News

automotive, News, security April 22, 2020

A brief history of software vulnerabilities in vehicles (Update 2023)

Updated in 2023: 2023: Sam Curry: Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More Kia, Honda, Infiniti, Nissan, Acura Fully remote lock, unlock, engine start, engine stop, precision locate, flash headlights, and honk vehicles using only the VIN number Fully remote account takeover and PII disclosure via VIN number (name, phone number, email address, physical address) Ability to lock users out of remotely managing their vehicle, change ownership For Kia’s specifically, we could remotely access the 360-view camera and view live images from the car Mercedes-Benz Access to hundreds of mission-critical internal applications via improperly configured SSO, including… Multiple Github instances behind SSO Company-wide internal chat tool, ability to join nearly any channel SonarQube, Jenkins, misc. build servers Internal cloud deployment services for managing AWS instances Internal Vehicle related APIs Remote Code Execution on multiple systems Memory leaks leading to employee/customer PII disclosure, account access Hyundai, Genesis Fully remote lock, unlock, engine start, engine stop, precision locate, flash headlights, and honk vehicles using only the victim email address Fully remote account takeover and PII disclosure via victim email address (name, phone number, email address, physical address) Ability to lock users out of…

General, improve-your-security, News March 27, 2020

People have started to read more about security !

Remember by Free eBook “Improve your security” available for free at https://www.improve-your-security.org ? It looks like I started to get more customers since the Corona Pandemic.     There are almost 1000 readers ! Go ahead and download your copy for free: https://www.improve-your-security.org/download/

General, News March 26, 2020

How to stay safe when being exclusively online

EN https://www.europol.europa.eu/sites/default/files/documents/safe-at-home_final.pdf DE https://www.europol.europa.eu/sites/default/files/documents/safe-at-home_de.pdf RO https://www.europol.europa.eu/sites/default/files/documents/safe-at-home_ro.pdf More here: https://www.europol.europa.eu/activities-services/public-awareness-and-prevention-guides/make-your-home-cyber-safe-stronghold    Recommendations: Wi-Fi: always change the default router password Install antivirus software on all devices connected to the internet Choose strong and different passwords  for your email and social media accounts Review your apps’ permissions and delete those you don’t use Back up your data and run regular  software updates Secure electronic devices with passwords, PIN or biometric information Review the privacy  settings of your social media accounts Online shopping safety tips Buy from reliable online vendors and check individual ratings Think twice: if an offer sounds too good to be true, it probably is Use credit cards when shopping online for stronger customer protection Check your bank account often for suspicious activity   DO NOT: Reply to suspicious messages or calls Open links and attachments in unsolicited emails and text messages Share your bank card details or personal financial information Buy things online that seem to be sold out everywhere else Send money upfront to someone you don’t know Share news that doesn’t come from official sources Make donations to charities without double-checking their authenticity                              …

News, published-external, question, quoted February 4, 2020

Interview in sputniknews.com: Experte zu Handy-Hacks: So kann man sich schützen

Experte zu Handy-Hacks: So kann man sich schützen TECHNIK 14:04 04.02.2020Zum Kurzlink Von Bolle Selke Die USA hacken das Handy von Bundeskanzlerin Angela Merkel und Saudi-Arabien das von Amazon-Chef Jeff Bezos? Müssen sich also nur Prominente Sorgen um ihr Smartphone machen? Nein, sagt der IT-Experte Sorin Mustaca im Interview und erklärt, wie man sich schützen kann. Read here the original: https://de.sputniknews.com/technik/20200204326418590-handy-hacks-schutz/ Die USA hacken das Handy von Bundeskanzlerin Angela Merkel und Saudi-Arabien das von Amazon-Chef Jeff Bezos? Müssen sich also nur Prominente Sorgen um ihr Smartphone machen? Nein, sagt der IT-Experte Sorin Mustaca im Interview und erklärt, wie man sich schützen kann. – Herr Mustaca, dass sich Leute wie Jeff Bezos oder Angela Merkel Sorgen um die Sicherheit ihrer Handykommunikation machen müssen ist logisch, aber muss man sich auch als Privatperson darüber Gedanken machen? – „Ich denke schon. Das Geld oder die Vorteile, die man von einer Privatperson bekommt, sind genauso gut, wie die von anderen Quellen. Man darf nicht vergessen, dass jeder von uns ein duales Leben hat: als Privatperson und als Geschäftsperson – egal ob als Angestellter oder Selbstständiger. Ein Lebensteil beeinflusst den anderen, das ist immer so. Die Informationen, die jemand über unser Privatleben hat, beeinflussen daher auch das Geschäftsleben.“ – Immer wieder gibt…

