Security News

The integration of mobile communications, infotainment, geo-location, and emergency monitoring systems render cars as a connected device within a distributed mesh of different data services. As manufacturers increase levels of system automation on the journey to fully autonomous vehicles, the volume of data generated and consumed by our vehicles will grow exponentially, as will the complexity of the code base on which the car depends.

This is part one of a two-part series on how hackers stole $2 million in cryptocurrency. There is one strong commonality with all these incidents and attacks: The hackers want the funds in cryptocurrency.

Tom Merritt tells us the things that are getting in the way of autonomous car adoption. Here are five autonomous car road blocks we need to overcome.

Police are investigating an electrical vehicle company in China following claims that car data was tampered with following a fatal collision. On August 12, 31 year old Lin Wenqin was using the driver assistance feature on his Nio ES8 when he was involved in a fatal car crash.

A major vulnerability affecting older versions of BlackBerry's QNX Real-Time Operating System could allow malicious actors to cripple and gain control of a variety of products, including cars, medical, and industrial equipment. BlackBerry QNX technology is used worldwide by over 195 million vehicles and embedded systems across a wide range of industries, including aerospace and defense, automotive, commercial vehicles, heavy machinery, industrial controls, medical, rail, and robotics.

BlackBerry this week issued a critical security advisory for past versions of its QNX Real Time Operating System, used in more than 175m cars, medical equipment, and industrial systems. BlackBerry QNX Software Development Platform version 6.5.0SP1 and earlier, QNX OS for Medical 1.1 and earlier, and QNX OS for Safety 1.0.1 are affected by an integer overflow vulnerability in the calloc() function of the C runtime library.

Black Hat: Researchers created 300 fake identities, signed them up on 185 legit sites, then tracked how much the sites used signup PII to pester the accounts. Researchers created 300 fake identities, signing them up on 185 legitimate websites ranging from Target to Fox News, with each identity used on a single website.

Car manufacturers require reliable connectivity and cybersecurity solutions to bring more convenience and secure services for drivers, passengers and automotive players. To build securely connected solutions and meet the requirements of new regulations such as UNECE WP29 , car makers can rely on Thales.

TechRepublic's Karen Roby spoke with Eric Sivertson and J.P. Singh of Lattice, a global semiconductor company, about cyberattacks in cars. Things are changing, and it's so important when it comes to cars that we keep up with security, because the thought of someone being able to just take over a car remotely, it's a pretty scary thought.

Following an eight-month audit of the code in the latest infotainment system in Mercedes-Benz cars, security researchers with Tencent Security Keen Lab identified five vulnerabilities, four of which could be exploited for remote code execution. In addition to targeting the main infotainment head unit, the security researchers also analyzed Mercedes-Benz's T-Box, successfully exploited some of the identified attack scenarios, and even combined some of them to compromise the head unit even in real-world vehicles.