OPENLANE Canada A.I CyberSecurity Scoring
09/12/2025
Access Monitoring Plan
Access Monitoring Plan
No incidents recorded for OPENLANE Canada in 2026.
No incidents recorded for OPENLANE Canada in 2026.
No incidents recorded for OPENLANE Canada in 2026.
In a world of constant motion, life is about balance. At Dana, our balanced approach considers the people, products, and planet that sustain us all. For 120 years, we've been powering innovation to move our world. Today, over 25,000 Dana people, in more than 20 countries, advance drive and motion systems, thermal and sealing technologies, and power management innovations. Supporting traditional, hybrid, and EV manufacturers, wherever the road takes us. We're not just adapting to the future of mobility. We're shaping it. Headquartered in Maumee, Ohio, United States — Dana reported sales of $7.7 billion in 2024. We were named among the "World's Most Ethical Companies 2025” by Ethisphere and as one of "America's Most Responsible Companies 2023" by Newsweek. We’re always looking for talented people to join the Dana team. For more, please visit https://jobs.dana.com.
Our storied and iconic brands embody the passion of their visionary founders and today’s customers in their innovative products and services: they include Abarth, Alfa Romeo, Chrysler, Citroën, Dodge, DS Automobiles, Fiat, Jeep®, Lancia, Maserati, Opel, Peugeot, Ram, Vauxhall and mobility brands Free2move and Leasys. Powered by our diversity, we lead the way the world moves – aspiring to become the greatest sustainable mobility tech company, not the biggest, while creating added value for all stakeholders as well as the communities in which we operate.
At Cummins, we empower everyone to grow their careers through meaningful work, building inclusive and equitable teams, coaching, development and opportunities to make a difference. Across our entire organization, you'll find engineers, developers, and technicians who are innovating, designing, testing, and building. You'll also find accountants, marketers, as well as manufacturing, quality and supply chain specialists who are working with technology that's just as innovative and advanced. From your first day at Cummins, we’re focused on understanding your talents, current skills and future goals – and creating a plan to get you there. Your journey begins with planning your development and connecting to diverse experiences designed to spur innovation. From our internships to our senior leadership roles, we attract, hire and reward the best and brightest from around the world and look to them for new ideas and fresh perspectives. Learn more about #LifeAtCummins at cummins.com/careers.
Bridgestone Americas, Inc. (BSAM), headquartered in Nashville, Tennessee, and Bridgestone Europe, Middle East and Africa (BSEMEA), headquartered in Brussels, Belgium, operate collectively as a “Bridgestone West” strategic region. This region services the strategic business needs of teams across the Americas, Europe, Middle East and Africa. BSAM and BSEMEA are subsidiaries of Bridgestone Corporation, globally headquartered in Japan. Bridgestone and its subsidiaries develop, manufactures and markets a diverse portfolio of original equipment and replacement tires, tire-centric solutions, mobility solutions and other rubber-associated and diversified products that deliver social and customer value. These best-in-class offerings are sold to consumers and fleet customers around the world under the trusted Bridgestone and Firestone brand names. With more than 50 production facilities and 55,000 employees, the Bridgestone Americas (BSAM) enterprise spans from Canada to Argentina. Business units of Bridgestone Americas include Bridgestone Retail Operations, the world’s largest network of company-owned retail tire and automotive service centers; Bandag, a leader in commercial tire retreading worldwide and Firestone Industrial Products, a leading provider of technologically advanced air springs for commercial and passenger vehicle applications. At Bridgestone, you are Free to Be We believe people can only provide superior service and quality to others when they bring their whole self to work. We believe in championing all perspectives, individuals and teams because we understand the importance of seeing the world and our business through many different lenses. We are building a team as diverse as the world we serve. So, show us what you are made of, because who you are is what we need. To view our terms of use, visit https://www.bridgestoneamericas.com/en/terms-of-use.
