BMW Vulnerabilities – Hijack Cars ConnectedDrive™ Service!

Hi Folks,
Let me tell you the story about some typical vulnerabilities that was discovered by @Seekurity Team in BMW ConnectedDrive service which will allow any beginner attacker to hijack the whole service!

.

First what is BMW ConnectedDrive service?
BMW ConnectedDrive – a technology packet full of services and apps that connects you closely to the world around you. It makes tasks easier and quicker to perform, giving you more time for what’s really important: your family, friends and free time.

Continue reading “BMW Vulnerabilities – Hijack Cars ConnectedDrive™ Service!”

Share

FirefoxOS Find My Device Service Clickjacking Bug results in Changing PINs, Wiping and Locking Phones!

firefox-bug

Introduction:

Physical devices connected with web applications made everything easy to be managed. Screen size, availability, usage etc… is what pushing everyone to manage their devices through their desktops/laptops! On the other hand such advantages poses a threat if these web applications contains security issues!

For example android devices can be managed through “Google Device Manager”,  iOS devices can be managed by “iCloud service”, Windows Phone devices can be managed via your Microsoft account, FirefoxOS devices can be managed also through your Mozilla account and finally Internet of Things devices or (IoT) are connected to their own vendors dedicated web apps!!

Continue reading “FirefoxOS Find My Device Service Clickjacking Bug results in Changing PINs, Wiping and Locking Phones!”

Share