#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Automotive Security | Breaking Cybersecurity News | The Hacker News

Category — Automotive Security
Smart Mobility has a Blindspot When it Comes to API Security

Smart Mobility has a Blindspot When it Comes to API Security

Mar 29, 2023 API Security / Automotive Security
The emergence of smart mobility services and applications has led to a sharp increase in the use of APIs in the automotive industry. However, this increased reliance on APIs has also made them one of the most common attack vectors. According to Gartner, APIs account for 90% of the web application attack surface areas.  With no surprise, similar trends are emerging also in the smart mobility space. A recent  Automotive and Smart Mobility Cybersecurity Report  by Upstream Security indicates that the automotive and smart mobility ecosystem has seen a 380% increase in API-based incidents in 2022, compared to 2021. Additionally, APIs accounted for 12% of total cyber incidents in 2022, up from only 2% in 2021.  When examining smart mobility applications and services, Upstream's threat intelligence team reported that black-hat actors were found to be behind 53% of incidents, indicating malicious intent as the driving force of the majority of API-related attacks. The imp...
Millions of Vehicles at Risk: API Vulnerabilities Uncovered in 16 Major Car Brands

Millions of Vehicles at Risk: API Vulnerabilities Uncovered in 16 Major Car Brands

Jan 09, 2023 Automotive Security
Multiple bugs affecting millions of vehicles from 16 different manufacturers could be abused to unlock, start, and track cars, plus impact the privacy of car owners. The  security vulnerabilities  were found in the automotive APIs powering Acura, BMW, Ferrari, Ford, Genesis, Honda, Hyundai, Infiniti, Jaguar, Kia, Land Rover, Mercedes-Benz, Nissan, Porsche, Rolls Royce, Toyota as well as in software from Reviver, SiriusXM, and Spireon. The flaws run a wide gamut, ranging from those that give access to internal company systems and user information to weaknesses that would allow an attacker to remotely send commands to achieve code execution. The research builds on earlier findings from late last year, when Yuga Labs researcher Sam Curry et al  detailed  security flaws in a connected vehicle service provided by SiriusXM that could potentially put cars at risk of remote attacks. The most serious of the issues, which concern Spireon's telematics solution, could have...
Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?

Crowdstrike Named A Leader In Endpoint Protection Platforms

Nov 22, 2024Endpoint Security / Threat Detection
CrowdStrike is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms for the fifth consecutive time, positioned highest on Ability to Execute and furthest to the right on Completeness of Vision.
Expert Insights / Articles Videos
Cybersecurity Resources