Threatpost editor Mike Mimoso talks to Chris Valasek, Security Lead, Uber ATC, about the talk he and Charlie Miller gave at RSA, hacking cars, the challenges around getting manufacturers to patch vulnerabilities in vehicles, IoT, and more. [embedded content]

As automakers rush to market connected cars to feed drivers hungry for collision avoidance systems and self-parking features, security experts are urging the industry to pump its brakes and prioritize the their cars’ cyber defenses. In a report released Tuesday by IDC and the security firm Veracode, researchers say when it comes to car hacking...

Last month, when researcher Troy Hunt argued the dangers of insecure APIs at a security workshop, little did he know hours later he would discover an API vulnerability that allowed remote access to onboard computers of 200,000 Nissan Leaf and eNV200 electric automobiles. “After talking about the way applications can sometimes get APIs wrong, a...

Automaker Nissan deactivated a remote access feature that let owners of its Leaf electric car remotely adjust climate controls and check battery status via a smartphone app. The move comes after a security researcher posted his finding regarding a simple hack that allowed anyone with the right Leaf automobile VIN number to access the climate...

General Motors’ new vulnerability disclosure program puts it alongside Tesla as the only major automakers with a mechanism for security researchers to report flaws. Unlike Tesla’s program, however, GM’s does not offer a monetary reward. GM launched its program last week via the HackerOne platform, and while there’s no mention of a payout, the company...

Well, if you thought you had it rough in 2014 because of big, bad Poodles and an irritating case of Heartbleed, things only got worse this year. Rather than intrusions permeating our IT systems and stealing our data, attacks got a bit more personal in 2015. Not only were privacy and civil liberties put at...