#EncryptionFlaws

Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users

by

April 24, 2024 at 05:45AM Security vulnerabilities in cloud-based pinyin keyboard apps, discovered by Citizen Lab, could expose users’ keystrokes to exploitation. Weaknesses found in apps from major vendors affect close to one billion users. Critical flaws in encryption protocols allow adversaries to decrypt keystrokes passively. Most vendors have addressed the issues, but users are … Read more

New BLUFFS Bluetooth Attack Expose Devices to Adversary-in-the-Middle Attacks

by

December 4, 2023 at 08:36AM New BLUFFS vulnerabilities, detailed in CVE-2023-24023 with a 6.8 CVSS score, compromise Bluetooth Classic’s forward and future secrecy by enabling adversaries to impersonate devices and intercept communications between paired devices. Researchers suggest mitigation by using secure connection modes and sufficient key entropy. Key Takeaways from the Meeting on Bluetooth Vulnerability … Read more