At Black Hat, hacks of voting machines, satellites, pacemakers – and more to come
SiliconANGLE – In the heat of the desert summer, when the annual cybersecurity circus known as Black Hat comes to Las Vegas, no industry or technology is safe. Flaws are found, vulnerabilities are identified, fixes are issued (or not) and life in the digital world goes perilously onward.
Embedded System Flaws Put Airlines at Risk, Researchers Reveal
eWEEK – Today’s topics include IOActive announcing research showing embedded systems exposing airlines to risk, and Arista agreeing to pay Cisco Systems $400 million in a patent settlement. According to IOActive researchers, multiple systems on modern airliners are potentially at risk from a series of vulnerabilities. These flaws expose supply chain risks, where an embedded software technology puts a larger platform at risk.
Popular platforms have ‘major vulnerabilities’ to data theft
Citywire – Some of the UK’s most popular trading platforms have ‘major vulnerabilities’ to data theft and the sector generally lags far behind the banks in terms of user security, researchers have warned. Security consultant IOActive came to the conclusion after reviewing 16 desktop apps, 34 mobile apps and 30 websites over the course of more than a year’s research. While the house focused on the most popular US platforms, many offer sister apps in the UK Google Play store.
Satellite Flaws Raise Aviation Fears
Infosecurity – Security researchers have revealed new vulnerabilities in satellite communication and on-board operating systems with potentially critical safety implications for the aviation and maritime industries. IOActive’s Ruben Santamarta authored the first paper, launched at Black Hat yesterday, which is a follow-up to his 2014 research on satcom vulnerabilities.
IoT malware found hitting airplanes’ SATCOM systems
HelpNetSecurity – In 2014, IOActive researchers revealed security vulnerabilities they found in the most widely deployed satellite communications terminals and presented potential scenarios attackers could exploit once SATCOM systems have been compromised in the aviation, maritime, and military sectors. In 2018, they demonstrated that some of these theoretical scenarios are, unfortunately, still actually possible.