What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-07-20 13:00:00 | Things I Hearted this Week, 20th July 2018 (lien direct) |
INFOSEC RECRUITING - IS THE INDUSTRY CREATING ITS OWN DROUGHT
We've all been blasted with many a report that infosec has a massive skills gap. But what if the problem doesn't lie with the lack of skilled professionals, but the hiring process itself?
Thomas Fischer makes a compelling argument, using some of his personal recent experiences from both sides of the hiring process.
InfoSec Recruiting – Is the Industry Creating its own Drought? | Liquid Matrix
GDPR
Did you think that discussions around GDPR were over? You thought wrong.
Want to avoid GDPR fines? Adjust your IT Procurement methods | HelpNetSecurity
SEXTORTION SCAMS
A clever new twist on an on extortion email scam includes a password the recipient previously used at a hacked website, to lend credence to claims that the sender has hacked the recipients computer / webcam and recorded embarrassing videos.
Sextortion Scam Uses Recipient’s Hacked Passwords | Krebs on Security
TESLA
Elon Musk continues to make the headlines, sometimes for the right, and other times for the wrong reasons. But it's worth taking a look at the companies security. While there was the infamous emaila few weeks back where Musk pointed the finger of blame to a rogue employee, it's not the first case of cybersecurity gone wrong in the company.
Tesla sued an oil-industry executive for impersonating Musk in an email. The tricksters goal was to undermine tesla's energy-efficient transportation.
Here’s why Tesla has been sabotaged twice in two years — lax network security | Last Watchdog
|
Tesla APT 1 | ||
 |
2018-07-20 12:00:00 | Beyond Elon Musk\'s Drama, Tesla\'s Cars Are Thrilling Drivers (lien direct) | Look beyond the Twitter antics and the up-and-down stock price, and you'll find a growing mass of happy customers. | Tesla | ||
 |
2018-07-18 11:49:03 | Elon Musk retracts vile Twitter accusation against cave rescuer (lien direct) |  Tesla chief Elon Musk retracts his unfounded allegations against man who helped boys escape from a Thai cave, but scammers are given another opportunity to strike.
|
Tesla | ||
|
2018-07-12 20:41:05 | The Terrible Timing of Tesla\'s Expiring $7,500 Tax Credit (lien direct) | Now that Elon Musk's car company is finally putting out the more affordable Model 3, it could be a problem. | Tesla | ||
|
2018-07-11 22:20:03 | The Engineering Behind Elon Musk\'s Bid to Save Thailand\'s Cave Boys (lien direct) | The SpaceX and Tesla CEO's work to help the rescue operation captivated the internet and reinforced the most flattering image of Musk, as a brilliant engineer with a nose for unexpected solutions to pressing problems. | Tesla Tesla | ||
|
2018-07-07 13:00:00 | Tesla Hits Its Goals, Lyft Buys Into Bikes, and More Car News This Week (lien direct) | Plus: GM's self-driving cars get into a scrape, China considers rolling back incentives for going electric, and more. | Tesla Tesla | ||
|
2018-06-23 00:33:00 | How Tesla Is Building Cars in Its Parking Lot (lien direct) | We dug through the permits Elon Musk's automaker filed for the right to start building Model 3 sedans in a semi-permanent tent outside its Fremont factory. | Tesla Tesla | ||
 |
2018-06-22 17:29:01 | Tesla Breach: Malicious Insider Revenge or Whistleblowing? (lien direct) | 
Just before midnight last Sunday evening (June 17, 2018), Elon Musk sent an email to all staff. He was dismayed, he said, to learn about a Tesla employee "making direct code changes to the Tesla Manufacturing Operating System under false usernames and exporting large amounts of highly sensitive Tesla data to unknown third parties."
|
Tesla Tesla | ||
|
2018-06-22 13:00:00 | Things I Hearted this Week, 22nd June 2018 (lien direct) |
The Tesla Insider
Elon Musk sent out an email stating an employee had stabbed the company in the back like Brutus, changing production code, and leaking inside information. I'll admit that like many people who have talked about or written about insider threats in the past, I instinctively punched the air and yelled, "YES! I warned you but you didn't listen."
