Multiple active exploits could affect iPhone use of Bluetooth.
Flipper Zero hacker tool could be used to trigger iPhone DDoS attack using Bluetooth signals by AirPods, HomeKit accessories, etc. These signals usually trigger popup on iPhone allowing to connect to headphones or perform other actions. Crafting these signals in a specific way could result in iOS restart.
Newly discovered BLUFFS attack could be used to impersonate devices and trigger disclosure of private information. It is not yet clear, if AirDrop is affected by this attack as it uses more than just Bluetooth to authenticate the device. However, it is still possible to hijack audio or other Bluetooth connection. Fix would require device manufacturers to modify security mechanisms of Bluetooth stack.
"Kids' Code" bill passed in California. This bill requires apps to be kids-safe by default.
A Californian bill colloquially known as the Kids’ Code has been unanimously passed by the State Senate, following earlier approval by the State Assembly. It now requires the signature of Gov. Gavin Newsom to take effect.
Apps should have guardrails for users under 18. This requirement might affect features of the applications, age verification might be required for more app sections.
Okta, single sign-on provider, recently got hacked. Clients using Okta for authentication are at risk.
After a thorough analysis of these claims, we have concluded that a small percentage of customers — approximately 2.5% — have potentially been impacted and whose data may have been viewed or acted upon. We have identified those customers and are contacting them directly. If you are an Okta customer and were impacted, we have already reached out directly by email. We are sharing this interim update, consistent with our values of customer success, integrity, and transparency.