Security News

Many companies have no mechanism to deal with a common problem: when users open accounts using someone else's email address, either by accident or design. The problem is not only that email addresses are easily spoofed - mitigated by mechanisms like SPF and DKIM - but that they also lack any robust process by which organisations collect email details.

Sadly, continued attacks against healthcare and medical infrastructure will probably lead to serious consequences going into 2021. While there have been no known attacks against over-the-air updates to vehicle software, it will become a growing concern as more manufacturers adopt the technology.

Researchers at the University of Leuven in Belgium found vulnerabilities in the keyless entry system of the Tesla Model X that would have allowed attackers to steal the $100,000 car within just a few minutes. The security bugs allowed taking full control of the key fob and of the car by remotely updating the Tesla Model X's BLE chip with specially crafted firmware.

Tens of researchers showcased their work last week at the DEF CON hacking conference. They presented research on hacking phones, cars, satellite communications, traffic lights, smart home devices, printers, and popular software services, among many others.

A UK man who woke up one morning to discover his bank account being charged for satnav services linked to a car he'd sold months previously has expressed his frustration at Mazda and TomTom over the strange affair. His vehicle included a dashboard-mounted in-car entertainment suite powered by TomTom, which later proved to be the source of some strange goings-on that cost him money and made him fear that his personal data had been saved by the car and was now allowing someone else to bill him for the in-car satnav.

A woman accused of setting fire to two Philadelphia police cars during a May 30 protest was tracked down by her online buying-habits and reviews, a social media sweep, and a poor username choice, the FBI has claimed. In an affidavit spotted by Seamus Hughes, deputy director of the Program on Extremism at George Washington University, FBI Special Agent Joseph Carpenter details the data trail that led agents to Lore-Elisabeth Blumenthal, 33.

Japanese car maker Honda has been hit by ransomware that disrupted its production of vehicles and also affected internal communications, according to reports. Some Honda factories around the world were forced to suspend production, though output from Turkey, India, USA and Brazil locations remain on hold at the time of writing.

Hackers could remotely interfere with a connected vehicle and disrupt safety critical systems and functions including the engine, brakes, and steering wheel, causing the driver to lose control. As drivers crave more personalization and customization features, vehicles will be even more connected and will need the ability to host and process in-vehicle updates safely.

Vulnerabilities in Lexus and Toyota cars could be exploited by hackers to launch remote attacks against affected vehicles, researchers at China-based Tencent Keen Security Lab discovered. Research into the AVN system in the 2017 Lexus NX300 - the same system is also used in other models, including LS and ES series - has revealed security issues with the Bluetooth and vehicular diagnosis functions on the car.

A suspected meth dealer is off the hook for at least one of the charges he's facing: that he "Stole" the GPS device that police stuck on his car to track his movements. So police applied for warrants to search both Heuring's home and his father's barn, where they suspected that Heuring had put the GPS device.