Security News > 2016 > February > Insecure APIs allow anyone to mess with Nissan LEAF electric car (Help Net Security)

A vulnerability in the mobile app used to interact with Nissan LEAF, a popular electric car, can be exploited by remote, unauthenticated attackers to switch the car’s AC and heating system on and off, but also to extract details about the owner’s journeys, security researcher Troy Hunt has demonstrated. The weakness rests in the fact that the app interacts with the car via APIs that require no authentication to be accessed, and can therefore be … More →

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/JeadfZAMrRA/