Security Breaks – Weekly News Edition cover art

Security Breaks – Weekly News Edition

Security Breaks – Weekly News Edition

Listen for free

View show details

About this listen

In this episode, Kate dives into the latest automotive cybersecurity headlines — from wireless tire pressure monitoring vulnerabilities to supplier ransomware and SBOM validation breakthroughs. She unpacks critical issues affecting OEMs, Tier 1 suppliers, and dealerships, while highlighting the real-world implications of Bluetooth Low Energy attacks, supply chain risks, and continuous software validation.

Whether you’re an engineer, cybersecurity practitioner, or dealership IT lead, this episode delivers a fast-paced, expert breakdown of what’s shaping the automotive security landscape right now.

Key Takeaways
  • TPMS (Tire Pressure Monitoring Systems) still transmit unencrypted signals, leaving room for spoofing and tracking vulnerabilities.
  • Supplier cyber incidents, such as those impacting Jaguar Land Rover, show how attacks ripple through the entire automotive supply chain.
  • Bluetooth Low Energy (BLE) weaknesses continue to expose vehicles to unauthorized access — secure pairing and token rotation are essential.
  • Ransomware groups like Akira are increasingly targeting distributors and service providers within the automotive ecosystem.
  • Continuous SBOM validation and integration with threat intelligence are key to proactive risk management under ISO/SAE 21434 and UNECE R155.
  • Machine learning intrusion detection systems (IDS) show promise but require realistic datasets and careful tuning to avoid false positives.

Quotes“Safety signaling that can be faked is a problem. When drivers start to ignore warnings, we’ve already lost the battle.”
“If your dealer network still relies on flat networks because printers — this is your sign to fix that.”
“Your SBOM program isn’t about paperwork. It’s about knowing what’s in your software so you can fix what matters.”
Timestamps

(01:29) Wireless threats to tire pressure monitoring systems (TPMS)

(06:00) Supplier cyberattacks disrupting Jaguar Land Rover’s production

(08:30) Pen Test Partners’ guide to hacking Bluetooth Low Energy

(11:00) Ransomware attack on Harbor Diesel & Equipment

(13:42) Advances in SBOM validation and continuous vulnerability management

(17:25) Machine learning intrusion detection for the Internet of Vehicles

(20:32) Practical takeaways for OEMs, suppliers, and dealerships

(23:50) Community questions and call for industry collaboration

Referenced Links
  • Automotive Cybersecurity Standards: ISO/SAE 21434
  • UNECE Regulation No. 155 – Cybersecurity and Cybersecurity Management Systems
  • UNECE Regulation No. 156 – Software Updates
  • Pen Test Partners – Practical Guide to Hacking BLE
  • Ransomware.live – Akira Group Listing
  • Kaspersky: A Decade of Vehicle Hacks Report

Please Leave Us a Rating and Review

If you enjoyed this
No reviews yet
In the spirit of reconciliation, Audible acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.