Apps play a significant role in enhancing the functionality and driving the evolution of software-defined vehicles (SDVs). However, their integration also introduces new risks, as we explore in this blog entry.
Rust, a memory-safe programming language, is gaining traction as it is designed to address memory-related vulnerabilities. We discuss its potential impact on automotive cybersecurity.
A VicOne researcher demonstrates how automotive security researchers can take advantage of Python and ChatGPT, especially in scripting proofs of concept of known attacks and exploring novel vulnerabilities in automotive systems.
In celebration of World Quantum Day on April 14, we discuss how quantum computing can further improve advanced driver assistance systems (ADASs) and the risks associated with this disruptive technology.
Open RAN is said to usher advances in V2X communications for connected vehicles. Researchers have taken a closer look at this technology to see where vulnerabilities might slip through amid its anticipated advantages.
The NIST IR 8473 cybersecurity framework profile marks a shift in scope from individual chargers to the entire charging infrastructure. This expanded scope suggests that electric vehicle supply equipment manufacturers and charge point operators need to consider cybersecurity from an industry-level risk-based approach rather than focusing solely on individual IoT devices.
By utilizing the BlackBerry IVY connected vehicle data platform, VicOne enables AI-empowered threat detections at the edge, cloud-controlled access to vehicle data, and response to potential cyberattacks on software-defined vehicles (SDVs).
By harnessing the power of AI and large language models (LLMs), VicOne effectively addresses common challenges encountered during cybersecurity risk assessment in the automotive industry — ensuring proactive and adaptive measures are in place to safeguard software-defined vehicles (SDVs) and critical systems against evolving threats.
Adopting zero trust principles in the automotive industry not only fortifies connected vehicles against evolving cyberthreats but also enhances the resilience and security of the entire automotive supply chain.
The automotive industry has entered an era when cyberattacks and social engineering tactics can have direct consequences on connected vehicles. Researchers have demonstrated another such scenario, involving a man-in-the-middle (MITM) credential phishing attack on a Tesla car. We share our security insights and solution recommendations.
A remote code execution vulnerability discovered in an automotive product security platform and similar recently disclosed flaws in IT software products underscore the importance of continuous quality control across the overall software life cycle.
More automotive manufacturers and suppliers have fallen prey to ransomware groups in January 2024, further highlighting the need for more robust automotive cybersecurity amid a rapidly evolving threat landscape.
With the close of the first-ever Pwn2Own Automotive, the challenge now is to make the most out of the discoveries and insights from the event. We summarize here our own impressions of the event, homing in on emergent security gaps and industry trends.