the responsible actors, and is working with them as patches are being identified and released.

What Is BlueBorne?
BlueBorne is an attack vector by which hackers can leverage Bluetooth connections to penetrate and take complete control over targeted devices. BlueBorne affects ordinary computers, mobile phones, and the expanding realm of IoT devices. The attack does not require the targeted device to be paired to the attacker’s device, or even to be set on discoverable mode. Armis Labs has identified eight zero-day vulnerabilities so far, which indicate the existence and potential of the attack vector. Armis believes many more vulnerabilities await discovery in the various platforms using Bluetooth. These vulnerabilities are fully operational, and can be successfully exploited, as demonstrated in our research. The BlueBorne attack vector can be used to conduct a large range of offenses, including remote code execution as well as Man-in-The-Middle attacks.

Additional Information: Download our Technical White Paper on BlueBorne

These vulnerabilities include:

  • Information Leak Vulnerability in Android (CVE-2017-0785)
  • Remote Code Execution Vulnerability (CVE-2017-0781) in Android’s Bluetooth Network Encapsulation Protocol (BNEP) service
  • Remote Code Execution Vulnerability (CVE-2017-0782) in Android BNEP’s Personal Area Networking (PAN) profile
  • The Bluetooth Pineapple in Android—Logical flaw (CVE-2017-0783)
  • Linux kernel Remote Code Execution vulnerability (CVE-2017-1000251)
  • Linux Bluetooth stack (BlueZ) information leak vulnerability (CVE-2017-1000250)
  • The Bluetooth Pineapple in Windows—Logical flaw (CVE-2017-8628)
  • Apple Low Energy Audio Protocol Remote Code Execution vulnerability (CVE Pending)

Blueborne – Android Take Over Demo

 

Install BlueBorne Vulnerability Scanner by Armis app (created by Armis team) from Google Play Store to check if their devices are vulnerable to BlueBorne attack or not. If found vulnerable, you are advised to turn off Bluetooth on your device when not in use.

India Today OnePlus 5 available at 10% discount* to students

If you haven’t upgraded your smartphone before making a return to college, OnePlus is now willing to shave 10 percent off the price of its latest flagship, the OnePlus 5. You’ll have to verify that you’re actually a student to receive the coupon code, but it seems like that’s really all there is to it. Once that step’s done, you can save a bit of money and get yourself a device that very few people on campus will have.

The offer is open in the United States, Canada, UK, Germany, France, Italy, Spain, Netherlands, Denmark, Sweden, Finland, Austria, Belgium, Portugal, Poland, Slovenia, Czech Republic, Croatia, and Hungary. You’ll have a month to use your discount code, but students will be able toredeem the deal once each year while enrolled.

You’ll have to verify that you’re a student by logging in to a Student Beans account (or create a new one if needed). More information is available at OnePlus via the two source links below.

sources: OnePlus Student ProgramProgram announcement

Nokia 6 Flash Sale in India Today via Amazon: Time, Price, Offers, Specifications

Nokia 6 price in India, launch offers

The Nokia 6 price in India is Rs. 14,999. Launch offers on Amazon India include Rs. 1,000 Amazon Pay balance for Amazon Prime members, 80 percent off Kindle ebooks up to Rs. 300, Rs. 2,500 discount on MakeMyTrip (Rs. 1,800 on hotels and Rs. 700 on flights), as well as 45GB of free data from Vodafone across a five month period.

Simplify your smartphone buying decision with the Nokia 6, available exclusively at Amazon India. Packed with features such as 5.5 inch full HD display, 16MP back camera, 8MP front camera, octa-core processor, dual speakers, fingerprint sensor and more, make this your next smartphone by shopping at Amazon.in.

How to Manually install OnePlus 5 OxygenOS 4.5.8

oneplus 5

Download OnePlus 5 OxygenOS 4.5.8

  • OxygenOS 4.5.8 OTA for OnePlus 5 – Coming Soon
  • OxygenOS 4.5.8 Full ROM for OnePlus 5 – Download Here

Install OnePlus 5 OxygenOS 4.5.8 Update
1. Visit this link and download the OxygenOS 4.5.8 full ROM and save the ZIP file on your phone.

2. Now Navigate to Phone Settings > System Updates > Settings Icon > Local Upgrade & Select the ROM File

3. Once selected system would prompt upgrade now

4. Select upgrade now and the system would reboot into stock recovery and flash the ROM file.

5. The installer would itself flash the ROM and reboot the device.

Now your phone will reboot and your OnePlus 5 is now running on the latest OxygenOS 4.5.8 firmware & OS based on 7.1.1 Nougat.