The latest bug bounty program from an automobile manufacturer comes from Fiat Chrysler, more than a year after two white hat hackers proved that they could remotely compromise and take control of its popular selling vehicle, the Jeep Cherokee.
White hat hackers can now start picking away at cybersecurity flaws in the vehicle software embedded in Fiat Chrysler connected cars. The bounty program is specifically focused on the automaker’s fleet of connected vehicles, including the systems used within them as well as the applications and external services that are connected to them.
The bounty reward is relatively small compared to the bug bounties offered by the likes of [...]
SpiderLabs, a team of ethical hackers that fights cybercrime, recently posted a blog about a recent zero day offer to attack Windows that demonstrates how such offerings are marketed and becoming more common.
Zero day is a disclosed software vulnerability that hackers can exploit to attack computer programs, data, additional computers or a network, according to Wikipedia. SpiderLabs is a part of Trustwave, a company that helps businesses fight cybercrime, protect data and reduce security risk.
SpiderLabs notified Microsoft about the zero day offering and continues to monitor the situation. The blog is titled, “Zero Day Auction for the Masses.”Cyber Crime [...]
The technique the FBI used to unlock an Apple iPhone used in the San Bernardino, Calif. terror attack cannot be used on new devices, FBI Director James Comey told students at Kenyon College in Ohio recently, according to AppleInsider.com.
Comey did not reveal the process the FBI used to unlock the phone, but he said it would not work on the 6S or the 5S. He said the tool only works on a “narrow slice of phones.”Will The Technique Be Revealed?
Comey was noncommittal regarding Apple’s request to reveal the method the bureau used to unlock the phone. He said he is concerned about the FBI losing the access it currently possesses.
Since announcing its success [...]
A new variant of the dreaded Android-based Stagefright bug has been successfully exploited by security researchers who showed a proof-of-concept of phone getting hacked remotely. The newly discovered Stagefright bug affects users running Android Lollipop, versions 5.0 and 5.1.
Israeli software security research company NorthBit has, in a detailed research paper, revealed that it has exploited the dreaded Stagefright Android bug which has, in the past, put a billion user devices at risk.
The complete research paper can be found here. [PDF]
The exploit, titled ‘Metaphor’ is shown running in a proof-of-concept video. The target is Google’s Nexus 5, a flagship device [...]