Podcast Episode Details

Vehicle Infotainment Privacy, Instagram’s Accidental Password Exposure, Firefox Monitor – WB44

---

---

This is your Shared Security Weekly Blaze for November 26th 2018 with your host, Tom Eston. In this week’s episode: Vehicle infotainment privacy, Instagram’s accidental password exposure, and the Firefox monitor data breach notification service.

Silent Pocket is a proud sponsor of the Shared Security Podcast! Silent Pocket offers a patented Faraday cage product line of phone cases, wallets and bags that can block all wireless signals, which will make your devices instantly untrackable, unhackable and undetectable. Use discount code “sharedsecurity” to receive 15% off of your order. Visit silent-pocket.com to take advantage of this exclusive offer.

Hi everyone, welcome to the Shared Security Weekly Blaze where we update you on the top 3 cybersecurity and privacy topics from the week. These podcasts are published every Monday and are 15 minutes or less quickly giving you “news that you can use”.

A new Bluetooth vulnerability and exploit that affects millions of vehicles worldwide, called CarsBlues, was announced by Privacy4Cars founder Andrea Amico. The exploit, which has been disclosed to auto manufactures through the Automotive Information Sharing and Analysis Center (or Auto-ISAC as its also known) can be performed in a few minutes using inexpensive and readily available hardware and software and apparently does not require significant technical knowledge as well.  Information that could be accessed through the vulnerability include stored contacts, call and text logs and text messages. While exact details on the vulnerability have not been released, Privacy4Cars has said that people most vulnerable would be those that may have synched their phones to cars that are no longer under their control like rental cars or leased vehicles. Privacy4Cars, which offers a free mobile app, that shows you how to delete your private data that you may have synced to a car, notes that “industry and consumers alike need to be proactive when it comes to deleting personally identifiable information from vehicle infotainment systems”.

This recent news is a great reminder that we all need to be cautious syncing our phones and devices to our car. Especially when we’re syncing our phones to rental cars or we’re in situations where we may be dropping our cars off for repair. I know I’ve noticed that when simply plugging in my phone to the built in USB charger in a rental car, the infotainment system will often times automatically sync your contacts and text messages. If you’re not familiar with how to delete your synced information or if you need to find out how to reset the cars infotainment system, check out the Privacy4Cars app which we have linked in the show notes for this episode.

Edgewise Networks is the first zero trust platform that stops data breaches by allowing only verified software to communicate in your cloud and data center.

Micro segmentation projects can be costly and difficult, but Edgewise offers a new approach: zero trust segmentation. Without any changes to your network environment, Edgewise puts your data at the heart of your security strategy, giving you:

• Visibility into workload communication pathways;
• Security policies built on the cryptographic fingerprint of the software;
• The ability to apply policies and segment your networks in one click; and
• A way to continuously monitor and assess risk.

Edgewise recommends policies based on the identity of your software, and stops attackers’ lateral movements by requiring authentication and authorization with every workload communication. Visit edgewise.net to learn how Edgewise can eliminate network attack surface, stop lateral movement,

---

Published on 7 years, 1 month ago