ICT Security-Sécurité PC et Internet
87.1K views | +0 today
Follow
ICT Security-Sécurité PC et Internet
Education Technology
ICT Security + Privacy + Piracy + Data Protection - Censorship - Des cours et infos gratuites sur la"Sécurité PC et Internet" pour usage non-commercial... (FR, EN+DE)...
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Scooped by Gust MEES
Scoop.it!

VW bugs: "Unpatchable" remote code pwnage | #IoT #Cars #CyberSecurity #CyberAttacks 

VW bugs: "Unpatchable" remote code pwnage | #IoT #Cars #CyberSecurity #CyberAttacks  | ICT Security-Sécurité PC et Internet | Scoop.it
From techbeacon.com - May 3, 2018 8:46 AM

VW bugs: "Unpatchable" remote code pwnage


Two security researchers have excoriated Volkswagen Group for selling insecure cars. As in: hackable-over-the-internet insecure.

They broke into a recent-model VW and an Audi, via the cars’ internet connections, and were able to jump from system to system, running arbitrary code. Worryingly, they fully pwned the unauthenticated control bus connected to some safety-critical systems—such as the cruise control.

But VW has no way to push updates to its cars, and won’t alert owners to visit a dealer for an update.

Yes, it’s the internet of **** again: Potentially safety-critical bugs caused by the conflict between convenience and security. In this week’s Security Blogwatch, we prefer classic, analog vehicles.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Globfinity War…

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Cars

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=iot

 

Gust MEES's insight:

VW bugs: "Unpatchable" remote code pwnage


Two security researchers have excoriated Volkswagen Group for selling insecure cars. As in: hackable-over-the-internet insecure.

They broke into a recent-model VW and an Audi, via the cars’ internet connections, and were able to jump from system to system, running arbitrary code. Worryingly, they fully pwned the unauthenticated control bus connected to some safety-critical systems—such as the cruise control.

But VW has no way to push updates to its cars, and won’t alert owners to visit a dealer for an update.

Yes, it’s the internet of **** again: Potentially safety-critical bugs caused by the conflict between convenience and security. In this week’s Security Blogwatch, we prefer classic, analog vehicles.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Globfinity War…

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Cars

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=iot

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Volkswagen Cars Open To Remote Hacking, Researchers Warn | #CyberSecurity #Cars #IoT #Vulnerabilities #CyberAttacks

Volkswagen Cars Open To Remote Hacking, Researchers Warn | #CyberSecurity #Cars #IoT #Vulnerabilities #CyberAttacks | ICT Security-Sécurité PC et Internet | Scoop.it
From threatpost.com - May 3, 2018 7:43 AM

Vulnerable in-vehicle infotainment systems have left some Volkswagen cars open to remote hacking, researchers warn.

 

Over the last few years, automakers like Ford, Jeep, Nissan and Toyota have all suffered car-hacking vulnerabilities in their vehicles. Now,  it looks like Volkswagen has been pulled into the mix after researchers discovered that in-vehicle infotainment (IVI) systems in certain Volkswagen-manufactured cars could be remotely hacked.

Not only that, but it’s possible to pivot to more critical systems.

The vulnerability was discovered in the Volkswagen Golf GTE and an Audi3 Sportback e-tron, which were both manufactured in 2015. Computest researchers Daan Keuper and Thijs Alkemade, who discovered the flaw, said that under certain conditions the IVI vulnerability could enable attackers to commandeer the on-board microphone to listen in on the conversations of the driver, turn the microphone on and off, and access the system’s complete address book and the conversation history. There is also a possibility of hackers tracking the car through the navigation system at any given time, they said.

A Volkswagen spokesperson told Threatpost that the vehicles impacted are those produced with Discover Pro infotainment systems – Golf GTE and Audi A3 e-tron.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Cars

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=iot

 

Gust MEES's insight:

Vulnerable in-vehicle infotainment systems have left some Volkswagen cars open to remote hacking, researchers warn.

 

Over the last few years, automakers like Ford, Jeep, Nissan and Toyota have all suffered car-hacking vulnerabilities in their vehicles. Now,  it looks like Volkswagen has been pulled into the mix after researchers discovered that in-vehicle infotainment (IVI) systems in certain Volkswagen-manufactured cars could be remotely hacked.

Not only that, but it’s possible to pivot to more critical systems.

The vulnerability was discovered in the Volkswagen Golf GTE and an Audi3 Sportback e-tron, which were both manufactured in 2015. Computest researchers Daan Keuper and Thijs Alkemade, who discovered the flaw, said that under certain conditions the IVI vulnerability could enable attackers to commandeer the on-board microphone to listen in on the conversations of the driver, turn the microphone on and off, and access the system’s complete address book and the conversation history. There is also a possibility of hackers tracking the car through the navigation system at any given time, they said.

A Volkswagen spokesperson told Threatpost that the vehicles impacted are those produced with Discover Pro infotainment systems – Golf GTE and Audi A3 e-tron.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Cars

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=iot

 

more...
No comment yet.
Sign up to comment
About Follow us Resources Terms Mobile Features
Facebook
X
LinkedIn