What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-01-31 01:03:00 | Tesla Moves to Build the Model Y After a Gangbusters 2018 (lien direct) | Elon Musk's car company just announced its second profitable quarter in a row, but keeping the momentum going requires more focus on costs, and a move overseas. | Tesla | ||
|
2019-01-20 14:00:00 | Tesla\'s Cost-Cutting Layoffs and More This Week in Car News (lien direct) | Elon Musk prepares for lean times, news from CES and the Detroit Auto Show, and more in the future of cars. | Tesla | ||
|
2019-01-19 01:26:04 | Tesla Investors Suing Musk Can Subpoena Azealia Banks and Grimes (lien direct) | Shareholders are suing Elon Musk over that "taking Tesla private" tweet, and just got the right to subpoena Banks and Grimes. | Tesla | ||
|
2019-01-18 22:46:05 | Tesla Lays Off 3,000 Workers in Cost-Cutting Effort (lien direct) | CEO Elon Musk says the layoffs will help the electric car maker as it leans into the tough job of building mass-market cars. | Tesla | ||
 |
2019-01-16 14:59:04 | Car and almost $1m on offer for Tesla Model 3 hacks (lien direct) | >The electric car maker is raising the ante in automotive security, putting one of its swanky models as a target at a hacking contest | Tesla | ||
 |
2019-01-16 09:59:03 | NVIDIA Tesla T4 GPUs in Beta on the Google Cloud Platform (lien direct) | The Google Cloud Platform is the first cloud vendor to provide its customers with access to NVIDIA's professional Tesla T4 GPU, via a beta program with instances available for customers from Brazil, India, Netherlands, Singapore, Tokyo, and the United States. [...] | Tesla | ||
 |
2019-01-15 14:10:02 | Huge prizes up for grabs for anyone who can hack a Tesla (lien direct) |  This year, for the first time ever, a popular car will be amongst the products hackers will be trying to exploit at the Pwn2Own contest.
Read more in my article on the Hot for Security blog.
|
Hack | Tesla | |
 |
2019-01-14 22:51:04 | A security conference will let you hack a Tesla car and earn cash prizes (lien direct) | Pwn2Own CanSecWest organizers will have a car on-site and let security researchers try their luck. | Hack | Tesla | |
|
2019-01-13 14:00:00 | CES\'s Flying Taxis, and More of This Week\'s Car News (lien direct) | A Hyundai with legs, a Tesla Model S robot death stunt, and all the happenings out of Vegas that you missed. | Tesla | ||
|
2019-01-12 13:00:00 | A Flying Tesla? Sure! We Calculate the Power Demands (lien direct) | Elon says he'd use SpaceX propulsion tech to make a Roadster take flight, and we have thoughts. | Tesla | ||
|
2019-01-09 02:29:04 | A Tesla-Robot \'Crash\' Stunt Shows We Need Robocar Schooling (lien direct) | The seemingly hoax-y death of 'Promobot' is a handy justification for the newly launched Partnership for Automated Vehicle Education. | Tesla | ||
|
2019-01-06 18:01:05 | Tesla\'s Price Cut, and More Car News From This Week (lien direct) | Plus, New York cancels a much-hyped subway shutdown, self-driving cars have an interesting 2018, and we ride an odd, three-wheeled electric vehicle. | Tesla | ||
|
2019-01-02 23:43:02 | Tesla\'s $7,500 Tax Credit Goes Poof, But Buyers May Benefit (lien direct) | To offset the phase-out of the federal tax credit, Tesla cut the price of its cars by $2,000-which might be better for some buyers. | Tesla | ||
|
2018-12-30 15:00:00 | The Best Tech Quotes of the Year (lien direct) | Fourteen memorable lines, from an ethicist ruing the use of CRISPR to edit a baby's genes, to Elon Musk's "plan" to take Tesla private. | Tesla | ||
 |
2018-12-27 16:37:03 | La Tesla Model 3 rootée (lien direct) | Le hacker Trsohmers a mis en ligne sur Reddit, une petite vidéo dans laquelle on peut voir l’ordinateur de bord de la Tesla totalement rootée, avec une distrib Ubuntu et tout ce qui va avec. C’est trop cool 🙂 Et évidemment, en regardant cette vidéo, j’ai une petite pensée pour … Suite | Tesla | ||
|
2018-12-24 12:00:00 | Forget Elon Musk\'s Troubles-Tesla Had a Blockbuster 2018 (lien direct) | Look past the CEO's antics, and it's clear the automaker spent the year clearing major, long-standing hurdles. | Tesla | ||
|
2018-12-19 05:50:03 | Elon Musk Unveils the Boring Company\'s Car-Flinging Tunnel (lien direct) | The Tesla and SpaceX CEO showed off the details of his latest scheme to slay traffic. | Tesla | ||
|
2018-12-16 14:00:00 | Inside Elon Musk\'s Production Hell and More This Week in Cars (lien direct) | We go deep into the Tesla CEO's very difficult past few years, hop aboard a self-driving truck, ogle Aston Martin's hypercar, and more. | Tesla | ||