The incident is also notable for the impact it had on the company's share price which dropped more than 6% in trading.
"I was dismayed to learn this weekend about a Tesla employee who had conducted quite extensive and damaging sabotage to our operations, this included making direct code changes to the Tesla Manufacturing Operating System under false usernames and exporting large amounts of highly sensitive Tesla data to unknown third parties."
Insider threats defined | AlienVault
Tesla hit by insider saboteur who changed code, exfiltrated data | SC Magazine
Tesla sinks after Elon Musk says an employee conducted 'sabotage' and Trump ramps up fears of a trade war (TSLA) | Business Insider
Can't Fix Won't Fix, Don't Fix
Organisations cannot afford to view penetration testing as a tick box exercise. How should they mitigate the fact some vulnerabilities can’t be fixed, won’t be fixed, and in some instances, actually shouldn’t be fixed?
Can’t fix, won’t fix, don’t fix: Is it time for businesses to rethink how they action pen test results?| IT Pro Portal
On the topic of pen tests, check out Adrian Sanabria's presentation slides from RSA earlier this year on killing the pen test.
It's time to kill the pen test (PDF) | RSAconference
To add balance, and to convince you pen testers out there that I'm not a bad person who hates all pen testers, here's an awesome collection of penetration testing resources that include tools, online resources, books, courses, conferences, magazine...
Awesome Penetration Testing | Kinimiwar, GitHub
A Case Study In Bad Disclosure
Imagine you're a researcher and have found a vulnerability, you then disclose it responsibly to a vendor, then that vendor fixes the issue - but instead of sending the chopper over to you with a care package, they pretend like you didn't exist. Akin to Tom Cruise getting disavowed in every single Mission Impossible movie.
Then imagine that vendor submitted the vulnerability details to Google and received a bug bounty award to the tune of $5,000.
Then to top it off, they sat back in a massive reclining chair, threw their head back and laughed as they donated the full $5,000 to a good cause.
|
Hack Vulnerability Guideline | Bithumb Tesla Tesla | |
|
2018-06-21 10:33:02 | Ex-Tesla employee sued for hacking and stealing company data (lien direct) |  Tesla claims former employee has admitted writing software that hacked company systems, and leaked data to external third parties.
|
Tesla | ||
 |
2018-06-21 09:05:02 | GUEST ESSAY: Here\'s why Tesla has been sabotaged twice in two years - lax network security (lien direct) | The disclosure earlier this week that Tesla CEO Elon Musk reportedly informed all of his employees about a rogue worker conducting “extensive and damaging sabotage” to the company's operations very much deserves the news coverage it has gotten. Related: The 'golden age' of cyber spying is upon us Musk reportedly sent out an internal email […] | Tesla | ||
 |
2018-06-20 13:40:02 | Tesla Hit By \'Damaging Sabotage\' By Employee (lien direct) | On Sunday night, Tesla CEO Elon Musk sent an email to all employees alleging there was a saboteur within the company's ranks. Musk said this person had conducted “quite extensive and damaging sabotage” to the company’s operations, including by changing code to an internal product and exporting data to outsiders. IT security experts commented below. Chris … The ISBuzz Post: This Post Tesla Hit By ‘Damaging Sabotage’ By Employee | Tesla | ||
 |
2018-06-19 13:31:05 | Tesla employee sabotage illustrates critical importance of user permissions (lien direct) | Tesla CEO Elon Musk claims the firm suffered 'extensive and damaging sabotage,' including code tweaks and leaked secrets. | Tesla | ||
|
2018-06-19 11:44:03 | Tesla saboteur caused extensive damage and leaked highly sensitive data, claims Elon Musk (lien direct) |  Tesla CEO Elon Musk believes that the company is the victim of deliberate sabotage perpetrated by an employee.
