Web / Internet Threats


















             Autonomous vehicle sensors tricked by “invisible” drone projections of road signs - A group of
             researchers developed an attack to trick “Level 0” autonomous vehicle sensors by using drones
             which project images too quick for humans to see but slow enough for the vehicle’s sensors. Level 0
             autonomy systems advise human drivers but don’t directly operate the vehicle and Ben Gurion
             University security researchers performed the experiment on a Renault Captur’s system and were
             able to spoof various traffic signs including one that tricked the car’s sensors into believing false
             speed limits, according to the report. Although the experiments posed no immediate threat with the
             Level 0 autonomy system, researchers stressed that the attacks would have greater consequences
             had they been carried out against more advanced systems and could make vehicles swerve, travel at
             unsafe speeds, and detour into unsafe territory.

                    Source:       https://www.scmagazine.com/home/security-news/vulnerabilities/a-group-of-
                    researchers-developed-an-attack-to-trick-autonomous-vehicle-sensors-by-using-drone-
                    projectors/



             Unpatched Flaws in IoT Smart Deadbolt Open Homes to Danger - Researchers are warning that
             unpatched flaws found in the Hickory Smart Bluetooth Enabled Deadbolt allow an attacker with
             access to a victim’s phone to break into their houses. Researchers have uncovered vulnerabilities in
             a popular smart deadbolt could allow attackers to remotely unlock doors and break into homes.
             Making matters worse, the smart door lock manufacturer has not yet acknowledged nor fixed the
             flaws. The six vulnerabilities exist in the Hickory Smart Bluetooth Enabled Deadbolt, manufactured
             by Hickory Hardware, which enables users to remotely lock their homes via a mobile app on their
             Android or iPhone handset. The vulnerabilities are medium severity as some level of access to an
             already compromised mobile device is required for exploitation – however, once an attacker
             accesses a victim’s phone, they can easily exploit the flaws to remotely unlock the deadlock from
             the mobile app..

                    Source:      https://threatpost.com/unpatched-flaws-in-iot-smart-deadbolt-open-homes-to-
                    danger/146871/



             Amazon Alexa, Google Home On Collision Course With Regulation - Voice assistants are growing
             rapidly in popularity — but at the same time, the privacy concerns and security issues with popular
             home assistant devices like Amazon Echo and Google Home are peaking too. Earlier in July, Amazon
             came under fire after acknowledging that it retains the voice recordings and transcripts of
             customers’ interactions with its Alexa voice assistant indefinitely – raising questions about how long
             companies should be able to save highly-personal data collected from voice assistant devices.
                    Source:        https://threatpost.com/amazon-alexa-google-home-regulation/146357/





                                                    www.accumepartners.com                                           13