Car hacking again… now at high speed!

Not even a week has passed since I was writing about “Not yet worried about vehicle hacking? You should be!” and we see in the news that at Blackhat that exactly this is happening. At BlackHat USA this week, the security researchers Charlie Miller and Chris Valasek are scheduled to present their latest findings in the world of car hacking. Again ! Miller and Valasek have already made names for themselves last year with the dramatic hacking of Jeep Cherokee, a interfering with its entertainment system, engine and brakes, while it was being driven down a busy highway at 70mph. Fiat Chrysler announced…


Not yet worried about vehicle hacking? You should be!

  As a matter of fact, it is not only vehicles that can be hacked, actually any IoT device can be hacked. AV-Test.org published this paper about vulnerabilities in the fitness wristbands and Apple Watch, which shows how they tested and how secure the devices are. However, a hack of these IoT devices is not as dangerous as hacking a vehicle. I am not saying that they don’t matter, on the contrary. This is why I am mostly interested in vehicles: hacking can be dangerous and it is, with manufacturer’s permission at least, to improve their security.   According to the RSA…


IT Security News has its own Android App

I have finally found the time to make the app I always wanted to have for the “IT Security News” service.   Here is the page on Google’s Play Store: And the screenshots of the app:       Right now it is available only on Android devices, soon it will be available in the Apple’s Appstore.   Help me spread the word about it so that I can have some downloads 😉 Thanks.


How to get rid of Pokemons in your Facebook feed

Short version For those who are really, really, pissed off: Install FB Purity: http://www.fbpurity.com/ Open the FB Purity Facebook app by clicking on the word “FBP” near the search bar. Write in the main screen the word “pokemon” Save the configuration Enjoy your Pokemon free feed   Longer version Go and install FB Purity from http://www.fbpurity.com/install.htm. This means that you need to install an extension for your browser. F.B. Purity is compatible with the following web browsers: Firefox, Google Chrome, Safari, Opera and Maxthon, running on Windows, Mac, Linux. Open the FB Purity Facebook app by clicking on the word “FBP” near…


Social engineering at its best: ransomware delivery methods

I wrote already about Ransomware (and here), but in a more generic way as I will do now. From me to me, with the subject “Documents from work” is the subject of a new Locky ransomware. Attached is a Word document containing macros. In the document (which is actually an archive) is a file called  word\vbaProject.bin. That file seems to be the trigger that downloads the ransomware binary.   This is the link to the VirusTotal detection: https://virustotal.com/en/file/28ba8362af69958964bf8d7e23664cddc625e67b55ff5d5e95e9feef74158e96/analysis/1469020147/ At the moment of writing this post, 30/53 engine detect it.   My goal is not to analyze here the ransomware, but the delivery….


What’s the deal with a PhD?

I found long time ago this animated GIF on the Internet and now I managed to download it. I don’t know who created it, so I can’t give credit to anyone. Why I post this here? Because it matters and because it is exactly my experience which I like to share. Not many know, but I have been part of the PhD program of the Politehnica University Bucharest in Romania for 5 years, immediately after graduating the same university’s Computer Science faculty (field: Software Engineering). My diploma was related to Distributed Systems as well, namely about how to use CORBA…


BMW and cybersecurity

Not a month passes without seeing some major car manufacturer that has cybersecurity issues. This month we have seen made public a report from February 2016 related to BMW. The short story   The BMW ConnectedDrive Web portal was found to contain a vulnerability that could result in a compromise of registered or valid vehicle identification numbers, Vulnerability Lab warns. The security bug, affecting the BMW ConnectedDrive online service web-application, is a VIN (Vehicle Identification Number) session vulnerability, security researcher Benjamin Kunz Mejri reveals. VIN, also known as chassis number, is a unique code used in the automotive industry to…


Web Services: SOAP vs REST

There is a permanent discussion going on and I have seen quite a lot of answers. SOAP (Simple Object Access Protocol) vs. REST (Representational State Transfer) Which one to use and when? Let’s see first the main characteristics of both: S.No SOAP REST 1. SOAP stands for Simple Object Access Protocol. REST stands for Representational State Transfer. 2. SOAP is a protocol. It defines some standards that should be followed strictly. REST is an architectural style. It doesn’t define so many standards like SOAP. 3. SOAP is highly secure as it defines its own security. REST inherits security measures from the…


Ransomware: Prevention is the best solution

Ransomware is malicious software that denies you access to your computer or files until you pay a ransom. There are several types of ransomware that are commonly seen: files/folders encryptors screen ‘lockers‘ MBR ransomware (MBR: master… The post Ransomware: Prevention is the best solution appeared first on Improve Your Security. Want to get the book ? Get it from here: Improve your Security”


VPNMentor.com: Cybertalk with IT security expert Sorin Mustaca

Cybertalk with IT security expert Sorin Mustaca   vpnMentor has had the privilege of talking with Sorin Mustaca, a Certified IT consultant with over 15 years of experience in IT security, and author of “Improve Your Security”, a guide for the common end user that deals with the question of how to beware of cyber threats on the individual level.   By Ditsa Keren, 16/06/2016 Content Can you tell us a little bit about your background in IT security? With so many new threats and with the fast development of hacking technologies, how can an anti-virus stay up to date…


By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close