Updated in 2023: 2023: Sam Curry: Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More Kia, Honda, Infiniti, Nissan, Acura Fully remote lock, unlock, engine start, engine stop, precision locate, flash headlights, and honk vehicles using only the VIN number Fully remote account takeover and PII disclosure via […]
A lot is happening in the Automotive industry these days. It has to do with connectivity, autonomous driving, autonomous parking, and so on. All these have one thing in common: they are producing extremely large amounts of data which needs to be processed in the backend by very powerful computers. When we talk connectivity, we […]
Security researchers from China-based tech company Tencent have identified a series of vulnerabilities that can be exploited to remotely hack an unmodified Tesla Model S while it’s parked or on the move. The researchers managed to perform various actions. While the vehicle was parked, the experts demonstrated that they could: control the sunroof, the turn […]
Not even a week has passed since I was writing about “Not yet worried about vehicle hacking? You should be!” and we see in the news that at Blackhat that exactly this is happening. At BlackHat USA this week, the security researchers Charlie Miller and Chris Valasek are scheduled to present their latest findings in the world […]
As a matter of fact, it is not only vehicles that can be hacked, actually any IoT device can be hacked. AV-Test.org published this paper about vulnerabilities in the fitness wristbands and Apple Watch, which shows how they tested and how secure the devices are. However, a hack of these IoT devices is not as dangerous […]
Not a month passes without seeing some major car manufacturer that has cybersecurity issues. This month we have seen made public a report from February 2016 related to BMW. The short story The BMW ConnectedDrive Web portal was found to contain a vulnerability that could result in a compromise of registered or valid vehicle […]
I ended part 2 with the promise that we will discuss about : 2) Intrusion detection and prevention systems (IDS/IPS or IDPS) From Wikipedia: Intrusion prevention systems (IPS), also known as intrusion detection and prevention systems (IDPS), are network security appliances that monitor network and/or system activities for malicious activity. The main functions of intrusion […]
I wrote in the first part of this article about Detection, Protection, Remediation and I stopped at the part where we analyze what kind of security products do you need in the car of tomorrow. 1)The classical antivirus We know it to be used mostly for files. But it can much more than that. a) Files There are […]
I didn’t actually want to write such a post, but several press releases drew my attention. So, the competition to protect the car has begun. Big players are now on the hunt for customers. But, when you talk to customers like Daimler, VW, BMW, Nissan and others, the discussions will take a while. I will maintain the list […]
Note: This is going to be a somehow longer article which I will finish in a couple of related posts. A security product is a program that Prevents that malware enters the system Detects if previously unknown malware is running on the system Remediates the actions of detected malware on the system Note that it […]
