Security News

Law enforcement authorities in France, in collaboration with Spain and Latvia, have disrupted a cybercrime ring that leveraged a hacking tool to steal cars without having to use a physical key fob. "The criminals targeted vehicles with keyless entry and start systems, exploiting the technology to get into the car and drive away," Europol said in a press statement.

Europol this week said it has arrested 31 people in a crackdown on a car-theft ring that developed and used a technique to steal keyless vehicles. The thieves were apparently able to update or manipulate the cars' software so that the doors could be opened and engine started without needing the owner's wireless keyfob.

Cisco has released patches to contain a critical security vulnerability affecting the Wireless LAN Controller that could be abused by an unauthenticated, remote attacker to take control of an affected system. "An attacker could exploit this vulnerability by logging in to an affected device with crafted credentials."

Researchers from the University of Oxford published details of a vulnerability in the Combined Charging System that has the potential to abort charging. The Combined Charging System is one of the plethora of standards in the EV charging world, and allows DC fast charging.

Global wireless 5G connections have reached 438 million by the third quarter of 2021 and are on pace to exceed 540 million by the end of the year, according to data from Omdia, said 5G Americas. According to the most recent data from Omdia, the world added 72 million 5G connections between Q2 and Q3 of 2021, increasing 19.6% from 366 million to 438 million, reflecting a downward re-statement of connections from Q2. At this pace of growth, 5G is expected to more than double the number of connections in 2020 and is forecast to reach 540 million globally by the end of the calendar year.

The European Commission has taken action to improve the cybersecurity of wireless devices available on the European market. The delegated act to the Radio Equipment Directive adopted today aims to make sure that all wireless devices are safe before being sold on the EU market.

On Wednesday, Verizon's Visible - an all-digital, uber-cheap wireless carrier - confirmed what customers have been complaining about on Reddit and Twitter all week: They lost control of their accounts; had their passwords and shipping addresses changed; and some got stuck with bills for pricey new iPhones. Visible is aware of an issue in which some member accounts were accessed and/or charged without their authorization.

A newly discovered data exfiltration mechanism employs Ethernet cables as a "Transmitting antenna" to stealthily siphon highly-sensitive data from air-gapped systems, according to the latest research. Dubbed "LANtenna Attack," the novel technique enables malicious code in air-gapped computers to amass sensitive data and then encode it over radio waves emanating from Ethernet cables just as if they are antennas.

Cisco is warning three critical security vulnerabilities affect its flagship IOS XE software, the operating system for most of its enterprise networking portfolio. The most severe of the critical bugs is an unauthenticated remote-code-execution and denial-of-service bug, affecting the Cisco Catalyst 9000 family of wireless controllers.

The National Security Agency has published a new document to provide a series of recommendations on how governmental agencies in the United States can mitigate the cybersecurity risks associated with the use of wireless devices in public settings. The NSA points out that securing devices for the use of public Wi-Fi hotspots is not enough, as their Bluetooth and Near Field Communications functions require similar attention as well.