LockBit Ransomware Group Data Leak: Implications for Automotive Cybersecurity
May 21, 2025A recent breach of the LockBit ransomware group exposed chat logs, offering a rare inside look at how victims were targeted and extorted. Automotive companies featured prominently among those attacked. We unpack the key findings and outline practical steps that automotive companies can take to block LockBit attacks or similar incidents.
CyberThreat Research LabThe Recall Risk From Unseen Vulnerabilities: Strategies for Safer Software-Defined Vehicles
May 21, 2025Traditional vulnerability management platforms overlook zero-day vulnerabilities, putting the automotive industry at risk. Discover how xZETA provides more visibility into vulnerabilities to help the industry stay ahead of emerging threats.
VicOneExposing the Risks: Security Takeaways From a Successful Android OTA Decryption
May 13, 2025By decrypting an Android OTA update to their vehicle’s infotainment system, a researcher gained access to proprietary code. We examine the method that the researcher used and what it means for modern vehicle security.
CyberThreat Research LabAutomotive Threat Intelligence: Is It Your Shield or Your Burden?
May 8, 2025As automotive cyberthreats grow more complex, automotive threat intelligence (TI) becomes more essential. But not all solutions reduce risk effectively. We explore why the right automotive TI approach can mean the difference between insight and information overload.
VicOneWhy Dynamic TARA Matters: Gaining the Edge Before Attackers Do
May 6, 2025Today’s threats move so fast that static threat analysis and risk assessment (TARA) can no longer keep up. We discuss how dynamic TARA gives organizations the edge, with faster response, tighter collaboration, and continuous protection.
VicOneInvisible Commands, Real Consequences: AI Prompt Injection in Vehicle Systems
May 2, 2025As AI assistants become standard features in vehicles, new risks like prompt injection are emerging, quietly manipulating systems through seemingly harmless inputs. We explore how attackers could exploit invisible commands in everyday interactions and why securing AI at the input level is critical to automotive safety.
CyberThreat Research LabApple CarPlay’s ‘AirBorne’ Vulnerabilities and What They Mean for the Automotive Industry
May 2, 2025High-impact vulnerabilities in Apple’s AirPlay protocol, collectively known as “AirBorne,” expose CarPlay-equipped vehicles to remote code execution, privacy breaches, and potential system compromise. We explore how the vulnerabilities work, real-world scenarios where exploits could occur, and what users and automotive stakeholders can do to stay protected.
Peter YangHitag2 Key Fob Vulnerability: How Attackers Can Clone Keys in Under a Minute
April 15, 2025Hitag2, a legacy key fob system, has long been known to carry security flaws. A recent demonstration showed that it could be cracked in under a minute. We break down how the attack works and why outdated encryption poses serious risks to modern vehicles.
CyberThreat Research LabBreaking Down the Pioneer IVI System 3-Bug Exploit Chain From Pwn2Own Automotive 2024
March 31, 2025We analyze the three-bug exploit chain demonstrated by security researchers against the Pioneer DMH-WT7600NEX IVI system at Pwn2Own Automotive 2024. We map it to the Automotive Threat Matrix and highlight industry best practices for mitigating similar exploits.
CyberThreat Research LabFrom Compliance to Continuity: Why Cybersecurity Is a Cornerstone of EV Fleet Asset Utilization
March 25, 2025As EV fleets become more connected, cybersecurity is playing an increasingly critical role in ensuring long-term performance, compliance, and asset utilization. We explore the most pressing cyber risks facing modern fleets and present actionable strategies to help organizations keep their vehicles secure, operational, and productive.
VicOneShifting Gears for 2025: The Next Generation of Automotive Cybersecurity Challenges
March 19, 2025As AI, EVs, and SDVs reshape the automotive industry, cyberthreats are evolving in tandem. Drawing from VicOne’s 2025 automotive cybersecurity report, this article offers key insights into the industry’s threat landscape and outlines the strategies automakers need to stay ahead.
CyberThreat Research LabHow Subaru’s IVI System Admin Panel Vulnerability Could Have Enabled Vehicle Tracking and Control
March 13, 2025Security researchers uncovered a vulnerability in Subaru’s in-vehicle infotainment (IVI) system admin panel, enabling unauthorized access to personal information, GPS records, and vehicle controls. We examine the findings and emphasize the need for automotive manufacturers to adopt a security-first approach throughout the vehicle lifecycle.
CyberThreat Research Lab