Read more in my article on the Hot for Security blog.
|
Tesla | ||
|
2018-06-17 13:00:00 | Elon Musk Digs Chicago, Byton\'s Tesla-Fighter, and More Car News This Week (lien direct) | Plus: Volvo gets some lidar, Seattle's high-tech tunnel, and Boeing tries to make the future of flight a lot more fun. | Tesla | ||
 |
2018-05-23 18:45:27 | The devil wears Pravda (lien direct) | Classic Bond villain, Elon Musk, has a new plan to create a website dedicated to measuring the credibility and adherence to "core truth" of journalists. He is, without any sense of irony, going to call this "Pravda". This is not simply wrong but evil. Musk has a point. Journalists do suck, and many suck consistently. I see this in my own industry, cybersecurity, and I frequently criticize them for their suckage.But what he's doing here is not correcting them when they make mistakes (or what Musk sees as mistakes), but questioning their legitimacy. This legitimacy isn't measured by whether they follow established journalism ethics, but whether their "core truths" agree with Musk's "core truths".An example of the problem is how the press fixates on Tesla car crashes due to its "autopilot" feature. Pretty much every autopilot crash makes national headlines, while the press ignores the other 40,000 car crashes that happen in the United States each year. Musk spies on Tesla drivers (hello, classic Bond villain everyone) so he can see the dip in autopilot usage every time such a news story breaks. He's got good reason to be concerned about this.He argues that autopilot is safer than humans driving, and he's got the statistics and government studies to back this up. Therefore, the press's fixation on Tesla crashes is illegitimate "fake news", titillating the audience with distorted truth.But here's the thing: that's still only Musk's version of the truth. Yes, on a mile-per-mile basis, autopilot is safer, but there's nuance here. Autopilot is used primarily on freeways, which already have a low mile-per-mile accident rate. People choose autopilot only when conditions are incredibly safe and drivers are unlikely to have an accident anyway. Musk is therefore being intentionally deceptive comparing apples to oranges. Autopilot may still be safer, it's just that the numbers Musk uses don't demonstrate this.And then there is the truth calling it "autopilot" to begin with, because it isn't. The public is overrating the capabilities of the feature. It's little different than "lane keeping" and "adaptive cruise control" you can now find in other cars. In many ways, the technology is behind -- my Tesla doesn't beep at me when a pedestrian walks behind my car while backing up, but virtually every new car on the market does.Yes, the press unduly covers Tesla autopilot crashes, but Musk has only himself to blame by unduly exaggerating his car's capabilities by calling it "autopilot".What's "core truth" is thus rather difficult to obtain. What the press satisfies itself with instead is smaller truths, what they can document. The facts are in such cases that the accident happened, and they try to get Tesla or Musk to comment on it.What you can criticize a journalist for is therefore not "core truth" but whether they did journalism correctly. When such stories criticize "autopilot", but don't do their diligence in getting Tesla's side of the story, then that's a violation of journalistic practice. When I criticize journalists for their poor handling of stories in my industry, I try to focus on which journalistic principles they get wrong. For example, the NYTimes reporters do a lot of stories quoting anonymous government sources in clear violation of journalistic principles.If "credibility" is the concern, then it's the classic Bond villain h |
Tesla | ||
 |
2018-05-18 09:37:05 | Tesla confirms autopilot involved in Utah crash but seeks to blame driver (lien direct) | A Tesla car was driving in “autopilot” mode when it crashed into a stopped firetruck in Utah, the company said in a report to police that repeatedly cast blame on the driver, not its semi-autonomous driving system. View Full Story ORIGINAL SOURCE: The Guardian | Tesla | ||
|
2018-05-03 20:00:05 | Next privacy trap for consumers? Their cars. (lien direct) | With flak still flying in the battle over the privacy of data shared on social networks, consumer advocates are raising a red flag about the data that is being collected and shared using another type of consumer platform: automobiles. Manufacturers such as BMW, General Motors (GM), Nissan, Tesla and Toyota are selling vehicles with data...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/543365614/0/thesecurityledger -->» | Tesla | ||
 |
2018-04-08 08:22:03 | Experts spotted a campaign spreading a new Agent Tesla Spyware variant (lien direct) | A new variant of the infamous Agent Tesla spyware was spotted by experts at Fortinet, the malware has been spreading via weaponize Microsoft Word documents. Agent Tesla is a spyware that is used to spy on the victims by collecting keystrokes, system clipboard, screenshots, and credentials from the infected system. To do this, the spyware […] | Tesla | ||
|
2018-04-07 16:58:01 | New Agent Tesla Spyware Variant Discovered (lien direct) | A new variant of the Agent Tesla spyware has been spreading via malicious Microsoft Word documents, Fortinet reports. | Tesla | ||
 |
2018-03-25 15:24:01 | Elon Musk deletes SpaceX and Tesla pages from Facebook (lien direct) | Elon Musk Deletes Facebook Pages For Space X And Tesla Recently, a whistleblower, Christopher Wylie shocked the world when he revealed that data analysis firm Cambridge Analytica and Facebook were involved in a scandal wherein the former illegally lifted data of millions of Facebook users' without their knowledge and consent and used it to influence […] | Tesla | ||
 |
2018-03-23 05:45:02 | Facebook and Cambridge Analytica – What\'s Happened So Far (lien direct) | Top Story- Facebook has just lost over $60 billion in market value over the past two days-that's more than Tesla's entire market capitalisation and almost three times that of Snapchat.