|
2018-12-13 11:00:00 | Dr. Elon & Mr. Musk: Life Inside Tesla\'s Production Hell (lien direct) | Unfettered genius. Unpredictable rages. Here's what it was like to work at Tesla as Model 3 manufacturing ramped up and the company's leader melted down. | Guideline | Tesla | |
|
2018-12-11 01:18:03 | Elon Musk Abuses Tesla Autopilot on *60 Minutes* (lien direct) | By ignoring his company's instructions, Musk risked making the public even more confused about how to safely use the semi-autonomous system. | Tesla | ||
|
2018-12-09 14:00:00 | Waymo\'s Self-Driving Launch, and More This Week in Cars (lien direct) | But the announcement came with serious caveats. Plus: Tesla's Autopilot, May Mobility, and scooters. | Tesla | ||
 |
2018-12-06 14:00:00 | Password Stealers Aren\'t Letting up Any Time Soon (lien direct) | Password security has always been a challenge. Brute force attacks are constantly getting more powerful, but they aren’t the only threat you have to worry about. A range of password stealing malware continues to grow in popularity. One example, Agent Tesla, has seen its detection rate grow 100% in just three months, according to data from LastLine. Despite this rapid growth, Agent Tesla is far from the most popular. That title goes to Pony, which represents 39% of the total password stealer detections, according to Blueliv’s 2018 report, The Credential Theft Ecosystem. LokiPWS and KeyBase trailed Pony at 28% and 16%, respectively. These password stealers are each capable of stealing credentials and other information from a wide variety of programs. Each is unique with its own techniques for delivery and a range of features that hackers can use to mount attacks. Despite the differences, each of these programs can have severe impacts on their victims. The negative impacts can range from having all of the money stolen from an individual’s accounts, to the theft of a company’s intellectual property. The key features of some of the most common password stealers are listed below: Agent Tesla Like most password stealers, Agent Tesla can access a wide variety of your information, ranging from your credentials to your keystrokes. It can even take screenshots and videos from your device’s camera. Agent Tesla targets a number of major programs, including web browsers, email clients, FTP applications and other commonly used software. Once Agent Tesla has been installed on a target’s computer, it can also be used to download other malware. This feature allows threat actors to intensify their attacks and make them even more devastating. Its pricing shows that the malware industry hasn’t been left behind in the X-as-a-service boom, because it is available as part of a plan that starts from $15 per month. This price includes all the 24/7 support someone might need to assist them in their criminal endeavors. Of course, payments are made in Bitcoin. Despite running what must have been an incredibly profitable business, Agent Tesla’s creators have recently posted an update stating it will crack down on illegal use of the program. Under its terms of service, it declares that the software must only be used within the law, but features such as anti-antivirus throw these intentions into question. Due to the recent media attention that Agent Tesla has received, the developers will strip some of its more questionable features, such as anti-antivirus and webcam capture. They also claim to be banning those who are using the program maliciously. Only time will tell whether the creators are sincere, or if this is merely an attempt to keep the authorities from knocking down their doors. Pony Pony is currently the most popular password stealer, but it’s certainly not new. In the past, it has been used to control a number of enormous botnets, which by 2013 had already stolen more than two million credential sets. In 2014, it involved into a series of attacks that stole $200,000 worth of cryptocurrencies, as well as 700,000 sets of credentials. In recent years, Pony has seen prominence as a loader alongside other malware, such as CryptoWall and Angler. These programs, a type of ransomware and an exploit kit, respective | Malware Threat | Tesla | |
|
2018-12-04 01:27:04 | A Sleeping Tesla Driver Highlights Autopilot\'s Biggest Flaw (lien direct) | California Highway Patrol officers used a clever trick to stop a Tesla going 70 mph with a sleeping man at the wheel. | Tesla | ||
|
2018-11-28 14:00:00 | IAM and Common Abuses in AWS (lien direct) |
This is the first of a 4 part blog series on security issues and monitoring in AWS.
