Blog

Open RAN is said to usher advances in V2X communications for connected vehicles. Researchers have taken a closer look at this technology to see where vulnerabilities might slip through amid its anticipated advantages.

The NIST IR 8473 cybersecurity framework profile marks a shift in scope from individual chargers to the entire charging infrastructure. This expanded scope suggests that electric vehicle supply equipment manufacturers and charge point operators need to consider cybersecurity from an industry-level risk-based approach rather than focusing solely on individual IoT devices.

By utilizing the BlackBerry IVY connected vehicle data platform, VicOne enables AI-empowered threat detections at the edge, cloud-controlled access to vehicle data, and response to potential cyberattacks on software-defined vehicles (SDVs).

By harnessing the power of AI and large language models (LLMs), VicOne effectively addresses common challenges encountered during cybersecurity risk assessment in the automotive industry — ensuring proactive and adaptive measures are in place to safeguard software-defined vehicles (SDVs) and critical systems against evolving threats.

Adopting zero trust principles in the automotive industry not only fortifies connected vehicles against evolving cyberthreats but also enhances the resilience and security of the entire automotive supply chain.

The automotive industry has entered an era when cyberattacks and social engineering tactics can have direct consequences on connected vehicles. Researchers have demonstrated another such scenario, involving a man-in-the-middle (MITM) credential phishing attack on a Tesla car. We share our security insights and solution recommendations.

A remote code execution vulnerability discovered in an automotive product security platform and similar recently disclosed flaws in IT software products underscore the importance of continuous quality control across the overall software life cycle.

More automotive manufacturers and suppliers have fallen prey to ransomware groups in January 2024, further highlighting the need for more robust automotive cybersecurity amid a rapidly evolving threat landscape.

With the close of the first-ever Pwn2Own Automotive, the challenge now is to make the most out of the discoveries and insights from the event. We summarize here our own impressions of the event, homing in on emergent security gaps and industry trends.

VicOne products are the only automotive cybersecurity products in the market that can detect 44 unique zero-day vulnerabilities that were discovered during the three-day Pwn2Own Automotive event held in January 2024.

Researchers discovered a GitHub token leaked by a Mercedes-Benz employee, potentially exposing the automaker’s internal coding infrastructure, intellectual property, and other sensitive data. This breach stemmed from a sequence of avoidable errors, highlighting the importance of robust security measures in safeguarding digital assets.

We discuss the crucial element that should be included in automotive threat intelligence so that organizations can better draw valuable insights to respond promptly and effectively to the constantly evolving landscape of cyberthreats.