EUVD-2015-5564

Malware in sbrugna...

Hackers to implement remote control of Model S car Tesla emergency repair software vulnerabilities-vulnerability warning-the black bar safety net

Beijing Time 9 on 2 1 September morning news, Tesla released this week, the electric car software system security patches. Earlier, the Chinese information security researcher found a Tesla car software vulnerabilities. Through these vulnerabilities, hackers can The Model S car to initiate a remo...

Tesla Fixes 'Critical' Remote Hack Vulnerability

Several models of the Tesla S cars were hacked by researchers who were able to abruptly stop the car in its tracks, pop open the trunk while the car was being driven, and remotely turn on and off the windshield wipers. The hacks demonstrated by China’s Keen Security Lab, a division of Tencent, we...

On Pokemon and Privacy, Riffle, the Fiat Chrysler Bug Bounty Program, and More

Mike Mimoso and Chris Brook discuss the news of the week, including privacy and Pokemon GO, a new MIT anonymity system, the Fiat Chrysler bug bounty program, and a patched printer spooler vulnerability. Download: ThreatpostNewsWrapJuly152016.mp3 Music by Chris Gonsalves...

Fiat Chrysler Launches Bug Bounty with $1.5K Payout Cap

Hacking Jeeps is about to get a lot more competitive. That’s because Jeep maker Fiat Chrysler Automobiles has launched a bug bounty program in conjunction with Bugcrowd that will payout as much as $1,500 per bug. Fiat Chrysler, the world’s No. 7 automaker, claims it will be the first Detroit...

Car Hackers Could Face Life In Prison. That's Insane!

Yes, you heard it right. You can now end up your whole life behind bars if you intentionally hack into a vehicle's electronic system or exploit its internal flaws. Car Hacking is a hot topic. Today, many automobiles companies are offering cars that run mostly on the drive-by-wire system, which...

General Motors GM Vulnerability Disclosure Program

General Motors’ new vulnerability disclosure program puts it alongside Tesla as the only major automakers with a mechanism for security researchers to report flaws. Unlike Tesla’s program, however, GM’s does not offer a monetary reward. GM launched its program last week via the HackerOne platform...

Car Hacking ? Scary, But Now it’s REALITY!

Next time you find yourself hooked up behind the wheel, make sure that your car is actually in your control. Hackers are now able to break into hundreds of thousands of vehicles on the road. Car hacking is a hot topic today and until now it was performed only while researchers were hard-wired int...

Fiat Chrysler Recalls 1.4 million Cars After Software Bug is Revealed

A few days after issuing a patch and reassuring owners that the attack that shut down the transmission and other systems remotely on a Jeep was not a huge risk, Fiat Chrysler has decided to recall nearly 1.5 million vehicles as a result of the bug exposed in the research. The recall is the result...

Fiat Chrysler Automobiles UConnect allows a vehicle to be remotely controlled

Overview Fiat Chrysler Automobiles FCA UConnect may allow a remote attacker to control physical vehicle functions. Description According to a WIRED news article, an unknown vulnerability in FCA UConnect software allows some functions of recent models of Jeep Cherokee to be controlled by a remote...

Fiat Chrysler Automobiles Uconnect Remote Elevation of Privilege Vulnerability

Fiat Chrysler Automobiles Uconnect is a suite of in-car information systems from Fiat Chrysler Automobiles FCA in the United States. An unspecified vulnerability exists in Fiat Chrysler Automobiles Uconnect 15.26.1. A remote attacker on the same mobile network could exploit this vulnerability by...

CVE-2015-5611

Unspecified vulnerability in Uconnect before 15.26.1, as used in certain Fiat Chrysler Automobiles FCA from 2013 to 2015 models, allows remote attackers in the same cellular network to control vehicle movement, cause human harm or physical damage, or modify dashboard settings via vectors related ...

Authorization

Unspecified vulnerability in Uconnect before 15.26.1, as used in certain Fiat Chrysler Automobiles FCA from 2013 to 2015 models, allows remote attackers in the same cellular network to control vehicle movement, cause human harm or physical damage, or modify dashboard settings via vectors related ...

CVE-2015-5611

Unspecified vulnerability in Uconnect before 15.26.1, as used in certain Fiat Chrysler Automobiles FCA from 2013 to 2015 models, allows remote attackers in the same cellular network to control vehicle movement, cause human harm or physical damage, or modify dashboard settings via vectors related ...

CVE-2015-5611

CVE-2015-5611 covers a missing authentication vulnerability in FCA Uconnect infotainment systems (Uconnect 8.4AN/RA3/RA4) used in 2013–2015 FCA vehicles. The root cause is unauthenticated access allowing remote commands via the entertainment-system firmware and CAN bus due to insufficient Radio s...

Harman-Kardon Uconnect Vulnerability

OVERVIEW This advisory is a follow-up to the ICS-ALERT titled ICS-ALERT-15-203-01 FCA Uconnect VulnerabilityICS-CERT ALERT, https://ics-cert.us-cert.gov/alerts/ICS-ALERT-15-203-01, web site last accessed September 17, 2015. that was published July 22, 2015, on the NCCIC/ICS-CERT web site. Chris...