Peugeot and IBM to develop services using connected car data

Peugeot and IBM to develop services using connected car data

Peugeot and IBM will use connected car data to develop services and products that other car brands, smart cities and retailers can use. Peugeot Citroën is planning on analysing its driver’s data to help other industries like retailers, smart cities and car dealerships create better services. The carmaker, which claims to have the largest number of connected cars on the road, will work with IBM to create new business opportunities in the automotive distribution, smarter city and retail space. Data could be used to inform road-building decisions within cities, and develop smart communication services to help ease traffic and congestion, for example. Competitor BMW has previously said it would not sell any of its customer’s car data to third companies. Brigitte Courtehoux, PSA Peugeot Citroën’s connected products lead said: “We realised early on that connected vehicles, as part of the Internet of Things, were a key factor in the improvement of the customer experience towards our Brands. “In partnership with IBM, we are unleashing connected services to the masses, so consumers can experience a new level of comfort and convenience from their cars, while industries seize new opportunities to deliver personalised services.” The firms first struck a deal last year, when the carmaker turned to IBM for its Big Data and Analytics tool and MobileFirst Solutions to help provide connected services to drivers, Now, an expanded seven-year agreement will focus on commercialising these services to other customers, and building technology that other clients will benefit from, all marketed from an Innovation Centre in Paris. IBM’s global automotive lead, Dirk Wollschläger said: “Under this partnership with PSA Peugeot Citroën, we are...
Fully patched versions of Firefox, Chrome, IE 11 and Safari exploited at Pwn2Own hacking competition

Fully patched versions of Firefox, Chrome, IE 11 and Safari exploited at Pwn2Own hacking competition

As in years past, the latest patched versions of the most popular web browsers around stood little chance against those competing in the annual Pwn2Own hacking competition. The usual suspects – Apple Safari, Google Chrome, Mozilla Firefox and Microsoft Internet Explorer – all went down during the two-day competition, earning researchers a collective total of $557,500 in prize money. The event, which took place at the CanSecWest conference in Vancouver, was sponsored by the Hewlett-Packard Zero Day Initiative. During the first day, HP awarded $317,500 to researchers that exploited flaws in Adobe Flash, Adobe Reader, Internet Explorer and Firefox. eWeek notes that the first reward, paid to a hacker by the name of ilxu1a, was for an out-of-bounds memory vulnerability in Firefox. It took less than a second to execute which earned him a cool $15,000. Firefox was exploited twice during the event. Daniel Veditz, principal security engineer at Mozilla, said the foundation was on hand during the event to get the bug details from HP. Engineers are already working on a fix back at home, he added, that could be ready as early as today. Another security researcher, JungHoon Lee, managed to demonstrate exploits against Chrome, IE 11 and Safari. As you can imagine, he walked away with quite a bit of money: $75,000 for the Chrome bug, $65,000 for IE and $50,000 for the Safari vulnerability. He also received two bonuses totaling $35,000....
World’s Most Advanced Hackers are in Russia and Eastern Europe

World’s Most Advanced Hackers are in Russia and Eastern Europe

As MD for international markets, LogRhythm’s Ross Brewer is well versed in the latest geographical trends and targets. “Germany is a big target at the moment”, he told Infosecurity. “It is a manufacturing country with amazing IP. It’s a country conscious of monitoring its population too much with a focus on employee privacy, and this is not lost on the hacking community.” German IP is therefore a target and tends to end up in Asia, according to Brewer. As an emerging market, the Middle East positioning itself as ‘the destination’ is also a target, Brewer said. “The biggest threat to Europe comes from Eastern countries where the most experienced, most capable hackers are. The most advanced hackers on the planet reside in Russia and Eastern Europe.” Threats from Asia tend to be less stealthy, however, Brewer declared. “So whilst the most obvious threat comes from Asia, the most real threat comes from East Europe.” LogRhythm’s Brewer also flagged the French market as vulnerable, notably “because they buy all their technology from within France, but forget they’re plugged into a global internet which leaves them exposed.” Brewer also addressed Africa. “As technologies become more pervasive and wireless more common in Africa, there will be increased threat activity. At the moment, the African infrastructure is not on the same level as the rest of the world, with power and technology intermittent, but as that increases, so too will the threat”. “Critical infrastructure is the target now, in every country”, Brewer told Infosecurity. The Pervasive Insider Threat Problem A recent survey of 1000 IT professionals, conducted by OnePoll on behalf of LogRhythm,...
PIRATESNOOP BROWSER UNBLOCKS TORRENT SITES

PIRATESNOOP BROWSER UNBLOCKS TORRENT SITES

As the battle to block user access to the world’s largest torrent sites continues, another website has stepped up to battle censorship. RARBG, one of the most-used torrent sites on the Internet, has just launched PirateSnoop, a free web browser designed to easily skirt web blockades. Blocking of file-sharing related sites is becoming widespread in Europe, particularly so in the UK. In fact, it’s now almost impossible to access a top torrent site from any of the country’s leading ISPs, with the notable exception of OldPirateBay since the site is so new. Users in the United States can’t rest easy either. As reported here in December, the MPAA is working hard to introduce site-blocking by utilizing creative interpretations of existing law. It seems unlikely that Hollywood will stop until it gets its way. It’s becoming clear that Internet users everywhere will need to prepare if they want unfettered access to the Internet. While that can be achieved using premium servicessuch as VPNs, there will always be those looking for a free solution. Today we have news of one such product. In appearance PirateSnoop looks a lot like the popular Chrome browser. In fact the only immediate giveaway that things are a little different is the existence of a small pirate-themed button on the right hand side of its toolbar. Underneath, however, PirateSnoop is based on the freeware web browser SRWare Iron which aims to eliminate some of the privacy-compromising features present in Google Chrome. PirateSnoop is then augmented with special extensions to enable its site unblocking features. PirateSnoop (PS) was created by the team at public torrent site RARBG....
Over 30 vulnerabilities found in Google App Engine

Over 30 vulnerabilities found in Google App Engine

Over 30 vulnerabilities found in Google App Engine Researchers escaped the Java sandbox on the cloud platform and executed code on the underlying system By Lucian Constantin | Published: 09:51, 10 December 2014 Serious vulnerabilities exist in Google App Engine (GAE), a cloud service for developing and hosting Web applications, a team of security researchers has found. The vulnerabilities could allow an attacker to escape from the Java Virtual Machine security sandbox and execute code on the underlying system, according to researchers from Security Explorations, a Polish security firm that found many vulnerabilities in Java over the past few years. “There are more issues pending verification — we estimate them to be in the range of 30+ in total,” wrote Adam Gowdiak, the CEO and founder of Security Explorations, in a post on the Full Disclosure security mailing list that describes his company’s GAE findings. The Security Explorations researchers couldn’t fully investigate all of the issues because their test account on GAE was suspended, likely due to their aggressive probing, he said. Related Articles on Techworld Google App Engine gets Go language, high memory support | Google App Engine cloud platform upgraded | Google App Engine SDK gets multitenancy | Google News to be shut down in Spain ahead of new law Security Explorations sent details about the vulnerabilities and the associated proof-of-concept code to Google on Sunday after being contacted by the company, Gowdiak wrote via email on Tuesday, adding that Google is now analyzing the material. After breaking out of the Java sandbox, which separates Java applications from the underlying system, the Security Explorations team started to...