Second Triton/Trisis critical infrastructure attack spotted
SC Magazine – A second attack against a critical infrastructure target has been launched using the Triton/Trisis custom attack framework.
Is your car at risk of a cyber attack?
What Car? – Cars are smarter than ever. Many can now let you do everything from dictating text messages to helping you find available parking spaces as you approach an unfamiliar city. There’s a potential downside to all this technology that you might not have considered, though: as soon as you use the sat-nav or Bluetooth or link your smartphone to your car, you’re automatically sharing a lot of information with it. And that information could be open to abuse or theft.
How companies can improve their vulnerability disclosure proces
Cyberscoop – John Sheehy, VP of Strategy for IOActive, talks with Greg Otto on the changes around coordinated vulnerability disclosure.
‘Memsad’ software rot threatens to leak your digital secrets
The Parallax – VANCOUVER—If coding and updating software is like building and maintaining a house, one might say software that leaks passcodes is like a home with a rotting foundation—but you don’t know it. Ilja van Sprundel, the director of penetration testing at security research company IOActive, says he’s detected a significant amount of rot in the foundation of a wide swath of commonly used software code.
Hackers reveal how to trick a Tesla into steering towards oncoming traffic
ZDNet – A team of hackers has managed to trick the Tesla Autopilot feature into dive-bombing into the wrong lane remotely through root control and a few stickers. Researchers from Tencent Keen Security Lab published a report this week (.PDF) on their findings, which shows how the Tesla Autopilot system engine control unit (ECU) can be abused through root security weaknesses in software version 18.6.1 to gain remote control of a Tesla Model S steering wheel.