Brier & Thorn Germany, GmbH

04/09/2018

"Even discourse, even a poetic or oracular sentence, carries with it a system of rules for producing analogous things and thus an outline of

21/08/2018

Read my new article on why the biggest mistake you can make is replacing your current vendor because of their mistakes. http://bit.ly/2wfU9g9

John Wooden once said, if you're not making mistakes, then you're not doing anything. I'm positive that a doer makes mistakes." Over the past eight

31/07/2018

I've return with a new on the rise of women in cybersecurity and what soft skills make us particularly effective cybersecurity engineers and hackers. http://bit.ly/2KaQh56 "If you can't handle her fire, let someone else enjoy the flames." -Anonymous

"If you can't handle her fire, let someone else enjoy the flames." -Anonymous In 1903, the first known circumvention of security controls was when

24/07/2018

This week's new article on the Hitchhiker's Guide to Hacking Connected Cars series exploits a using a rogue BTS. We also walk through connecting the rogue BTS to a legitimate cellular network to enable OTA between the automaker and TCU. http://bit.ly/2JTbYX5

In our previous article, we set up and configured our rogue BTS with the preparation of our jump kit. Now, we’ll discuss exploitation. This will

24/07/2018

This week's new article on the Hitchhiker's Guide to Hacking Connected Cars series exploits a using a rogue BTS. We also walk through connecting the rogue BTS to a legitimate cellular network to enable OTA between the automaker and TCU. http://bit.ly/2JTbYX5

17/07/2018

Presenting a new chapter in the Hitchhiker's Guide to Hacking Connected Cars series: The Devil in the Details of TCU Init Scripts. Vulns created by typos and seq errors in the init scripts of different OEM TCUs

A dissection of attacks resulting from faulty logic in the writing of init scripts in Telematics Control Units "Son, the greatest trick the Devil

13/07/2018

LeetSpeak Episode 4: Alissa Knight Reviews Security Information and Event Management (SIEM) solutions and does an AlienVault USM and USM Anywhere, Product Review

Alissa Knight does a thorough review of AlienVault USM/USM Anywhere following their recent acquisition announcement by AT&T. Alissa decomposes the AlienVault ecosystem, helping you better understand what USM/USM Anywhere is; the agent-server-logger architecture, and its recent move to support federa...

10/07/2018

This week's article in my Hitchhiker's Guide to Hacking Connected Car Series: Hacking Connected Cars through an Evil Twin Attack.

Introduction In today's connected car, WiFi is becoming more common of a communication medium for components within the in-vehicle network to

03/07/2018

Alissa Knight is back in a new article in her Hitchhiker's Guide to Hacking Connected Cars series, this time on performing threat modeling of TCUs and HUs using the HEAVENS threat modeling framework in the connected car landscape http://bit.ly/2tRE2F7

Threat Modeling The purpose of performing an IT risk assessment of a TCU or HU is to identify, quantify, and prioritize identified risks in an effort

28/06/2018

Alissa Knight kicks off the Build IoT security conference in Cologne, Germany. Watch her full keynote presentation on risk assessment frameworks and threat models for connected cars: http://bit.ly/2KukMEa

Alissa Knight's keynote presentation to kick off the conference on performing risk assessments against connected cars and autonomous vehicles. In her present...

26/06/2018

Alissa Knight's new weekly article in the Hitcher's Guide to Hacking Connected Cars series decomposes 5G and its implications on connected cars and cybersecurity.

"The most exciting breakthroughs of the 21st century will not occur because of technology, but because of an expanding concept of what it means be

15/06/2018

Read Alissa Knight's second article in her series on hacking connected cars: ECUs Demystified. Learn from the "Oracle of Connected Car Security" herself in her new series The Hitchhiker's Guide to Hacking Connected Cars, based on her upcoming book.

“Tell me and I forget, teach me and I may remember, involve me and I learn.” ― Benjamin Franklin History of Electronic Control Units In 1769, the