InfoSec News Nuggets 08/15/2023

Ford Says Wi-Fi Vulnerability Not a Safety Risk to Vehicles  American car maker Ford says that a vulnerability in the Wi-Fi driver of the SYNC 3 infotainment system on certain Ford and Lincoln vehicles does not pose a safety risk. Tracked as CVE-2023-29468, the bug impacts the Texas Instruments-supplied Wi-Fi driver used in the infotainment system of at least a dozen vehicles. The issue is described as a buffer overflow that could lead to remote…
Read More

InfoSec News Nuggets 08/18/2021

Ford bug exposed customer and employee records from internal systems A bug on Ford Motor Company's website allowed for accessing sensitive systems and obtaining proprietary data, such as customer databases, employee records, internal tickets, etc. The data exposure stemmed from a misconfigured instance of Pega Infinity customer engagement system running on Ford's servers. This week, researchers have disclosed a vulnerability found on Ford's website that let them peek into confidential company records, databases and perform account takeovers. The vulnerability was discovered by Robert Willis and break3r,…
Read More

InfoSec News Nuggets 05/04/2021

1 - Ford's Ever-Smarter Robots Are Speeding Up the Assembly Line IN 1913, HENRY Ford revolutionized car-making with the first moving assembly line, an innovation that made piecing together new vehicles faster and more efficient. Some hundred years later, Ford is now using artificial intelligence to eke more speed out of today’s manufacturing lines. At a Ford Transmission Plant in Livonia, Michigan, the station where robots help assemble torque converters now includes a system that uses AI to learn from previous attempts how to…
Read More

InfoSec News Nuggets 2/7/2020

1 - No expectation of privacy in an IP address, Alberta judge rules Police in Alberta don’t need a court order to get an external IP address from a service provider in trying to identify an internet user, according to a recent Calgary judicial ruling. The decision is a first in Canadian privacy law. The precedent applies for now only in Alberta but it will be cited in other courts across the country and could be…
Read More