General Motors’ vision is to create a world with Zero Crashes, Zero Emissions and Zero Congestion, and we have committed ourselves to leading the way toward this future. Today, we are in the midst of a transportation revolution, and we have the ambition, the talent and the technology to realize the safer, better and more sustainable world we want. As an open, inclusive company, we’re also creating an environment where everyone feels welcomed and valued for who they are. One team, where all ideas are considered and heard, where everyone can contribute to their fullest potential, with a culture based in respect, integrity, accountability and equality. Our team brings wide-ranging perspectives and experiences to solving the complex transportation challenges of today and tomorrow. For information on the GM Privacy Statement, please visit http://www.gm.com/privacy-statement.html
Everything we do starts with people. Our purpose is to provide freedom to move, in a personal, sustainable and safe way. We are committed to simplifying our customers’ lives by offering better technology solutions that improve their impact on the world and bringing the most advanced mobility innovations to protect them, their loved ones and the people around them. Volvo Cars’ continued success is the result of a collaborative, diverse, and inclusive working environment. The people of Volvo Cars are committed to making a difference in our world. Today, we are one of the most well-known and respected car brands, with over 40,000 employees across the globe. We believe in bringing out the best in each other and harnessing the true power of people. At Volvo Cars your career is designed around your talents and aspirations so you can reach your full potential. Join us on a journey of a lifetime as we create safety, autonomous driving and electrification technologies of tomorrow. Read about our privacy policy here: http://volvoca.rs/privacy
Daimler AG is one of the biggest producers of premium cars and the world’s largest manufacturer of commercial vehicles with a global reach. The Daimler Group has divisions including Mercedes-Benz Cars, Daimler Trucks, Mercedes-Benz Vans, Daimler Buses and Daimler Financial Services. As a pioneer of automotive engineering, we continue to shape the future of mobility today: Our focus is on innovative and green technologies as well as on safe and superior automobiles that appeal to and fascinate our customers. Today, we are one of the world’s most successful automotive companies. Further information and career opportunities can be found on: http://www.daimler.com/career/job-search/locations/
Honda Cars India Ltd. (HCIL), a leading manufacturer of premium cars in India, was established in December 1995 with a commitment to provide Honda’s passenger car models and technologies, to the Indian customers. HCIL’s corporate office is based in Greater Noida, UP and its state-of-the-art manufacturing facility is located at Tapukara, District. Alwar, Rajasthan. Honda’s models are strongly associated with advanced design and technology, apart from their established qualities of durability, reliability, safety, and fuel-efficiency. The company has a strong sales and distribution network spread across the country. Besides the new car business, Honda offers one stop solution for buying and selling pre-owned cars through its business function Honda Auto Terrace. The Honda Certified Pre-owned cars come with an assurance of quality and peace of mind that caters to the diverse and burgeoning needs of pre-owned car buyers across the country.
We’re united by one purpose: to be the most trusted partner and the best manufacturer and distributor to the transportation industry. And we’re doing it by leaning into the one thing no one can copy: our culture — our sustainable competitive advantage. The Tenneco Way combines our Core Values, our mindset, and our commitment to developing ourselves and our teams. It’s how we create opportunities for our employees, deliver excellence for our customers, and build the capability that drives our future success. This is how we win. This is how we lead. This is The Tenneco Way. Learn more at Tenneco.com.
Latest updates, reports, and threat intel affecting the global network.
On November 18, 2025, OPENLANE, Inc. and its subsidiary AFCI amended their Canadian Receivables Purchase Agreement, increasing the program...
Carmel-based OpenLane announced Monday that it plans to acquire Manheim Canada from Atlanta-based Cox Automotive in a $95 million deal...
Christine Collins, Director of Incident Response and Investigations and co-lead of LGBTQ+ at OPENLANE, chats with us about PRIDE,...
