10 matches found
EUVD-2017-8599
Malware in sbrugna...
Online portal exposed car and personal data, allowed anyone to remotely unlock cars
A carmaker’s online dealership portal has been found leaking the private information and vehicle data of its customers. This also meant that anyone with access could remotely break into a car. Researcher Eaton Zveare shared his discovery with TechCrunch. Although he said he has chosen not to...
PT-2025-25420 · Unknown · Kia-Branded Aftermarket Generic Smart Keyless Entry System
Name of the Vulnerable Software and Affected Versions: KIA-branded Aftermarket Generic Smart Keyless Entry System versions 2022 through 2025 Description: The issue is related to the use of fixed learning codes in the Key Fob Transmitter, which allows a replay attack. This affects KIA vehicles in...
PT-2022-23693 · Mazda · Mazda Vehicles
Name of the Vulnerable Software and Affected Versions: Mazda vehicles affected versions not specified Description: The issue concerns the Remote Keyless Entry RKE receiving unit, which allows remote attackers to perform unlock operations and force a resynchronization after capturing three...
Bluetooth Flaw Allows Remote Unlocking of Digital Locks
Locks that use Bluetooth Low Energy to authenticate keys are vulnerable to remote unlocking. The research focused on Teslas, but the exploit is generalizable. In a video shared with Reuters, NCC Group researcher Sultan Qasim Khan was able to open and then drive a Tesla using a small relay device...
CVE-2017-17435
An issue was discovered in the software on Vaultek Gun Safe VT20i products, aka BlueSteal. An attacker can remotely unlock any safe in this product line without a valid PIN code. Even though the phone application requires it and there is a field to supply the PIN code in an authorization request,...
CVE-2017-17435
An issue was discovered in the software on Vaultek Gun Safe VT20i products, aka BlueSteal. An attacker can remotely unlock any safe in this product line without a valid PIN code. Even though the phone application requires it and there is a field to supply the PIN code in an authorization request,...
Amazon Promises Fix to Stop Key Service Hack
Researchers at Rhino Security Labs identified a flaw in Amazon’s Key delivery service and Cloud Cam security camera that allows a rogue courier to tamper with the camera and knock it offline, making it appear no one is entering home, when that’s not the case. Amazon Key service allows homeowners ...
New Ransomware Variant "Nyetya" Compromises Systems Worldwide
Note: This blog post discusses active research by Talos into a new threat. This information should be considered preliminary and will be updated as research continues.Update 2017-07-06 12:30 EDT: Updated to explain the modified DoublePulsar backdoor.Since the SamSam attacks that targeted US...
Gone in Less Than a Second
LAS VEGAS–Do not let Samy Kamkar near your car. Kamkar has built a new device that is about the size of a wallet and can intercept the codes used to unlock most cars and many garage doors. The device can be hidden underneath a vehicle and when the owner approaches and hits the unlock button on he...