Is Your Car a BYOD Risk? Researchers Demonstrate How www.darkreading.com/vulnerabi…

Bring your own device (BYOD) threats continue to expand, as researchers have demonstrated that even the car you drive to work can constitute an initial access vector into a corporate network.

At BSides NYC on Oct. 18, Threatlight chief technology officer (CTO) and co-founder Tim Shipp detailed a proof-of-concept (PoC) attack chain that began in a parked car and ended in corporate Linux servers and ESXi hypervisors. Call it a BYOC — a bring-your-own-car attack. And it required only a few cheap gadgets.

The key (pun intended) was the driver’s phone — using the car to reach the phone, then using the phone to reach the company’s network.