News This Past Week

Researchers Find a Malicious Way to Meddle with Autonomous Cars
While automakers focus on defending the systems in their cars against hackers, there may be other ways for the malicious to mess with self-driving cars. Security researchers at the University of Washington have shown they can get computer vision systems to misidentify road signs using nothing more than stickers made on a home printer.
http://blog.caranddriver.com/researchers-find-a-malicious-way-to-meddle-with-autonomous-cars/

Can US senators secure the Internet of Things?
In an intriguing choice of words, the bill aims to specify what the regulators are calling “minimal cybersecurity operational standards” for IoT devices.
https://nakedsecurity.sophos.com/2017/08/03/can-us-senators-secure-the-internet-of-things/

New Legislation Could Force Security Into IoT
After years of warnings from security experts and researchers, the Internet of Things (IoT) remains fundamentally insecure. Now a group of senators has introduced bipartisan legislation to force vendors to ensure basic security within their IoT devices if they wish to sell into the government market.
http://www.securityweek.com/new-legislation-could-force-security-iot

Multiple vulnerabilities found in radiation monitoring gateways
Every now and then, a presentation at Black Hat throws up a security vulnerability that has been missed either because it exists in equipment researchers haven’t been paying attention to, or is simply inherently difficult to uncover.
https://nakedsecurity.sophos.com/2017/08/01/multiple-vulnerabilities-found-in-radiation-monitoring-gateways/

Bipartisan Group Proposes IoT Cybersecurity Improvement Act
U.S. Senators Mark Warner (D-VA), Cory Gardner (R-CO), Ron Wyden (D-WA), and Steve Daines (R-MT) have introduced the Internet of Things Cybersecurity Improvement Act of 2017, a new bill that seeks to ensure that IoT devices sold to the U.S. government meet security requirements.
http://www.tomshardware.com/news/bipartisan-iot-cybersecurity-improvement-act,35134.html

It’s 2017 and Hayes AT modem commands can hack luxury cars
A bunch of mid-age Ford, Infiniti, Nissan and BMW vehicles are carrying around a vulnerable chipset from Infineon that America’s ICS-CERT reckons is easy to exploit.
https://www.theregister.co.uk/2017/08/01/telematics_vulnerabilities_in_bmw_infiniti_ford_nissan/

Posted in Uncategorized.