Information Security News mailing list archives
BMW patches security flaw that could have allowed hackers to unlock car doors
From: InfoSec News <alerts () infosecnews org>
Date: Tue, 3 Feb 2015 10:04:42 +0000 (UTC)
http://mashable.com/2015/02/03/bmw-connecteddrive-locks/ By Rex Santus Mashable.com 2/3/2015BMW has mended a security flaw in its ConnectedDrive car connectivity system that affected 2.2 million cars, including Rolls-Royce and Mini cars, the company announced on Friday.
It concerned software in the car that would have allowed hackers to open car doors. It highlights a oft-voiced concern around connected home products — sometimes called the Internet of Things — that household items would become vulnerable to malware or hacking.
The update happens automatically, as soon as the vehicle connects to BMW's servers, and includes the addition of HTTPS — the secure version of hypertext transfer protocol — to data transmissions via the ConnectedDrive system.
A German automobile group called ADAC discovered the security flaw last year, opting to wait to disclose the discovery until BMW worked out a fix. The flaw has not been used in any attempted cyberattacks, according to both ADAC and BMW.
[...]
-- Evident.io - Continuous Cloud Security for AWS. Identify and mitigate risks in 5 minutes or less. Sign up for a free trial @ https://evident.io/
Current thread:
- BMW patches security flaw that could have allowed hackers to unlock car doors InfoSec News (Feb 03)