Pierluigi Paganini January 03, 2024
Don’t trust links with known domains: BMW affected by redirect vulnerability

Sometimes, you can’t even trust links with your own domain. As the Cybernews research team has discovered, some BMW subdomains were vulnerable to redirect vulnerability, enabling attackers to forge links leading to malicious sites through them. Cybernews researchers have discovered two BMW subdomains that were vulnerable to SAP redirect vulnerability. They were used to access […]

Pierluigi Paganini March 10, 2023
BMW exposes data of clients in Italy, experts warn

Cybernews researchers discovered that BMW exposed sensitive files that were generated by a framework that BMW Italy relies on. Original post at: Hackers have been enjoying their fair share of the spotlight by breaching car manufacturers’ defenses. The latest Cybernews discovery showcases that popular car brands sometimes leave their doors open, as if inviting […]

Pierluigi Paganini May 23, 2018
Chinese researchers from Tencent discovered exploitable flaws in several BMW models

A team of security researchers from Chinese firm Tencent has discovered 14 security vulnerabilities in several BMW models. Researchers from the Tencent Keen Security Lab have discovered 14 vulnerabilities affecting several BMW models, including BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series. The team of experts conducted a […]

Pierluigi Paganini August 01, 2017
Security flaws affect TCUs used in BMW, Ford, Infiniti, and Nissan vehicles

Three security researchers have discovered security vulnerabilities in the telematics control units (TCUs) used in BMW, Ford, Infiniti, and Nissan vehicles. Three security researchers have discovered security vulnerabilities in the telematics control unit (TCU) manufactured by Continental AG that is installed on various car models manufactured by BMW, Ford, Infiniti, and Nissan. The researchers are Mickey Shkatov, […]

Pierluigi Paganini February 02, 2015
BMW fixes security flaw in 2.2 million car software

A security vulnerability in the BMW Connected Drive system allowed security experts to send remote unlocking instructions to the cars. Modern cars are complex systems composed of several components interconnected by internal networks, each system within these architectures is exposed to the risk of cyber attacks. Recently the German carmaker BMW has fixed a security […]