Identity and Access Management (IAM) in AWS is basically a roles and permissions management platform. You can create users and associate policies with those users. And once those users are established you get set of keys (access key and a secret key), which allow you to then interact with an AWS account.
So, it's kind of like having a card key into the data center, and if you get into the data center, you have physical access to assets and you can do a bunch of things - in the AWS world there is no physical access to a data center therefore you can create keys and an API and you can interact with the API to do the same things that you would do in a physical environment, like physically racking servers in a data center.
Common IAM risks are associated with folks getting a hold of, for example, a set of keys that have some policy associated with them that enables an attacker to get into the environment and do some potentially risky stuff.
Following are a couple examples:
EC2 instance creation or deletion. This is fairly common and relatively easy to do compared with the other examples. If somebody gets a hold of a set of keys that allows them to create EC2 instances in your AWS account, that’s the first thing they're going do. There are a lot of bots out there looking for this access, and if a bot finds a set of keys that allows it to start interfacing with EC2, it's going to spin up a bunch of instances - likely to start mining cryptocurrency.
This actually happened to Tesla, a pretty good sized company with quite a few resources to allocate to securing their infrastructure. There are many examples in the news about keys getting published to GitHub inadvertently, and there are bots out there scraping GitHub looking for access keys and the second they find them they’re in your AWS account seeing what they can do.
Another scenario is roles that do automated things, like take RDS snapshots or EBS snapshots. The attacker might abuse the automated process to back up various resources like EBS or an RDS database.
If an attacker gets access to that role or the keys associated with it and takes snapshots of these resources, they can deploy a new RDS database based on the snapshot. And when they do that they get to reset the passwords associated with the database. So now they've got access to all of your data without actually having to have the passwords required on the RDS instance.
It's the same thing with the EBS (Elastic Block Store) snapshot. If somebody is able to take a snapshot, basically of a hard drive in AWS, they can launch a new instance connected to that block store and do some interesting things with it.
For example, assuming they’re able to create an SSH key pair in your account, they could launch a new instance from the snapshot and assign their key pair to the instance, giving them full access to the data of the original instance. If they can’t create SSH keys in your account, they might try to mount the snapshot to an existing instance they can already access.
Basically this is a crafty way to work around credential control and access control. This is a technique that's been used to actually exfiltrate data out of AWS, just by taking snapshots.
The last example is account hijacking. One story that got some headlines a while back involved attackers getting full control of an AWS account through a set of keys. The account was compromised so thoroughly that trust in the service was eroded to |
Tesla | ||
 |
2018-11-26 18:21:03 | A week in security (November 19 – 25) (lien direct) |
A roundup of last week's security news from November 19–25, including a business email compromise attack, deep dive into DNA testing kits, and more troubles for Tesla.