News, Spam & Phishing January 28, 2020

Malicious emails sent in German on behalf of the Post

German users are receiving a lot of such spams these days: It is about a package which allegedly it has its transport costs not paid. (2 €). The user is invited to visit a page where he can be pay this. Verfolgen Sie Ihr Paket: DE3428632-19 STATUS: BEARBEITUNG – VERTEILERZENTRUM BERLIN – Transportkosten VON 2,00 € wurden nicht bezahlt LIEFERUNG ERFOLGT NACH BEZAHLUNG LIEFERKOSTEN BEZAHLEN Useless to say, this is not the usual way to deal with packages, so those which sent the spam have no idea how things work. The link goes to a page delivering a malicious payload.   This is how the email looks like:   Observe the blue marked items. The spammers are either lacking skills, or they think that the users are idiots, or are themselves idiots. The body of the email is one single line of Base64 encoded text. It appears to be sent from an AWS account.     Received: from domain.com (ec2-52-193-124-80.us-west-1.compute.amazonaws.com [35.181.165.41]) by mx.google.com with ESMTP id d8si40042704pgv.61.2019.07.23.01.00.43 for ; Fri, 24 Jan 2020 12:43:25 -0500 (EST) Received: from smtp.J51G83V9.org (enr2-mrelay-01.ad4123fb38497b9631680eea23dbd0b2.org. ) by mx.google.com with ESMTP id t6si5997511qvm.25.2019.02.12.06.38.06 for ; Fri, 24 Jan 2020 12:43:25 -0500 (EST) Received: from pdr8-services-05v.prod.J51G83V9.org (HELO…

General, News September 19, 2019

Products of big security companies flagged as deceptors by Appesteem

Appesteem maintains the Deceptor list, a list of programs who do not respect their requirements. The deceptor list contains most of the time emergent products who want to make $$$ very fast by using some gray-area techniques. I personally have never seen a product of any established company in this list.   To my surprize, while working on the VB Conference paper described in the previous post , I saw two products: Avast Driver Updater since August 5 :   There is a bunch of AV companies already blocking the installer/app from running: Dr.Web ESET K7 Malwarebytes Panda Sophos Trend Micro VirIT Webroot Microsoft      AVG TuneUp Premium since June 4th: There is a bunch of AV companies already blocking the installer/app from running: AegisLab BitDefender Emsisoft GData Ikarus Symantec Microsoft   They are both violating the ACR-004. ACR-004:App offers an ongoing subscription service, but does not offer free fixes for the free scan results shown. For Driver Update utility, it can ask for one time fix payment, but not the term based service payment.   If we see the submission date, it is clear that these are no mistakes: they are business models and the companies are not…

antivirus, News September 6, 2019

My presentation “Challenges for young anti-malware products today” accepted at the Virus Bulletin 2019 Conference in London

I am happy to inform everybody that my presentation “Challenges for young anti-malware products today” was accepted at the Virus Bulletin 2019 Conference in London. This is the abstract: “There are two categories of anti-malware vendors: Established anti-malware vendors, who are preoccupied with getting the best scores in detection tests and capturing more market share. Emerging anti-malware vendors, who are trying to understand what they need to do in order to enter the market. This paper is about the second category of companies: those who are trying to enter the market either because they have identified a small market segment which they think they can serve, or simply because they’ve heard they can make some easy money. None of these emergent companies actually know what it takes to make a ‘real’ anti-virus product. They try to enter the market by creating some software that detects malware using a third-party scanning engine and soon realize that things are much more complicated than estimated: they face a multitude of problems they don’t understand and realize that there are more who want to see them fail than who are able and willing to help them. In this paper I will discuss some of…

News, quoted August 1, 2019

Interview with the SafetyDetective.com

” Aviva Zacks of Safety Detective sat down with cybersecurity expert Sorin Mustaca. She learned that his company is helping to both educate customers and provide them with solutions to combat cyberthreats. ” Read the entire text here: https://www.safetydetectives.com/blog/interview-sorin-mustaca/   Safety Detective has made it to the “In the news” page.

antivirus, CSSLP, News June 3, 2019

At Infosec London this week

I am going to be visiting Infosecurity London from Tuesday to Thursday this week. If you are one of my friends or customers and you are around, ping me and we could meet. I am planning to attend the (ISC)2 Member Reception on Wednesday afternoon.   Meet me at #Infoseclondon https://www.infosecurityeurope.com/   Click here to register : https://www.infosecurityeurope.com/en/visit/ Click here to see the programe: https://www.infosecurityeurope.com/en/conference/ Look here for my company’s consulting and OEM offers: http://www.mustaca.com

News, Spam & Phishing November 20, 2018

Sextorsion with “real” data – Do not pay!

If you have received an email with the subject “Yuor password – ”, don’t freak out immediately. Yes, the “yuor” is written wrong, but this is how the fraudsters wrote it, not the author of this article. The fraudsters have used a dump with the email addresses and passwords from some hacked website, where you have registered with that email address and password. So, yes, they are real. The email is pretty convincing, and if you don’t think a bit, some people might be inclined to actually believe that it is true. But, it isn’t… it is just an automated email, created from the list of recent dumps made public. You can see for yourself here more details: https://haveibeenpwned.com/. I recommend to enter your email address there as well, and you will receive notifications if your email appears in some dumps. How to recognize these scams Let’s have a short look at this email, so that you know in the future how to recognize them: 1. No fraudster would write his/her real name and email address. A simple search on the “From” of this email shows a normal person, who might have his/her email hacked. 2. Look at the language:…

%d bloggers like this: