Saturday, 31 January 2015

Hack of BMW’s Connected Drive system can send remote unlocking instructions to vehicles



A security vulnerability in BMW’s Connected Drive system allowed researchers to imitate BMW servers and send remote unlocking instructions to vehicles.

The problem was discovered by the Allgemeiner Deutscher Automobil-Club (ADAC), a German motoring association, and was verified on several models of BMW cars.

The attack took advantage of a feature that allows drivers who have been locked out of their vehicles to request remote unlocking of their car from a BMW assistance line.

“They were able to reverse engineer some of the software that we use for our telematics,” said Dave Buchko , a BMW spokesman. “With that they were able to mimic the BMW server.

http://www.pcworld.com/article/2878437/bmw-cars-found-vulnerable-in-connected-drive-hack.html

Monday, 26 January 2015

Google reveals Apple OS X Zero-Day Flaws




Google reveals Apple OS X Zero-Day Flaws

Project Zero team said that the flaws could lead to a successful attempt to elevate privilege levels and take over a machine.

The public disclosure follows the recent revealing of bugs in Microsoft Windows. However, the OS X vulnerabilities require an attacker to have access to a targeted Mac to execute such an attack.

The first flaw is OS X networkd effective_audit_token XPC type confusion sandbox escape, and is unsandboxed but runs as its own user.

It is reachable from many sandboxes, including the Safari WebProcess and ntpd, plus all those which allow system-network.

The second is OS X IOKit kernel code execution due to NULL pointer dereference in IntelAccelerator and the third is OS X IOKit kernel memory corruption due to bad bzero in IOBluetoothDevice.