attack

automotive, General September 24, 2015

Where PC security and Automotive security meet

I visited yesterday the IAA in Frankfurt. IAA stands for International Automobile Exhibition and takes place every year in Frankfurt, Germany. This is the place where every year the latest cars are being presented but also the newest technologies around cars. This year it was a lot about mobility, interaction, autonomous parking and driving, interconnectivity between cars and IoT. I addressed more the car parts suppliers than the car manufacturers. For us it was more interesting to get involved in the devices that are easily and directly attackable. Things like entertainment systems, connected devices of the car, GPS devices,etc.. Challenges: Nobody from the car manufacturers or car parts suppliers wants to openly speak about security. Speaking about security is like causing “bad luck” on them. Why speaking about something that nobody wants to happen? 🙂 The most used argument by the car components suppliers was: “Why would anyone hack us/our device? They don’t have anything to gain.”   About security in the car Here is the list of things that can happen if a device in the car, or a car, is hacked: Accidents can be caused if the car detects that the speed limit is 50 KMH, a hacker…

No Image

security March 28, 2013

The anatomy of a live attack from China

I am maintaining a free service that provides IT Security news called ITSecurity News. Some time ago, it was called URLAggregator. It does nothing else than aggregate various IT news websites, selects IT security news and republishing them in the name of the original authors. I was asking myself why I get so much traffic on this website without having real visitors. So, I installed the free edition of the WordPress plugin Wordfence in order to study who visits my website. The results were… surprizing.   90% of the traffic was Spiders, Bots, Crawlers from Google, Baidu, 8% of the traffic were attempts to register an account like the one below:    Shanghai, China left http://urlaggregator.net/ and landed on http://urlaggregator.net/forum/member/register 1 hour 19 mins ago   IP: 112.111.160.79 [block] Browser: IE version 6.0 running on WinXP Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1;) 2% real visitors checking either the website or the RSS feed This is how an attack from these IP ranges looks like: 112.111.160.0 – 112.111.160.255 222.77.203.1 – 222.77.203.254 222.77.202.1 – 222.77.202.254                     After adding these rules in Advanced Blocking, the situation looked much better: Browser Pattern: Block visitors whos browsers match the pattern: crawler Browser Pattern: Block visitors…

%d bloggers like this: