ICYMI: Hacking into cars, Chinese cyber-espionage and Siri's security flaw

The latest ICYMI column looks at the week's biggest stories, including hacking into cars, Chinese cyber-espionage and the take-down of thousands of French websites.

ICYMI: Hacking into cars, Chinese cyber-espionage and Siri's security flaw
ICYMI: Hacking into cars, Chinese cyber-espionage and Siri's security flaw

2 million cars vulnerable to USB dongle attack

A security researcher has discovered that more than two million US-made cars could be attacked via insecure USB dongles.

Speaking at the S4 conference in Miami last week, Digital Bond Labs researcher Corey Thuen detailed how US-based Progressive Insurance has been handing out insecure USB dongles to its customers, with these vulnerable to data theft and a remote access attack, where hackers could potentially access some of a car's functions.

UK cyber-security firms join Cameron for 'controversial' US trip

A select band of UK cyber-defence companies accompanied David Cameron on a controversial visit to Washington - as the PM lobbied President Obama on rolling back data encryption and sought to get US tech companies to do more to block terrorist content.

The 12 UK firms, specialists rather than ‘household names', were discussing joint R&D proposals and met potential customers in the US finance, commercial and government sectors. They included firms such as Darktrace, Cambridge Intelligence and Digital Shadows.

Chinese cyber-spies accused of stealing IP on US fighter jet

The Chinese government allegedly stole the designs of a US fighter jet, according to the latest leaked documents from NSA whistle-blower Edward Snowden.

China's Shenyang J-31 Falcon Eagle fifth-generation fighter copies major design elements from the F-35

The German newspaper Der Spiegel, which has close links to Snowden, claims in a new report that China stole up to 50 terabytes of data on the F-35 fighter jet, which is the most expensive defence project in US history.

The stolen information is said to have included radar systems data, engine schematics, heat contour maps and the designs to cool exhaust gases.

Islamic hackers exploit CMS flaws on 'thousands' of French websites

Tens of thousands of French websites have been hacked in the aftermath of last week's Charlie Hebdo terrorist attack, which left 20 people dead.

In an interview on Thursday, Admiral Arnaud Coustilliere, head of cyber-defence for the French military, said that 19,000 French websites had faced cyber-attacks since the 7 January attack against members of the satirical magazine, while Sky News reported that the websites Le Figaro, Le Parisien, France Info and L'Express were temporarily offline. 

However, a source later told SC that hacking groups from Tunisia, Syria, Morocco and the Middle East were infecting thousands of websites after scanning these for WordPress, Joomla and other common CMS vulnerabilities.

Siri voice commands can be used to steal iPhone data

Researchers have discovered a way to smuggle data out of Apple iPhones inside the Siri voice system.

The so-called ‘information-hiding' attack has been developed by Italian researcher Luca Caviglione and Polish professor Wojciech Mazurczyk to alert security experts to this growing way of hacking mobile devices.

In a paper publicised in the January issue of IEEE's magazine, the duo say their ‘iStegSiri' attack enables criminals to bypass the Apple iOS operating system's traditional strong security by hijacking Siri.

SC Webcasts UK

Sign up to our newsletters

FOLLOW US