"PerfektBlue: Critical Bluetooth Vulnerabilities in German Cars"

Modern vehicles are no longer simple machines—they’re complex computer systems packed with software, ECUs, and wireless interfaces. As described: “Automotive hacking is the exploitation of vulnerabilities within the software, hardware, and communication systems of automobiles.” Wikipedia From smart infotainment and keyless entry systems to over-the-air updates, today's cars can be targeted remotely. Cybercriminals can trigger door locks, track location, or extract personal data—all without physical contact. If your organization supplies, services, or connects with these intelligent vehicles—cybersecurity should be front and center. https://smpl.is/aa7vq #AutomotiveCyberSecurity #CarHacking #ConnectedVehicles

Modern vehicles are no longer simple machines—they’re complex computer systems packed with software, ECUs, and wireless interfaces. As described: “Automotive hacking is the exploitation of vulnerabilities within the software, hardware, and communication systems of automobiles.” Wikipedia From smart infotainment and keyless entry systems to over-the-air updates, today's cars can be targeted remotely. Cybercriminals can trigger door locks, track location, or extract personal data—all without physical contact. If your organization supplies, services, or connects with these intelligent vehicles—cybersecurity should be front and center. https://smpl.is/aa7vp #AutomotiveCyberSecurity #CarHacking #ConnectedVehicles

🚗 Millions of Cars Remotely Hackable via PerfektBlue Bluetooth Flaw A critical vulnerability in the BlueSDK Bluetooth stack—dubbed PerfektBlue—exposes millions of vehicles (including Mercedes‑Benz, VW, Skoda) to remote hacking with a single click. Attackers can access infotainment systems to track GPS, record audio, steal phone data, and potentially take over functions like steering or horn . 🛡️ Here’s how to protect your vehicle: 1. Apply firmware updates released by your manufacturer. 2. Disable Bluetooth when not in use. 3. Segment your car’s network—limit pairing capabilities. 4. Confirm any Bluetooth pairing requests manually. Read more here: https://buff.ly/IRcKv0t #CarSecurity #BluetoothHack #PerfektBlue #VehicleSafety #RSDCybersecurity /

As robots become smarter and more autonomous, the risks grow, too and so does the responsibility to protect them. At the International Robot Safety Conference (𝗜𝗥𝗦𝗖), Wibu-Systems will showcase how CodeMeter enables manufacturers and integrators to protect their robotic systems, safeguard digital assets, and open new revenue streams with secure, flexible licensing. From machine vision to motion control, our award-winning protection and licensing technology helps you build trust, ensure compliance, and stay ahead of evolving regulations such as the EU Cyber Resilience Act. 𝗠𝗲𝗲𝘁 𝗼𝘂𝗿 𝗲𝘅𝗽𝗲𝗿𝘁𝘀 𝗼𝗻𝘀𝗶𝘁𝗲 𝘁𝗼 𝗱𝗶𝘀𝗰𝗼𝘃𝗲𝗿 𝗵𝗼𝘄 𝗖𝗼𝗱𝗲𝗠𝗲𝘁𝗲𝗿 𝗰𝗮𝗻 𝗺𝗮𝗸𝗲 𝘆𝗼𝘂𝗿 𝗿𝗼𝗯𝗼𝘁𝗶𝗰 𝘀𝗼𝗹𝘂𝘁𝗶��𝗻𝘀 𝘀𝗲𝗰𝘂𝗿𝗲, 𝗰𝗼𝗺𝗽𝗹𝗶𝗮𝗻𝘁, 𝗮𝗻𝗱 𝗽𝗿𝗼𝗳𝗶𝘁𝗮𝗯𝗹𝗲: https://loom.ly/G2Pmsx0 #IRSC2025 #RobotSafety #Cybersecurity #Automation #CodeMeter #CyberResilienceAct

100 million lines of code. That’s what powers a modern connected car - more than a plane 🤯 Now imagine what a hacker could do with just one weak point... From remote unlocking, to #EV charging station breaches, #CyberThreats in the automotive world are no longer hypothetical, they’re happening. That's why we’re helping OEMs and Tier-1 suppliers build resilience into every layer of the connected vehicle: 🔐 Securing digital car keys with trusted identities 🔌 Protecting vehicle-to-charger communications 🧠 Embedding security into vehicle systems In the era of Software Defined Vehicles, Christine Caviglioli, VP of Automotive and Mobility Services, dives into why #cybersecurity isn’t optional, it’s foundational. Trust isn’t added later, it’s built in. #CyberSecurityAwarenessMonth #CyberMonth

Is your automotive ECU security ready for modern physical attacks? Disabling debug ports is necessary, but no longer enough against techniques that bypass traditional defenses. A key physical attack technique is Voltage Fault Injection (VFI): by briefly disturbing a chip’s power, attackers can force errors and bypass authentication or memory protections. The impact can be severe—full firmware extraction and theft of cryptographic keys—threatening vehicle safety and complicating compliance with UN‑R155. Protection requires layered defenses: choose tamper‑resistant MCUs, use HSMs and glitch detection, and enforce strong software controls. Our latest analysis explains VFI in detail and includes an experiment showing how MCU readout protection can be bypassed. Learn the attack basics and how to build effective countermeasures into your ECU development. #Cybersecurity #Automotive #ECU

