It has been reported that there are 14 vulnerabilities in BMW’s vehicles that allow remote hacks that could affect drivers’ control of the vehicles, according to a new report from Keen Security Lab. The vulnerabilities were found in the location tracking systems; infotainment systems, including voice recognition services; and, in some cases, malicious hacks could be launched using “serious vulnerabilities” in the USB interfaces.
Cisco Systems warned yesterday that hackers have infected at least 500,000 routers and storage devices in dozens of countries with highly sophisticated malicious software, possibly in preparation for another massive cyber attack on Ukraine in a bid to disrupt the Champions League final in Ukraine’s capital. The malware, which has been called VPNFilter by Cisco, could be used for espionage as well as to destroy the devices that it has infected.
Tenable quantifies decisive security metric in determining overall Cyber Exposure
COLUMBIA, Md., LONDON (May 24, 2018) — Tenable®, Inc., the Cyber Exposure company, released a new research report today that quantifies the window of opportunity cybercriminals have to weaponize vulnerabilities. The research found that cybercriminals have a median seven-day window of opportunity during which they can exploit a vulnerability to attack their victims, potentially siphoning sensitive data, launching ransomware attacks and causing extensive financial damage before organizations even take the first step to determine their Cyber Exposure and whether they are at risk.
Earlier today, Cisco Talos identified an advanced state-sponsored network of at least 500,000 infected home office/small office routers and storage devices preparing for a destructive global attack. According to reports, this is one of the largest networks of coordinated infected devices ever seen, it shares commonalities with attacks that the US Government has attributed to Russian entities and the Ukraine is one of the most heavily infected countries.
Today Cisco warned that hackers have infected at least 500,000 routers and storage devices in dozens of countries with highly sophisticated malicious software, possibly in preparation for another massive cyber-attack on Ukraine. Cisco’s Talos cyber intelligence unit is saying that the Russian government is behind a campaign, dubbed VPNFilter, where the hacking software shares code with malware used in previous cyber-attacks that the U.S. government has attributed to Moscow.
In response to the news that more than half a million routers and network devices in 54 countries have been infected with sophisticated malware and could be used to launch a destructive attack on Ukraine, I have the following comments from security researchers at Imperva:
It has been reported that Chinese security researchers have found 14 vulnerabilities in the on-board compute units of BMW vehicles, some of which can be remotely exploited to compromise vehicle functions. The flaws are said to exist in three interconnected modules: the car’s “Infotainment System (a.k.a Head Unit), Telematics Control Unit and Central Gateway Module.”
A new study from Javvad Malik, security advocate for AlienVault®, that took into account the views of over 750 infosecurity professionals amidst a privacy regulation and scandal backdrop the likes of which has never been seen before. The report, entitled Re-Thinking Security in the Privacy Era, found that while the majority (61%) of professionals felt the General Data Protection Regulation (GDPR) will protect EU citizens, almost 17% thought that GDPR was too little, too late. Other findings included: