Security Alerts & News
by Tymoteusz A. Góral

History
#1248 Hackers hijack a big rig truck’s accelerator and brakes
When cybersecurity researchers showed in recent years that they could hack a Chevy Impala or a Jeep Cherokee to disable the vehicles’ brakes or hijack their steering, the results were a disturbing wakeup call to the consumer automotive industry. But industrial automakers are still due for a reminder that they, too, are selling vulnerable computer networks on wheels—ones with direct control of 33,000 pounds of high velocity metal and glass.

At the Usenix Workshop on Offensive Technologies conference next week, a group of University of Michigan researchers plan to present the findings of a disturbing set of tests on those industrial vehicles. By sending digital signals within the internal network of a big rig truck, the researchers were able to do everything from change the readout of the truck’s instrument panel, trigger unintended acceleration, or to even disable one form of semi-trailer’s brakes. And the researchers found that developing those attacks was actually easier than with consumer cars, thanks to a common communication standard in the internal networks of most industrial vehicles, from cement mixers to tractor trailers to school buses.
Read more
#1254 New attack steals SSNs, e-mail addresses, and more from HTTPS pages
#1253 Hacker compromises Fosshub to distribute MBR-hijacking malware
#1252 Bitcoin value falls off cliff after $77M stolen in Hong Kong exchange hack
#1251 SMiShing and the rise of mobile banking attacks
#1250 FBI's hacking tool found to have compromised dozens of computers in Austria
#1249 Google patches dozens of critical Qualcomm components flaws
#1248 Hackers hijack a big rig truck’s accelerator and brakes
#1247 Data of 200 nillion Yahoo users pops up for sale on the Dark Web
#1246 Hackers break into Telegram, revealing 15 million users’ phone numbers
#1245 Cloud storage provider Backblaze really likes the reliability of the new 8TB drives
#1244 Bitfinex bitcoin exchange offline after potentially costly security breach
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12