Tag Archive for: Stations

Israeli protesters block highways, train stations as Netanyahu moves ahead with judicial overhaul

/in


JERUSALEM — Tens of thousands of protesters on Tuesday blocked highways and train stations and massed in central Tel Aviv during a day of countrywide demonstrations against Prime Minister Benjamin Netanyahu’s contentious judicial overhaul plan.

The protests, now in their seventh month, have taken on a sense of urgency in recent days as Netanyahu and his allies in parliament march ahead with the program. The first bill in the package – a measure that seeks to limit the Supreme Court’s oversight powers – could become law as soon as next week.

The unrest also cast a shadow over a visit to the White House by Israel’s figurehead president, Isaac Herzog, who was invited to Washington to celebrate Israel’s 75th anniversary.

Herzog, a political centrist, has been involved in behind-the-scenes efforts to broker a compromise on the judicial overhaul, which has strained relations between Netanyahu and President Joe Biden.

In a meeting with Biden in the Oval Office, Herzog acknowledged that Israel was “going through a heated debate as a society.” But he said that debate shows that Israeli society is “strong and resilient.” He added that the country should seek an “amicable consensus.”

Biden, who has criticized the overhaul plan, said that the U.S. commitment to Israel was strong and the bond between the two countries was “unbreakable.”

Netanyahu and his allies say the overhaul is needed to rein in the powers of an unelected judiciary – particularly the Supreme Court – that they believe is overly interventionist in government decisions.

Their opponents, representing a wide cross section of Israeli society, say the plan is a power grab by Netanyahu and his ultranationalist and ultra-Orthodox allies that will destroy the country’s fragile system of checks and balances. They also say the prime minister, who is on trial for corruption charges, and his allies are motivated by various grievances against the justice system.

Late Tuesday, protesters thronged outside the U.S. diplomatic offices, packed the central square of Tel Aviv and crippled the city’s main highway. Police on horseback galloped among the crowds, trying to clear them away.

Earlier, protesters gathered…

Source…

UTSA researcher part of team protecting EV charging stations from cyberattacks | UTSA Today | UTSA

/in


Bou-Harb and his fellow researchers wanted to explore the real-life implications of cyberattacks against EV charging systems and how to utilize cybersecurity countermeasures to mitigate them. His team also assessed how exploited systems can attack critical infrastructure such as the power grid.

“Electrical vehicles are the norm nowadays. However, their management stations are susceptible to security exploitations,” said Bou-Harb, who is an associate professor in the Carlos Alvarez College of Business’ Department of Information Systems and Cyber Security. “In this work, we endeavored to uncover their related security weaknesses and understand their consequences on electrical vehicles and the smart grid while providing recommendations and sharing our findings with relevant industry for proactive security remediation.”

The team identified 16 electrical vehicle charging managing systems, which they divided into separate categories such as firmware, mobile, and web apps. They performed an in-depth security analysis on each one.

“We devised a system lookup and collection approach to identify a large number of electrical vehicle charging systems, then leveraged reverse engineering and white-/black-box web application penetration testing techniques to perform a thorough vulnerability analysis,” Bou-Harb said.

The team discovered a range of vulnerabilities amongst the 16 systems and highlighted the 13 most severe vulnerabilities such as missing authentication and cross-site scripting. By exploiting these vulnerabilities, attackers can cause several issues, including manipulating the firmware or disguising themselves as actual users and accessing user data.

According to a recent white paper study by the researchers, “while it is possible to conduct different attacks on various entities within the electrical vehicle ecosystem, in this work, we focus on investigating large-scale attacks that have severe impact on the compromised charging station, its user and the connected power grid.”

During this project, the team developed several security measures, guidelines and best practices for developers to mitigate cyberattacks. They…

Source…

New Flaws Expose EVlink Electric Vehicle Charging Stations to Remote Hacking

/in


Schneider Electric has patched several new vulnerabilities that expose its EVlink electric vehicle charging stations to remote hacker attacks.

Schneider announced the availability of patches on December 14, when it urged customers to immediately apply patches or mitigations. The flaws have been found to impact EVlink City (EVC1S22P4 and EVC1S7P4), Parking (EVW2, EVF2 and EVP2PE) and Smart Wallbox (EVB1A) devices, as well as some products that have reached end of life.

The vendor has credited researcher Tony Nasr for finding a total of seven vulnerabilities in these charging stations, including one critical and five high-severity issues.

The security holes include cross-site request forgery (CSRF) and cross-site scripting (XSS) bugs that can be exploited to carry out actions on behalf of a legitimate user, and a weakness that can be leveraged to gain access to a charging station’s web interface via brute-force attacks. The most serious issue — based on its CVSS score of 9.3 — is a server-side request forgery (SSRF) vulnerability.

EVlink electric vehicle charging station vulnerabilitiesSchneider warned that failure to take action could lead to “tampering and compromise of the charging station’s settings and accounts.”

“Such tampering could lead to things like denial of service attacks, which could result in unauthorized use of the charging station, service interruptions, failure to send charging data records to the supervision system and the modification and disclosure of the charging station’s configuration,” the industrial giant wrote in its advisory.

The company noted that exploitation of the vulnerabilities requires physical access to the system’s internal communication port, but admitted that attacks can also be launched from the local network and even the internet if the charging station is accessible from the web.

“The exploitation of Internet-connected charging stations does not require having access to the LAN, therefore making the attack vector very powerful and effective,” Nasr told SecurityWeek. “In this case, the adversary would perform Internet-wide scans to search for viable EVCS [electric vehicle charging stations] before attempting to exploit their vulnerabilities. However, it should be noted…

Source…

Iran says cyberattack on gas stations meant to ‘disrupt lives’

/in


Massive cyberattack on Iran’s gas stations on Tuesday created shockwaves.

A day after a massive cyberattack disrupted the country’s fuel distribution system, Iranian President Ebrahim Raisi called for robust measures to “anticipate and prevent” such attacks.

Addressing a Cabinet meeting in Tehran on Wednesday, Raisi said the aim of the attack was to “disrupt people’s lives,” adding that preventing such attacks is essential.

He also urged the Oil Ministry to take necessary action to “compensate people” for the disruption caused by the attack.

After the meeting, Raisi accompanied by other senior officials visited the ministry to review a probe into the attack and its causes.

The attack took place around 11 am on Tuesday, causing widespread disruption and chaos at gas stations across Iran. It targeted the software that supports a smart card payment for subsidized fuel, used widely in Iran.

Initially, officials attributed the malfunction to “technical glitches”, but hours later it was confirmed to be a high-intensity cyberattack.

No group has so far claimed responsibility for it. Importantly, the attack came on the heels of the anniversary of November 2019 protests in Iran over fuel price hikes.

Without naming anyone, Raisi said attempts are being made to make people angry by sowing disorder and disruption.

“The purpose of this action was to disrupt people’s lives so that they can achieve their specific goals,” he asserted, without elaborating.

Raisi said Iran must be “fully prepared” to deal with cyber warfare and to “prevent the enemy from creating problems” in people’s lives.

Iran has been hit by a series of cyberattacks in recent years, mostly targeting nuclear facilities, petroleum factories, railway stations, and ports.

Officials have on many occasions blamed Israel for the attacks.

Source…