🚨 Your Car's Infotainment System Could Be a Hacker's Backdoor! 🚗💻 A new "ThreatsDay" report reveals a critical vulnerability in the CarPlay and Android Auto systems of many modern vehicles. Here’s the breakdown: 🔓 The exploit uses a malicious charging station or cable to hijack the connection between your phone and the car's infotainment system. 📱 Once connected, attackers can deploy malware, access personal data from your linked phone, and even send unauthorized commands to vehicle components. 🚦 While full, physical control of the car like steering or braking is unlikely, researchers proved they could manipulate settings like the windshield wipers and headlights, creating dangerous distractions. This isn't just a theoretical risk; it demonstrates how our connected cars are becoming new targets. We're plugging our digital lives directly into our vehicles, often without a second thought. Are manufacturers doing enough to secure these increasingly complex in-car systems, or are we trading convenience for a significant security risk? What are your thoughts? 👇 #CarHacking #CyberSecurity #CarPlay #AndroidAuto #IoTSecurity #Vulnerability #InfoSec Link:https://lnkd.in/dVd8buRZ

🚨 Is Your “Smart” Car Easy to Steal?🔒The Hidden Flaw in Keyless Entry Systems As an automotive design engineer, I’m fascinated (and slightly alarmed) by how convenience sometimes undermines security. Your car’s keyless entry fob feels high-tech — but in reality, some of these systems can be tricked by a laptop and a cheap radio transmitter. Let’s break it down 👇 🔧 1. The Old Problem — Fixed Code Systems In early Remote Keyless Entry (RKE) systems, pressing your key fob sent the same code every time. 🕵️♂️ The Flaw: Thieves could record that radio signal once, and replay it later to unlock your car — a simple Playback Attack. 🔄 2. The Upgrade — Rolling Code Systems To fix this, engineers created Rolling Codes: each signal has a new encrypted code generated by a changing counter. That stopped replay attacks — but not all hackers gave up. ⚠️ Two-Thief Attack: One jams your signal, the other captures valid codes. Later, they unlock your car using the saved sequence. ⚠️ Scan Attack: Attackers can “brute-force” valid codes from a limited pool. 🧠 3. The Smarter Fix — Challenge-Response Authentication Now, newer systems use a Challenge-Response model: The car sends a unique random challenge ➡️ the fob computes a cryptographic response ➡️ only then does the car unlock. Even if a hacker records the data, it’s useless — because every challenge is unique. 🔑 Key Takeaway Security isn’t just about a lock — it’s about the conversation between the lock and the key. As cars become smarter, cryptographically secure challenge-response systems are essential to keep them from being too easy to steal. 💬 Question for you: Do you think the real weak point is the key fob design, or human behavior (like leaving keys near doors or relying on cheap aftermarket systems)? #AutomotiveSecurity #CyberSecurity #KeylessEntry #VehicleHacking #RollingCode #ConnectedCars #SmartVehicles #EngineeringInsights #IoTSecurity #FutureOfMobility #AutomotiveTech #DesignEngineer

🚗 Firmware Signing in Vehicles: Why OEMs Are Doing It Differently—and What That Means for Security Modern vehicles are packed with dozens of ECUs controlling everything from engine performance to advanced driver-assistance systems. And yet, securing the firmware that powers these systems is far from standardized. Here’s what I’ve observed across OEMs: 1️⃣ Signing Practices Aren’t Equal Some OEMs use strong cryptography and hierarchical key management, isolating signing keys from production systems. Others rely on weaker algorithms or legacy verification, leaving doors open for firmware tampering. 2️⃣ Verification Gaps at the Vehicle Level ECU diversity: A vehicle isn’t a single system—attackers target the weakest ECU. Incomplete boot chains: Signed firmware is meaningless if the bootloader itself is vulnerable. Key lifecycle issues: Once a signing key is compromised, affected vehicles remain exposed. Legacy and aftermarket systems: Older or third-party components often bypass modern signing enforcement. 3️⃣ Why This Matters A compromised ECU can lead to safety risks, privacy breaches, and supply chain vulnerabilities. Even strong signing practices in one ECU won’t help if another is weak. 4️⃣ Steps OEMs Must Take Standardize firmware signing and verification across all ECUs. Implement secure boot and measured boot from the first instruction onward. Improve key rotation and revocation policies. Ensure OTA updates validate full certificate chains and integrity. Audit legacy and aftermarket components to close the weakest links. 🔑 Bottom line: Vehicle firmware authenticity is only as strong as the weakest ECU in the chain. Closing these gaps isn’t just a cybersecurity issue—it’s a safety imperative. If you’re in automotive security, how confident are you in your firmware signing enforcement today? Where do you see the biggest gaps? #AutomotiveCybersecurity #FirmwareSecurity #OTASecurity #ECUSecurity #VehicleSafety #CyberLeadership

Today's threats aren't only on the front lines. They're in hardware and the networks that connect them. With PATCH, security isn’t a feature — it's the foundation for trust across defense and commercial systems🛡️