Smashing Security podcast #159: Rap, robbery, and IoT holiday hell

A rapping bank worker is accused of stealing from the vault, the devices that can hide your car’s true mileage, and why it may be a case of “No No No” rather than “Ho Ho Ho” when it comes to IoT toys this Christmas.

And as Carole sups the mulled wine, Graham has problems with his internet connection…

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast.

Smash-and-grab car thieves use Bluetooth to target cars containing tech gadgets

For a long time it has been regarded as one of the security industry’s urban myths, but now law enforcement agencies have confirmed that they are investigating whether thieves have been identifying which cars might be carrying high tech gadgets through the use of Bluetooth scanners.

Read more in my article on the Bitdefender BOX blog.

Smashing Security podcast #144: Google helps the FBI, Twitter Jack’s hijack, and car data woes

Should Google really be helping the FBI with a bank robbery? What’s the story behind the Twitter CEO claiming there’s a bomb in their offices? And how much does your car really know about you?

And we mourn the loss of Doctor Who legend Terrance Dicks…

“NULL” vanity plate hack to dodge parking tickets backfires to the tune of $12,000

A US security researcher called Droogie thought he’d come up with the perfect wheeze to avoid being fined by the Department of Motor Vehicles (DMV) – he bought a personalised license plate which we believed would mess with the DMV’s database.

The name on Droogie’s vanity plate? “NULL”

Hacker could locate thousands of cars and kill their engines remotely via poorly-secured GPS tracking apps

App accounts were “protected” by a default password. That password? 123456.

Read more in my article on the Hot for Security blog.

Smashing Security podcast #102: Ethical dilemmas, Girl Scouts, and porn-loving US officials

Who deserves to die in a driverless car crash? Who has been sniffing around the Girl Scouts’ email account? And just how long would it take for a geologist to visit 9,000 adult web pages?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by journalist and “Friends” fan Dan Raywood.

Watch how a Tesla Model S was stolen with just a tablet

Criminals were able to dupe the Tesla’s passive entry system into giving them access, and letting them drive away.

(But only after they struggled to unplug it.)

Smashing Security podcast #092: Hacky sack hack hack

Is your used car still connected to its old owner? Just how did Apple manage to identify the teenager hacker who stole 90GB of the firm’s files? And why on earth would a firm of lawyers start producing pornographic videos? You’ll be surprised by the answers!

All this and much much more is discussed in the latest edition of the award-winning “Smashing Security” podcast hosted by computer security veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.

Now Amazon wants the keys to your car

Yes, Amazon is now offering free in-car delivery to customers in some cities.

If you’re comfortable with a stranger remotely unlocking your car, of course.

HIDS4U customers warned of free gift email attack after customer database leaks

A firm which sells Xenon HID headlight conversion kits, reversing cameras, parking sensors and other high-tech gear for motorists, has warned customers to be wary after a security breach.

Vendor-neutral smart car bug has ‘dangerous’ and ‘even fatal’ consequences

“You could disable the air bags, the anti-lock brakes, or the door locks, and steal the car,” says researcher.

David Bisson reports.

Friendly neighborhood hacker helps family regain access to locked car

A benevolent hacker has helped a family regain access to their car after they misplaced its corresponding one-of-a-kind key.

David Bisson reports.

Flawed Hyundai app could have helped hackers break into cars

Hyundai tells customers to update their Blue Link smartphone app to protect against hackers targeting their cars.

David Bisson reports.

Smashing Security podcast #009: False flags and hacker clues

The Lazarus malware attempts to trick you into believing it was written by Russians, second-hand connected cars may be easier to steal, and is your child a malicious hacker?

All this and more is discussed in the latest podcast by computer security veterans Graham Cluley, Vanja Svajcer and Carole Theriault.

Oh, and Carole gets Graham and Vanja to apologise for mistakes of their past…

It’s too easy to steal a second-hand connected car

Until more effort is made by vendors to integrate the internet in a safe way into the myriad of devices that surround us, we are going to hear more and more stories of security breaking down like this.

Read more in my article on the We Live Security blog.

Watch Teslas being hacked as they drive, from up to 20 km away

Chinese hackers literally open a backdoor on a Tesla car…