Latest Hacking News | As drone technology becomes commonplace, managing drone security gets crucial. Researchers have demonstrated that in their recent study via EMFI (electromagnetic fault injection) side-channel attack against a commonly-used drone. Executing such attacks allows an attacker to gain complete control of the target drone.
DBusiness Magazine | escar USA, a conference focused on embedded security in cars is taking place June 20-22 at St. John’s Resort in Plymouth Township.
The conference brings together automotive cybersecurity professionals from industry, academia, and government organizations, including Josep Pi Rodriguez, principal security consultant at IOActive, who will be presenting his research on a sophisticated relay attack that would allow someone with physical access to a Tesla Model Y to unlock and steal it in a matter of seconds. The vulnerability involves what’s called an NFC relay attack and requires two thieves working in tandem.
SECURITY MANAGEMENT MAGAZINE | What if you could physically manipulate a high-quality drone to corrupt its memory, gain control of it, and potentially leak its data?
Security research firm IOActive put that theory to the test earlier this year when it conducted an experiment on DJI’s Mavic Pro that was detailed in a whitepaper published Monday.
Risky Biz News | Drone security research: New research from IOActive shows that unmanned aerial vehicles are vulnerable to electromagnetic fault injection (EMFI) attacks that can allow a threat actor to run malicious code even if the drone is running up-to-date firmware. The attack was successfully tested against a DJI Mavic Pro drone, but in theory, it should work on other vendors and models as well.
gbhackers.com | Based on the recent reports by IOActive, Drones, also called Unmanned Aerial Vehicles (UAVs), are vulnerable to code injection, which would result in gaining complete access to the firmware and core functionality of the drone.
Drones have been used in many industries like aviation, agriculture, and law enforcement. They are often operated remotely, which offers an attack surface for threat actors to gain control over them.
weforum.org | This monthly round-up brings you key cybersecurity stories from the past month. Top cybersecurity news: US faces huge cyber-espionage campaign; Big British firms hit by cyberattacks on outsourcing suppliers; Highest AI cyberthreat will stem from deep fakes, says Microsoft’s Brad Smith.
securityweek.com | New research shows the potential of electromagnetic fault injection (EMFI) attacks against unmanned aerial vehicles, with experts showing how drones that don’t have any known vulnerabilities could be hacked.
The research was conducted by IOActive, a company specializing in cybersecurity research and assessments. The security firm previously found vulnerabilities affecting cars, ships, Boeing and other airplanes, industrial control systems, communication protocols, and operating systems.
International Business Times | “State-of-the-art” cyber security lab opens in Cheltenham, with a primary focus on testing the vulnerability of vehicles, private jets, aircraft engines and industrial system exposures against cyber attacks.
PUNCHL!NE | A purpose-built cybersecurity testing facility has opened in Bishop’s Cleeve.
The 5,200 sq ft is owned by IOActive, which operates in more than 30 countries around the world. The IOActive Hardware Lab is big enough to test how safe cars and small aircraft are from cyber-attacks, as reported by the BBC.
bbc.com | A cyber security laboratory big enough to test cars, private jets and aircraft engines has opened in Cheltenham. The facility is over 5,000 sq ft (464 sq metres) and is based near the UK’s intelligence agency GCHQ. The company behind it, IOActive, believes it is the first privately-owned lab of its size anywhere in the world.