Blog

In this first installment, we examine the history of automotive entry technology and explore notable types of security breaches such as replay attacks, rolling attacks, and relay attacks.

Apps play a significant role in enhancing the functionality and driving the evolution of software-defined vehicles (SDVs). However, their integration also introduces new risks, as we explore in this blog entry.

Rust, a memory-safe programming language, is gaining traction as it is designed to address memory-related vulnerabilities. We discuss its potential impact on automotive cybersecurity.

A VicOne researcher demonstrates how automotive security researchers can take advantage of Python and ChatGPT, especially in scripting proofs of concept of known attacks and exploring novel vulnerabilities in automotive systems.

Open RAN is said to usher advances in V2X communications for connected vehicles. Researchers have taken a closer look at this technology to see where vulnerabilities might slip through amid its anticipated advantages.

More automotive manufacturers and suppliers have fallen prey to ransomware groups in January 2024, further highlighting the need for more robust automotive cybersecurity amid a rapidly evolving threat landscape.

With the close of the first-ever Pwn2Own Automotive, the challenge now is to make the most out of the discoveries and insights from the event. We summarize here our own impressions of the event, homing in on emergent security gaps and industry trends.

Researchers discovered a GitHub token leaked by a Mercedes-Benz employee, potentially exposing the automaker’s internal coding infrastructure, intellectual property, and other sensitive data. This breach stemmed from a sequence of avoidable errors, highlighting the importance of robust security measures in safeguarding digital assets.

We examine the impact of vulnerabilities and the security implications of advancing technologies on vehicles in VicOne’s walkthrough of an API attack scenario.

We highlight common vulnerabilities affecting modern connected vehicles, including those involving denial of service, hard-coded credentials, and stack overflow.

We recently explored the current state of automotive cybersecurity in the VicOne Automotive Cyberthreat Landscape Report 2023. In this blog entry, we present the automotive cybersecurity predictions and recommendations that decisions-makers in the automotive industry should be cognizant of in 2024.

In the fast-paced evolution of the automotive industry, technological innovation has become synonymous with progress. However, this era of transformation also demands an unwavering commitment to robust cybersecurity measures.