A brief history of software vulnerabilities in vehicles (Update 2023)

Updated in 2023: 2023: Sam Curry: Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More Kia, Honda, Infiniti, Nissan, Acura Fully remote lock, unlock, engine start, engine stop, precision locate, flash headlights, and honk vehicles using only the VIN number Fully remote account takeover and PII disclosure via VIN number (name, phone number, email address, physical address) Ability to lock users out of remotely managing their vehicle, change ownership For Kia’s specifically, we could remotely access the 360-view camera and view live images from the car Mercedes-Benz Access to hundreds of mission-critical internal applications via improperly configured SSO, including… Multiple Github instances behind SSO Company-wide internal chat tool, ability to join nearly any channel SonarQube, Jenkins, misc. build servers Internal cloud deployment services for managing AWS instances Internal Vehicle related APIs Remote Code Execution on multiple systems Memory leaks leading to employee/customer PII disclosure, account access Hyundai, Genesis Fully remote lock, unlock, engine start, engine stop, precision locate, flash headlights, and honk vehicles using only the victim email address Fully remote account takeover and PII disclosure via victim email address (name, phone number, email address, physical address) Ability to lock users out of…

Security release 4.2.4 for WordPress is available – update now

This release addresses six issues, including three cross-site scripting vulnerabilities and a potential SQL injection that could be used to compromise a site. Read more here: WordPress 4.2.4 also fixes four bugs. For more information, see the release notes or consult the list of changes.   If you have your site already at WordPress 4.x and it is properly configured, you should only see this email in your inbox: Howdy! Your site at has been updated automatically to WordPress 4.2.4. No further action is needed on your part. For more on version 4.2.4, see the About WordPress screen: If you experience any issues or need support, the volunteers in the support forums may be able to help. You also have some plugins or themes with updates available. Update them now: The WordPress Team

No Image

Pwn2Own: Nothing is safe

The annual Pwn2Own hacking competition wrapped up its 2015 event in Vancouver with another 21 critical bugs in Firefox, Chrome, Safari, IE, Adobe Flash, Adobe reader, and last, but definitely not least, the Windows operating system. For those who don’t know the contest, the name “Pwn2Own” is derived from the fact that contestants must “pwn” or hack the device in order to “own” or win it. Chrome got both its stable and beta versions hacked in just two minutes. Google paid $75,000 for just one buffer overflow in Chrome which allows an attacker to bypass the sandbox. Apple’s Safari got also hit by using a use-after-free (UAF) vulnerability in an uninitialized stack pointer in the browser and bypassed the sandbox for code execution. Internet Explorer 11 64-bit was taken out with a time-of-check to time-of-use (TOCTOU) vulnerability allowing for read/write privileges. The attacker evaded all the defensive mechanisms by using a sandbox escape through privileged JavaScript injection, all of which resulted in medium-integrity code execution. Mozilla Firefox was hit with an out-of-bounds read/write vulnerability leading to medium-integrity code execution. A team of researchers showed their skills against Flash by using a heap overflow remote code execution vulnerability and then leveraging…

No Image

iOS 8 brings a lot of security updates

You must have heard of the brand new version of iOS which was release yesterday: iOS v8. While the media is still considering and reconsidering their recommendations for each device on whether or not you should upgrade, here are my reasons to update my iPad 3rd generation. I don’t have an iPhone anymore, I am an Android user now with my great Galaxy Note 3. Apple published, as usual, the security release notes in their KB The list of vulnerabilities fixed is too long to describe it here, but here is a summary: – a series of kernel flaws, – several WebKit bugs – vulnerabilities that allowed a user to install apps outside of the App Store Most critical: the way that the OS implemented 802.1x. For those who don’t know what that is, 802.1x is the protocol behind any wireless network. In some cases, the flaw could enable an attacker to steal a user’s WiFi credentials. Here is what Apple says: Impact: An attacker can obtain WiFi credentials Description: An attacker could have impersonated a WiFi access point, offered to authenticate with LEAP, broken the MS-CHAPv1 hash, and used the derived credentials to authenticate to the intended access point even if…

%d bloggers like this: