Head Topics

Hackers Could Remotely Unlock, Start Honda, Nissan, Infiniti, And Acura Cars Through SiriusXM | Carscoops

Brasil Notícia Notícia

Hackers Could Remotely Unlock, Start Honda, Nissan, Infiniti, And Acura Cars Through SiriusXM | Carscoops
Brasil Últimas Notícias,Brasil Manchetes
  • 📰 Carscoop
  • ⏱ Reading Time:
  • 45 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 21%
  • Publisher: 63%

Hackers Could Remotely Unlock, Start Honda, Nissan, Infiniti, And Acura Cars Through SiriusXM | Carscoops carscoops

It was discovered that SiriusXM was using a vehicle’s VIN to authorize commands and fetch user profiles. Hackers uncovered owners’ names, phone numbers, addresses, and car details and were also able to run vehicle commands simply by knowing the VIN of a car.BMW Owners Have Hacked Their Cars Before And This Heated Seat Subscription Might Cause Them To Again

Soon after discovering the vulnerability, Curry and his team reported the issue to SiriusXM who quickly patched it. “We take the security of our customers’ accounts seriously and participate in a bug bounty program to help identify and correct potential security flaws impacting our platforms,” a Sirius XM Connected Vehicle Services spokesperson told. “As part of this work, a security researcher submitted a report to Sirius XM’s Connected Vehicle Services on an authorization flaw impacting a specific telematics program. The issue was resolved within 24 hours after the report was submitted.

It returned “200 OK” and returned a bearer token! This was exciting, we were generating some token and it was indexing the arbitrary VIN as the identifier. To make sure this wasn’t related to our session JWT, we completely dropped the Authorization parameter and it still worked!

Resumimos esta notícia para que você possa lê-la rapidamente. Se você se interessou pela notícia, pode ler o texto completo aqui. Consulte Mais informação:

Carscoop /  🏆 306. in US

Brasil Últimas Notícias, Brasil Manchetes

Similar News:Você também pode ler notícias semelhantes a esta que coletamos de outras fontes de notícias.

SiriusXM Mulls Job, Cost Cuts in 2023 Amid Declining Ad Budgets, Auto Manufacturer DelaysSiriusXM Mulls Job, Cost Cuts in 2023 Amid Declining Ad Budgets, Auto Manufacturer DelaysThe SiriusXM CEO says the company aims to control costs while prioritizing a rebuild of its technology infrastructure in 2023.
Consulte Mais informação »

Hackers just stole LastPass data, but your passwords are safe | Digital TrendsHackers just stole LastPass data, but your passwords are safe | Digital TrendsLastPass has suffered its second security breach in just a few months as hackers made off with data, but luckily user passwords are safe and encrypted.
Consulte Mais informação »

Twitter Competitor Shuts Down App When It Turns Out Hackers Can Read Users' Private MessagesTwitter Competitor Shuts Down App When It Turns Out Hackers Can Read Users' Private MessagesTwitter alternative Hive Social has had to pull all of its servers offline in light of some serious security vulnerabilities.
Consulte Mais informação »

Hackers found a way to unlock, start cars through Sirius XM and Hyundai vulnerabilityHackers found a way to unlock, start cars through Sirius XM and Hyundai vulnerabilityA white hat hacker named Sam Curry recently uncovered some security vulnerabilities in new cars.
Consulte Mais informação »

Vatican Buzzing With Conspiracy Theories as Hackers StrikeVatican Buzzing With Conspiracy Theories as Hackers StrikeThe holy hack came just 24 hours after Pope Francis angered the Kremlin by singling out Chechens and Buryati troops within the military contingent invading Ukraine, leading to accusations of “race baiting” against the pontiff.
Consulte Mais informação »

San Diego Unified Targeted By Cyber HackersSan Diego Unified Targeted By Cyber HackersThe San Diego Unified School District was the latest victim of a cybersecurity breach, according to a letter sent to parents on Thursday.
Consulte Mais informação »



Render Time: 2025-02-27 12:17:54