Tuesday, 21 July 2015

Windows Security Breach Forces Microsoft to Release an Emergency Update

Microsoft has issued an emergency security update to patch vulnerability in several versions of Windows including the upcoming Windows 10. The security vulnerability was highlighted by an email unearthed post the hacking attack on the Italian Surveillance vendor Hacking Team.

The cybersecurity firm Hacking Team appears to have itself been the victim of a hack, with documents that purport to show it sold software to repressive regimes being posted to the company’s own Twitter feed. The Italy-based company offers security services to law enforcement and national security organisations. It offers legal offensive security services, using malware and vulnerabilities to gain access to target’s networks. Hacking Team is known for exposing zero-day vulnerabilities, the loopholes in software which are unknown to the vendor. The loopholes are further exploited by the clients to discreetly inject the target with their software. As a matter of fact, the researchers have also found out several zero-days in the deluge of leaked e-mails since last month.

Jeep Cherokee vulnerable to attack over the internet - taking control of car and killing the engine!

The Jeep Cherokee is vulnerable to remote cyberattack that allows hackers to take control. Photograph: NRMA Motoring and Services/Flickr

Security experts are urging owners of Fiat Chrysler Automobiles vehicles to update their onboard software after hackers took control of a Jeep over the internet and disabled the engine and brakes and crashed it into a ditch.

A security hole in FCA’s Uconnect internet-enabled software allows hackers to remotely access the car’s systems and take control. Unlike some other cyberattacks on cars where only the entertainment system is vulnerable, the Uconnect hack affects driving systems from the GPS and windscreen wipers to the steering, brakes and engine control.

The Uconnect system is installed in hundreds of thousands of cars made by the FCA group since late 2013 and allows owners to remotely start the car, unlock doors and flash the headlights using an app.

Full details http://www.theguardian.com/technology/2015/jul/21/jeep-owners-urged-update-car-software-hackers-remote-control