Security Alerts & News
by Tymoteusz A. Góral

History
#1287 A new wireless hack can unlock 100 million volkswagens
In 2013, when University of Birmingham computer scientist Flavio Garcia and a team of researchers were preparing to reveal a vulnerability that allowed them to start the ignition of millions of Volkswagen cars and drive them off without a key, they were hit with a lawsuit that delayed the publication of their research for two years. But that experience doesn’t seem to have deterred Garcia and his colleagues from probing more of VW’s flaws: Now, a year after that hack was finally publicized, Garcia and a new team of researchers are back with another paper that shows how Volkswagen left not only its ignition vulnerable but the keyless entry system that unlocks the vehicle’s doors, too. And this time, they say, the flaw applies to practically every car Volkswagen has sold since 1995.

Later this week at the Usenix security conference in Austin, a team of researchers from the University of Birmingham and the German engineering firm Kasper & Oswald plan to reveal two distinct vulnerabilities they say affect the keyless entry systems of an estimated nearly 100 million cars. One of the attacks would allow resourceful thieves to wirelessly unlock practically every vehicle the Volkswagen group has sold for the last two decades, including makes like Audi and Škoda. The second attack affects millions more vehicles, including Alfa Romeo, Citroen, Fiat, Ford, Mitsubishi, Nissan, Opel, and Peugeot.
Read more
#1291 Bluetooth hack leaves many smart locks, IoT devices vulnerable
#1290 An ATM hack and a PIN-pad hack show chip cards aren’t impervious to fraud
#1289 Copperhead OS: The startup that wants to solve Android’s woeful security
#1288 Shade: not by encryption alone
#1287 A new wireless hack can unlock 100 million volkswagens
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12