Categories:
Security world
Week in security
Tags: AndroiddnaGoogle Playlastpassmalwarephishingroundupteslaweek in security
(Read more...)
|
Tesla LastPass | ||
|
2018-11-26 13:00:00 | Rivian Wants to Do for Pickups What Tesla Did For Cars (lien direct) | RJ Scaringe's Rivian Automotive just unveiled its electric pickup truck, and it's looking good. | Tesla | ||
|
2018-11-22 00:22:05 | Smashing Security #105: Facebook, Nietzsche, Tesla, and Nicole (lien direct) |  Tesla takes customer service a step too far, is it a romantic gesture or stalking when you email 246 women called Nicole, and Carole finds herself in a Facebook dilemma.
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Jessica Barker.
|
Tesla | ||
|
2018-11-18 14:00:00 | Women Pay More for Transit: This Week\'s Future of Cars News (lien direct) | Tesla, GM, and Nissan want to restore the fading tax credit for EVs; Waymo is almost ready to go; the Mustang gets electrified; and more car news. | Tesla | ||
|
2018-11-14 13:00:00 | Tesla, GM, and Nissan Unite to Save Their EV Tax Credits (lien direct) | The EV Drive Coalition will push Congress to extend the $7,500 federal tax credit for electric cars, but advocates say it could do much more. | Tesla | ||
|
2018-11-11 14:00:00 | Tesla\'s Booming Model 3 Sales and More Car News This Week (lien direct) | Elon Musk puts Tesla in the black, cities rein in scooters, and a car engineer spends a lot of time throwing up. | Tesla | ||
|
2018-11-07 12:00:00 | Booming Model 3 Sales Are Taking Tesla Mainstream (lien direct) | Elon Musk's Model 3 is the 19th best-selling vehicle in the country, as 15-year-old Tesla moves beyond its niche. | Tesla | ||
|
2018-11-04 14:00:00 | Waymo\'s Self-Driving Cars Go Human-Free, Plus More This Week in Cars (lien direct) | California lets self-driving cars go fully robo, Tesla upgrades Autopilot, Chevy makes an electric Camaro, and more. | Tesla | ||
|
2018-11-04 12:00:00 | Tesla\'s \'Navigate on Autopilot\' Changes Lanes-With the Human\'s Help (lien direct) | The newly released "Navigate on Autopilot" makes choices about when to change lanes, but depends on the human's help-help that will make the system better in the long run. | Tesla | ||
|
2018-10-31 01:24:03 | A Florida Man Is Suing Tesla for a Scary Autopilot Crash (lien direct) | The latest lawsuit over Elon Musk's semi-autonomous driving feature claims Tesla sales reps oversold the system's capabilities. | Tesla | ||
|
2018-10-28 12:00:00 | Tesla Gets Profitable and More This Week in the Future of Cars (lien direct) | Plus: Paris gives cars le boot, scooters clean up their act, and more. | Tesla | ||
|
2018-10-24 23:46:04 | Tesla\'s Finally Made a Profit, and Promises To Keep Doing It (lien direct) | Elon Musk's electric car company is pulling out of Model 3 production hell, and starting to make money. | Tesla | ||
 |
2018-10-23 07:42:00 | (Déjà vu) High-tech thieves used a relay attack to steal a Tesla Model S (lien direct) | Tesla owners, if you haven't enabled the PIN to Drive security feature to safeguard your very expensive ride, then hopefully watching the security footage of thieves quickly stealing a Tesla Model S will serve to make it a priority.Antony Kennedy, the owner of the Model S, caught surveillance footage of his fine ride being heisted. One of the crooks appears to use a tablet to capture the signal from the key fob located in the Essex, England, house. The second thief with a mobile phone in hand waits next to the car door. The relay attack took under 50 seconds until they had successfully tricked the car into responding as if the owner was standing there with the key fob. | Tesla | ||
|
2018-10-23 07:42:00 | (Déjà vu) Surveillance video shows high-tech thieves using relay attack to steal Tesla Model S (lien direct) | Tesla owners, if you haven't enabled the “PIN to Drive” security feature to safeguard your very expensive ride, then hopefully watching the security footage of thieves quickly stealing a Tesla Model S will serve to make it a priority.Antony Kennedy, the owner of the Model S, caught surveillance footage of his fine ride being heisted. One of the crooks appears to use a tablet to capture the signal from the key fob located in the Essex, England, house. The second thief with a mobile phone in hand waits next to the car door. The relay attack took under 50 seconds until they had successfully tricked the car into responding as if the owner was standing there with the key fob. | Tesla | ||
|
2018-10-22 21:59:04 | Watch how a Tesla Model S was stolen with just a tablet (lien direct) |  Criminals were able to dupe the Tesla's passive entry system into giving them access, and letting them drive away.