Facebook shares plunge over revelations that personal data of 50 million users was obtained and misused by British data analytics firm 'Cambridge Analytica,' who reportedly helped Donald Trump win the US
|
Tesla | ||
 |
2018-03-21 12:01:00 | Cryptocurrency Miner Distributed via PHP Weathermap Vulnerability, Targets Linux Servers (lien direct) | Through our incident response-related monitoring, we observed intrusion attempts whose indicators we've been able to correlate to a previous cryptocurrency-mining campaign that used the JenkinsMiner malware. The difference: this campaign targets Linux servers. It's also a classic case of reused vulnerabilities, as it exploits a rather outdated security flaw whose patch has been available for nearly five years. Feedback from Trend Micro's Smart Protection Network indicates it's an active campaign, primarily affecting Japan, Taiwan, China, the U.S., and India. | Tesla | ||
|
2018-03-20 22:47:05 | Autonomous vehicles could save more lives than they take. That might not matter. (lien direct) | Autonomous driving technology has the potential to save many more lives than it takes. But that may not matter if the public becomes convinced that autonomous vehicles are a danger to society. Will the death of a pedestrian in Tempe, Arizona derail the self-driving car initiatives of firms like Uber, General Motors and Tesla? The answer greatly...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/533862288/0/thesecurityledger -->» | Uber Tesla | ||
|
2018-03-20 07:03:01 | Coverity Scan Hacked, Abused for Cryptocurrency Mining (lien direct) | Coverity Scan, a free service used by tens of thousands of developers to find and fix bugs in their open source projects, was suspended in February after hackers breached some of its servers and abused them for cryptocurrency mining.
Synopsys, which acquired Coverity in 2014, started notifying Coverity Scan users about the breach on Friday. The company said malicious actors gained access to Coverity Scan systems sometime in February.
“We suspect that the access was to utilize our computing power for cryptocurrency mining,” Synopsys told users. “We have not found evidence that database files or artifacts uploaded by the open source community users of the Coverity Scan service were accessed. We retained a well-known computer forensics company to assist us in our investigation.”
Synopsys says the service is now back online and it believes the point of access leveraged by the attackers has been closed. In order to regain access to Coverity Scan, users will need to reset their passwords.
“Please note that the servers in question were not connected to any other Synopsys computer networks. This should have no impact on customers of our commercial products, and this event did not put any Synopsys corporate data or intellectual property at risk,” users were told.
Cybercriminals have become increasingly interested in making a profit by hacking PCs and servers and abusing them to mine cryptocurrencies. Cryptocurrency mining malware can target a wide range of devices, including industrial systems.
One recent high-profile victim was the carmaker Tesla, whose Kubernetes pods were compromised and used for cryptocurrency mining. According to RedLock, which discovered the breach, hackers gained access to Tesla's Kubernetes console due to the lack of password protection.
Related: Avoid Becoming a Crypto-Mining Bot - Where to Look for Mining Malware and How to Respond
Related: Linux Malware Targets Raspberry Pi for Cryptocurrency Mining
|
Uber Tesla | ||
|
2018-02-23 14:00:00 | Things I Hearted this Week 23rd Feb 2018 (lien direct) |
This week seems to have flown past very quickly. We’re almost at the end of February but the security goodness (and badness depending on which side of the fence you sit) keeps rolling in at breakneck speed.
