Technology

Senator Asks Automakers About Cyber Security, Privacy Plans

Cyber attacks on so-called “connected vehicles” are still in the proof of concept stage. But those proofs of concept are close enough to the real thing to prompt an inquiry from U.S. Senator Ed Markey, who sent a letter to 20 major auto manufacturers asking for information about consumer privacy protections and safeguards against cyber attacks in their vehicles. Markey’s letter, dated December 2, cites recent reports of “commands…sent through a car’s computer system that could cause it to suddenly accelerate, turn or kill the breaks,” and references research conducted by Charlie Miller and Chris Valasek on Toyota Prius and Ford Escape. That research was presented in an August demonstration at the DEFCON hacking conference in Las Vegas. [For more on the security threats facing connected vehicles, check out this link.] “Today’s cars and light trucks contain more than 50 separate electronic control units (ECUs), connected through a controller area network […]

Continue Reading

Two Million Passwords Stolen From Facebook, Twitter, ADP

The passwords to access more than two million online accounts have been recovered from a server that is part of the command and control network for the Pony botnet, a large and active network of infected computers, according to a blog post from the security firm Trustwave. The company said that it found a cache of approximately two million compromised accounts, most from popular online services such as Facebook, Yahoo, Google and Twitter. More concerning: the cache also contained tens of thousands of credentials for FTP (File Transfer Protocol) servers, remote desktop and secure shell (SSH) accounts, and a site belonging to ADP, the payments processing firm. Facebook accounts made up the lion’s share of the haul, with 318,121 user credentials discovered – 57% of the total. Yahoo was the next biggest victim, with 59,549, almost 11% of the total. Leading Russian social networking sites vk.com and odnoklassniki.ru were also in […]

Continue Reading

The French Disconnection: Radio Gun Stops Smart Cars In Their Tracks

You could call it “The Death of the Car Chase.” According to the BBC, a UK company, E2V is demonstrating the RF Safe-Stop, a 350 KG (770 lb) device that can shoot RF (radio frequency) pulses at moving vehicles,  “confusing” the vehicle’s electronic systems and causing its engine to shut off, stranding both vehicle and driver. E2V’s Safe-Stop product is intended for use as a non-lethal weapon for the military and law enforcement and is marketed as a tool for “checkpoint enhancement,” “convoy protection” and “vehicle immobilisation” (sp). According to this BBC report, the device acts like a small radar transmitter, directing a beam of radio pulses (identified elsewhere as L and S-Band RF pulses) that saturate the wiring that connects the vehicles on board systems. Those pulses confuse the engine control unit and cause it to reset, stopping the vehicle. Safe-Stop sends a continuous stream of pulses to keep the ECU confused […]

Continue Reading

BitCoin’s Popularity Is Undermining Promises of Anonymity

The virtual currency Bitcoin has soared in value against the U.S. dollar in recent months, topping out a staggering $913 USD to 1 Bitcoin (or BTC) as of late Tuesday. The currency had many ups and downs since it was launched in January 2009. But its main attraction, all along, has been anonymity. Unlike any other online payment system, Bitcoin transactions – like cash transactions – cannot be traced back to specific individuals. Also like cash, they cannot be reversed. Both those factors give Bitcoin users the confidence that their online purchasing activity – whether computer hardware or contraband will remain private. But a group of researchers at two U.S. universities have released a paper that suggests reports of Bitcoin’s anonymity may (to paraphrase Twain) “be greatly exaggerated.” Specifically: the researchers found that, by culling a variety of open source data using public data from the Bitcoin Peer to Peer network and from […]

Continue Reading

The Security Week In Review: Same Breach, Different Day

It’s the end of another week and, as has become a pattern, we’re weighing the impact of  another massive data breach: this one at Cupid Media, the owner of a network of dating web sites. According to a report on Krebsonsecurity.com, data on some 40 million Cupid Media customers turned up on the same servers that were found holding data stolen from Adobe Inc., PR Newswire and other victims. To get a handle on the impact of this breach and others like it, I invited Ted Julian, the Chief Marketing Officer of CO3 Systems, to talk about the recent string of embarrassing breaches and how companies go wrong (and sometimes right) in responding to them. Co3 sells a service that helps companies structure their response to data breaches and other adverse incidents. We also took the time to talk about the recent FTC Workshop on security and privacy on The […]

Continue Reading
1 53 54 55 56 57 64