Deep into Android Bluetooth Bug Hunting: New Attack Surfaces and Weak Code Patterns | allinfosecnews.com

March 31, 2023, 7:30 p.m. | Black Hat

Black Hat www.youtube.com

In the past few years, researchers have found hundreds of security vulnerabilities in the AOSP Bluetooth module such as Blueborne and BlueFrag. Almost all of these vulnerabilities are caused by the process not properly validating the remote user-supplied data, when parsing the Bluetooth request packet.In this context, in order to improve the security of Bluetooth, Google has adopted a variety of hardening methods:1. Validate the length of incoming Bluetooth packets.2. Implement a new and more secure AVRCP profile.3. Rewrite Bluetooth …

android aosp attack bluetooth bug bug hunting code context data google hardening hunting length order packet packets parsing patterns process profile request researchers rust security vulnerabilities

More from www.youtube.com / Black Hat

Startup Spotlight Competition at Black Hat 2 days, 5 hours ago | www.youtube.com

bhusa blackhat cybersecurity infosec +1

Locknote: Conclusions and Key Takeaways from Day 2 3 weeks ago | www.youtube.com

black hat black hat europe board board members +15

Locknote: Conclusions and Key Takeaways from Day 1 3 weeks ago | www.youtube.com

black hat black hat europe board board members +16

Keynote: My Lessons from the Uber Case 3 weeks ago | www.youtube.com

addition best practices case convicted +16

Keynote: Industrialising Cyber Defence in an Asymmetric World 3 weeks, 1 day ago | www.youtube.com

adversaries challenge cyber cyber defence +10

The Black Hat Europe Network Operations Center (NOC) Report 3 weeks, 1 day ago | www.youtube.com

back black hat black hat europe center +14

My Invisible Adversary: Burnout 3 weeks, 5 days ago | www.youtube.com

adversary attackers attacks burnout +11

The Magnetic Pull of Mutable Protection: Worked Examples in Cryptographic Agility 3 weeks, 5 days ago | www.youtube.com

analysis ask bad codeql +10

A World-View of IP Spoofing in L4 Volumetric DoS Attacks - and a Call to … 3 weeks, 6 days ago | www.youtube.com

attacks call cloudflare detection +10

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote

View on infosec-jobs.com

Security Engineer II- Full stack Java with React

@ JPMorgan Chase & Co. | Hyderabad, Telangana, India

View on infosec-jobs.com

Cybersecurity SecOps

@ GFT Technologies | Mexico City, MX, 11850

View on infosec-jobs.com

Senior Information Security Advisor

@ Sun Life | Sun Life Toronto One York

View on infosec-jobs.com

Contract Special Security Officer (CSSO) - Top Secret Clearance

@ SpaceX | Hawthorne, CA

View on infosec-jobs.com

Early Career Cyber Security Operations Center (SOC) Analyst

@ State Street | Quincy, Massachusetts

View on infosec-jobs.com