I’m actually contemplating moving somewhere warm for the rest of winter. Not that it gets unbearably cold in London, but the winter does seem to drag on with grey skies and rain, and a never-ending cycle of colds, sniffles, not to mention the life-threatening “Man Flu!”
But enough about me, let’s jump into the security goodness!
Threat modeling
Threat models are great, and poorly understood, or used by security professionals as a universal ‘get out of jail card’.
“Why don’t you have 2FA on your web app?”
“Oh, that’s not in our threat model.”
“Why don’t you sandbox this?”
“Oh, that’s not in our threat model”
“Why don’t you have your threat model documented?”
“Oh, that’s not in our threat model”
It’s like the security equivalent to the business saying they “accepted the risk”.
An interesting piece in CSO magazine takes a look at common threat model mistakes.
7 threat modeling mistakes you’re probably making | CSO
What is threat modeling? | Motherboard
Two Billion!
Two billion (with a B), that’s the number of files apparently leaked in the US during 2017.
The most common type of breach after hacking was unintended disclosure such as cloud storage misconfigurations.
That means that millions of records could have been kept secure had someone brushed up on their AWS S3 Bucket security skills and not ticked the box to make it public.
We’ve found the APT, the APT is us!
Two Billion Files Leaked in US Data Breaches in 2017 | Infosecurity Magazine
The US witnesses significant number of healthcare breaches in 2017 | Healthcare Global
A SWIFT $6m
Unknown hackers stole 339.5 million roubles ($6 million) from a Russian bank last year in an attack using the SWIFT international payments messaging system.
Well, that’s a surprise. It’s not like SWIFT has been targeted ever for malicious purposes…
Hackers stole $6 million from Russian bank via SWIFT system: central bank | Reuters
India's City Union Bank CEO says suffered cyber hack via SWIFT system | Reuters
|
Tesla | ||
|
2018-02-22 20:03:04 | Hackers exploit Tesla\'s cloud systems to mine cryptocurrency (lien direct) | Hackers Hijack Tesla's AWS servers, Use It To Mine Cryptocurrency Tesla, the electric car manufacturer based in Palo Alto, California, is the latest victim of crypto-mining malware that allowed the hackers to covertly mine cryptocurrency – an attack known as 'crypto-jacking'. Researchers from the RedLock Cloud Security Intelligence (CSI) team discovered the breach on Tesla-owned Amazon cloud […] | Tesla | ||
|
2018-02-22 19:06:02 | Hackers compromised a Tesla Internal Servers with a Cryptocurrency miner (lien direct) | Cloud security firm RedLock discovered that hackers have compromised the Tesla cloud computing platform to mine cryptocurrency. Tesla has confirmed that hackers have compromised its cloud computing platform to mine cryptocurrency, after the incident was discovered by cloud security firm RedLock. The hackers have breached the Tesla cloud servers and have installed a crypto currency […] | Tesla | ||
|
2018-02-22 10:15:01 | Tesla AWS Hack (lien direct) | The ISBuzz Post: This Post Tesla AWS Hack | Tesla | ||
 |
2018-02-21 14:47:01 | Tesla investigates claims of crypto-currency hack (lien direct) | The company says that only internally used engineering test cars have been affected. | Tesla | ||
|
2018-02-21 14:10:04 | Confidential data stolen from Tesla after staff failed to secure cloud server (lien direct) | According to researchers at cloud security firm RedLock Ltd., hackers infiltrated Tesla's Kubernetes software console after the company failed to secure it with a password. Within one of the Kubernetes pods, a group of software containers deployed on the same host, sat the access credentials to Telsa's Amazon Web Service Inc. account. The hackers then stole confidential data, ... | Uber Tesla | ||
 |
2018-02-20 14:00:02 | Tesla cloud systems exploited by hackers to mine cryptocurrency (lien direct) | Researchers have discovered that Tesla's AWS cloud systems were compromised for the purpose of cryptojacking. | Tesla | ||
 |