(But only after they struggled to unplug it.)
|
Tesla | ||
 |
2018-10-22 19:55:03 | Who Is Agent Tesla? (lien direct) | A powerful, easy-to-use password stealing program known as Agent Tesla has been infecting computers since 2014, but recently this malware strain has seen a surge in popularity -- attracting more than 6,300 customers who pay monthly fees to license the software. Although Agent Tesla includes a multitude of features designed to help it remain undetected on host computers, the malware's apparent creator seems to have done little to hide his real-life identity. | Malware | Tesla | ★★ |
|
2018-10-21 13:00:00 | Tesla\'s New Model 3, Lime\'s New Scooter, and More This Week in the Future of Cars (lien direct) | Tesla makes yet another non-$35K Model 3, battery swapping somehow comes back, yet more evidence 'semi-autonomous' driving is confusing people, and more car news. | Tesla | ||
|
2018-10-19 23:19:01 | Tesla\'s New \'Mid-Range\' Model 3 Is the iPhone XR of Cars (lien direct) | Elon Musk's unexpected version of the Model 3 will offer 260 miles of range for around $45,000, and carves out a new niche in an expanding product line. | Tesla | ||
|
2018-10-16 10:07:04 | Hackers tamper with exploit chain to drop Agent Tesla, circumvent antivirus solutions (lien direct) | A new campaign is spreading information-stealing malware including Agent Tesla and Loki. | Malware | Tesla | |
|
2018-10-15 19:47:01 | New Technique Recycles Exploit Chain to Keep Antivirus Silent (lien direct) | In a new malware campaign, cybercriminals modified a known exploit chain to push Agent Tesla info stealer without triggering detection from common antivirus products. [...] | Malware | Tesla | |
|
2018-10-07 13:00:00 | Tesla\'s Quarterly Numbers, Honda\'s Big Self-Driving Check, and More Car News (lien direct) | Plus, California is fighting the EPA over vehicle emissions, and a self-driving truck company comes out of stealth. | Tesla | ||
|
2018-10-04 22:57:04 | Tesla\'s Autopilot Report Makes Big Safety Claims With Little Context (lien direct) | Tesla's report finds drivers using Autopilot crash nearly seven times less often than the general population, but safety experts aren't convinced. | Tesla | ||
|
2018-10-02 17:55:03 | Tesla\'s Good Model 3 Numbers Prepare It for Harder Tasks Ahead (lien direct) | Tesla made a record 53,239 Model 3 electric sedans this past quarter-but it's the coming months that will really test the automaker as it aims for stability and expansion into China. | Tesla | ||
|
2018-09-29 11:00:00 | The Case Against Elon Musk Will Chill Innovation (lien direct) | Investors in Tesla and other Musk ventures should know that the CEO does not always hew to the literal truth. | Tesla | ★★★ | |
|
2018-09-23 13:00:00 | This Week in the Future of Cars: Electric Start (lien direct) | The new Audi E-tron, Tesla's crash test, the Ferrari Monzas, and more car news from this week. | Tesla | ||
|
2018-09-21 20:34:00 | Model 3 Crash Tests Hammer Home Tesla\'s Safety Excellence (lien direct) | Apart from a few hiccups and questions about Autopilot, Elon Musk's automaker knows how to make very safe cars. | Tesla |
To see everything:
Our RSS (filtrered)
