CareerInfoSecurity: Gone in 30 Seconds: Kia Hack Unveiled
CareerInfoSecurity | Gunter Ollmann, IOActive Chief Technology Officer, was featured in a piece from CareerInfoSecurity discussing a recent breach in online services from carmaker Kia that allowed attackers to unlock doors & start engines in Kia automobiles. ‘Cars have been a favorite target for security researchers as software and electronic control units dominate what once were purely analog machines. Smartphone apps capable of controlling core vehicle functionality “expose those traditional physical functions to the communication and security frailties of internet protocols and applications,” said Gunter…
BankInfoSecurity: US Pushes Ban on Chinese, Russian Tech in Connected Vehicles
BankInfoSecurity | John Sheehy, IOActive Senior Vice President Research and Strategy, was recently featured in a piece from BankInfoSecurity discussing the White House administration’s decision to take steps “to ban Chinese connected vehicle hardware and software from reaching the U.S. market, warning Monday of escalating foreign threats to the information and communications technology supply chain.” “The proposed regulation will significantly improve vehicle cybersecurity in the U.S. by mitigating supply chain threats from known adversaries like China, according to John Sheehy, senior vice president of research…
CTRL, ALT, HACKED Podcast: “Sinkclose” Bug Impacting AMD Chips & Gamers. Krzysztof Okupski, IOActive.
Cybercrime Magazine Podcast | CTRL, ALT, HACKED | Check out this recent CTRL, ALT, HACKED podcast featuring research from IOActive Principal Security Consultants, Krzysztof Okupski and Enrique Nissim, on a vulnerability in AMD chips called Sinkclose. “The “Sinkclose” bug is a critical vulnerability impacting AMD chips across hundreds of millions of PCs and servers, and – as a result – possibly gamers. In this episode, Krzysztof Okupski, Principal Security Consultant at IOActive, joins host Paul John Spaulding to discuss.”
Error Code Podcast: Performing Security Assessments on ICS systems
Error Code Podcast | Check out this Error Code Podcast featuring Don Weber, IOActive Senior Principal Security Consultant, sharing his experience with industrial control systems (ICS), suggestions on improvements to keep ICS safe, and why to follow the SANS best practices for ICS security.
‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections
WIRED | “Researchers warn that a bug in AMD’s chips would allow attackers to root into some of the most privileged portions of a computer—and that it has persisted in the company’s processors for decades.” Check out this piece from WIRED featuring research from IOActive Principal Security Consultants, Enrique Nissim and Krzysztof Okupski, on a vulnerability in AMD chips called Sinkclose.