Security Alerts & News
by Tymoteusz A. Góral

History
#1239 The Jeep hackers are back to prove car hacking can get much worse
Almost exactly a year ago, Chrysler announced a recall for 1.4 million vehicles after a pair of hackers demonstrated to WIRED that they could remotely hijack a Jeep’s digital systems over the Internet. For Chrysler, the fix was embarrassing and costly. But now those two researchers have returned with work that asks Chrysler and the automotive industry to imagine an alternate reality, one where instead of reporting their research to the automaker so it could be fixed, they had kept working on it in secret—the way malicious hackers would have. In doing so, they’ve developed a new hack that offers a sobering lesson: It could have been—and still could be—much worse.

At the Black Hat security conference later this week, automotive cybersecurity researchers Charlie Miller and Chris Valasek will present a new arsenal of attacks against the same 2014 Jeep Cherokee they hacked in 2015. Last year, they remotely hacked into the car and paralyzed it on highway I-64—while I was driving in traffic. They were even able disable the car’s brakes at low speeds. By sending carefully crafted messages on the vehicle’s internal network known as a CAN bus, they’re now able to pull off even more dangerous, unprecedented tricks like causing unintended acceleration and slamming on the car’s brakes or turning the vehicle’s steering wheel at any speed. “Imagine last year if instead of cutting the transmission on the highway, we’d turned the wheel 180 degrees,” says Chris Valasek. I can imagine. But he spells it out anyway. “You wouldn’t be on the phone with us. You’d be dead.”
Read more
#1243 Firefox 48 released with multi-process support, mandatory add-on signing
#1242 Users alerted after Disney forum is breached
#1241 Black Hat conference updates app to address privacy and social engineering concern
#1240 Intrusive applications: 6 security issues to watch out for in hooking
#1239 The Jeep hackers are back to prove car hacking can get much worse
#1238 Ringleader of global network behind thousands of online scams arrested in Nigeria
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12