Zephyr's HTTP server (subsys/net/lib/http) provides a static-filesystem resource type (HTTP_RESOURCE_TYPE_STATIC_FS, available when CONFIG_FILE_SYSTEM is enabled) that serves files from a configured root directory. Before this fix, both the HTTP/1 and HTTP/2 front-ends placed the raw, attacker-controlled request path into client-url_buffer (assembled in on_url() for HTTP/1 and copied verbatim from the :path pseudo-header for HTTP/2) without resolving ./.. segments. The static-FS handler then built the on-disk filename by directly concatenating the configured root with that raw URL (snprintk(fname, ..., "%s%s", static_fs_detail-fs_path, client-url_buffer) at http_server_http1.c:603 and http_server_http2.c:490) and opened it with fs_open(fname, FS_O_READ). Because the handler is reached via wildcard/leading-dir (fnmatch FNM_LEADING_DIR) or fallback resource matching, a request such as GET /<prefix/../../<file is dispatched to the handler and, after the underlying filesystem (e.g. LittleFS/FAT) resolves the .. segments, escapes the configured web root, letting an unauthenticated remote client read arbitrary readable files on the mounted volume (information disclosure). The HTTP server requires no TLS or authentication to reach this path. The fix adds http_server_remove_dot_segments(), which canonicalizes the path portion of the URL before resource lookup in both protocol handlers, neutralizing the traversal. Affects releases v4.0.0 through v4.4.0 for deployments that register a static-filesystem resource.
The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6_nbr.c (handle_ra_input, handle_ns_input, handle_na_input) used an incorrect boolean expression that combined the RFC 4861 validity checks with the ICMPv6 code check using the wrong operator precedence: the form was '((length/hop/source/target checks) && (icmp_hdr-code != 0))'. Because every legitimate ND message carries ICMPv6 code 0, an attacker setting code == 0 (the normal value) caused the entire predicate to evaluate false, so the packet was never dropped and all of the other checks were silently skipped. The bypassed checks include the mandatory Hop Limit == 255 verification (which proves an ND packet originated on-link and was not forwarded) and, for Router Advertisements, the requirement that the source be a link-local address, as well as multicast-target sanity checks. As a result, an adjacent on-link attacker — and, because the Hop-Limit-255 guard is bypassed, potentially a remote/off-link attacker whose packets would otherwise be rejected — can have forged Router Advertisement, Neighbor Solicitation, and Neighbor Advertisement messages accepted. A forged RA lets the attacker reconfigure the victim's default router, on-link prefixes (SLAAC), MTU, reachable/retransmit timers, and (with CONFIG_NET_IPV6_RA_RDNSS) DNS servers, while forged NS/NA enable neighbor-cache poisoning, enabling man-in-the-middle, traffic redirection, and denial of service. The flaw is an input-validation/authentication weakness rather than a memory-safety issue: the underlying packet-parsing primitives (net_pkt_get_data, net_pkt_read, net_pkt_skip) are independently bounds-safe and the validated 'length' is the true buffer length, so skipping the length check causes no out-of-bounds access. The defect has existed since the logic was introduced in 2018 and shipped in all releases through v4.4.0; it is fixed by splitting the condition so any failing check drops the packet.
A heap buffer overflow in the HighPriorityASDUQueue_hasUnconfirmedIMessages function of lib60870 v2.3.3 to v2.3.6 allows attackers to cause a Denial of Service (DoS) via a crafted payload.
A heap buffer overflow in the TS7Worker::PerformFunctionWrite() function (/core/s7_server.cpp) of snap7 v1.4.3 allows attackers to cause a Denial of Service (DoS) via a crafted packet.
mcumgr_serial_process_frag() in subsys/mgmt/mcumgr/transport/src/serial_util.c calls net_buf_reset() on the result of smp_packet_alloc() before checking it for NULL. smp_packet_alloc() uses net_buf_alloc(K_NO_WAIT) against the shared MCUmgr packet pool (CONFIG_MCUMGR_TRANSPORT_NETBUF_COUNT, default 4), which returns NULL when the pool is exhausted. In default builds the __ASSERT_NO_MSG in net_buf_reset is a no-op, so net_buf_simple_reset writes through the NULL pointer (buf->len = 0; buf->data = buf->__buf), causing a fault/crash. The fragment data reaches this code from attacker-controlled bytes on the MCUmgr serial/UART/shell-console transports (smp_uart.c, smp_raw_uart.c, smp_shell.c), and a fresh buffer is allocated at the start of essentially every new packet. An attacker on the serial/console link can flood the transport to drive the 4-entry buffer pool to exhaustion and induce the NULL dereference, crashing the device (denial of service). The defect was introduced after the original MCUmgr rework and shipped in Zephyr v4.4.0. The fix moves the NULL check ahead of net_buf_reset.
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.