2018-02-20 11:58:04 | Tesla Internal Servers Infected with Cryptocurrency Miner (lien direct) | Hackers have breached Tesla cloud servers used by the company's engineers and have installed malware that mines the cryptocurrency. [...] | Tesla | ||
 |
2018-02-01 09:21:30 | L\'autopilote de la Tesla en vidéo (lien direct) | Parce qu'il n'y a pas que les compil d'accidents de la route sur YouTube, voici une compilation de caméras embarquées dans des Tesla qui évitent des collisions parfois difficiles à détecter pour les humains. Souvent aussi, c'est la personne qui est derrière le volant qui fait preuve de négligence. Enfin, … Suite | Tesla | ||
|
2018-01-31 14:55:18 | Une séquence radio identique permet d\'ouvrir à distance les trappes de toutes les voitures Tesla (lien direct) | L'ami Gaël Musquet que vous connaissez sous le pseudo de RatZillaS et que j'avais interviewé ici l'année dernière, viens de découvrir quelque chose d'amusant dans les Tesla. En analysant les trames radio en 433 mhz qui déclenchent l'ouverture des trappes pour la recharge de la voiture électrique, il s'est rendu … Suite | Tesla | ||
|
2017-09-22 16:01:52 | EITest Campaign Uses Tech Support Scams to Deliver Coinhive\'s Monero Miner (lien direct) | We've uncovered the notorious EITest campaign delivering a JavaScript (JS) cryptocurrency miner (detected by Trend Micro as HKTL_COINMINE) using tech support scams as a social engineering lure. These are fraud activities impersonating legitimate technical support services, conning unwitting victims to avail/pay for these services (or hand out financial data), by scaring them that their machine has been infected with malware, for instance. The EITest campaign's main arsenal is compromised websites. Its activity can be traced to as early as 2014 and once used the Angler exploit kit to deliver ransomware. Starting January 2017, it has eschewed exploit kits in favor of “HoeflerText†(a popular font) phishing attacks or  . In a month, we identified 990 compromised websites injected with a malicious script that diverts the would-be victim to a website related to the tech support scam. Of late, though, the campaign has added the Coinhive JS miner into ongoing attacks, turning the victim's computer into a Monero cryptocurrency miner. Analysis also revealed that this JS cryptocurrency miner is the same “Coinhive†JS miner found embedded in The Pirate Bay's website. Post from: Trendlabs Security Intelligence Blog - by Trend Micro EITest Campaign Uses Tech Support Scams to Deliver Coinhive's Monero Miner | Guideline | Tesla | |
|
2017-09-22 15:12:13 | NVIDIA Patches Several Flaws in GPU Display Drivers (lien direct) | NVIDIA has started releasing patches for several denial-of-service (DoS) and privilege escalation vulnerabilities affecting its GeForce, NVS, Quadro and Tesla graphics card drivers. | Tesla | ||
|
2017-08-02 06:00:21 | Tesla Model X Hacked (lien direct) | The ISBuzz Post: This Post Tesla Model X Hacked | Tesla | ||
|
2017-07-28 18:45:55 | Tesla Model X Hacked by Chinese Experts (lien direct) | Security researchers from China-based tech company Tencent have once again demonstrated that they can remotely hack a Tesla. The vulnerabilities they leveraged were quickly patched by the carmaker. | Tesla | ||
|
2017-07-28 05:35:27 | Chinese Researchers Hack Tesla Model X in Impressive Video (lien direct) | Security researchers from Chinese security firm Tencent Keen Security Lab have found and helped fix several vulnerabilities in Tesla Model X cars that would have allowed an attacker to control the vehicle from a remote location. [...] | Tesla | ||
 |
2017-07-07 18:03:15 | News in brief: fears as online bazaar goes dark; Tesla to build biggest battery; EU move on right to repair (lien direct) | Your daily round-up of some of the other stories in the news |
Tesla | ||
 |
2017-07-06 17:06:15 | The key to old Petya versions has been published by the malware author (lien direct) |
As research concluded, the original author of Petya, Janus, was not involved in the latest attacks on Ukraine. As a result of the recent events, Janus released his private key, allowing all the victims of the previous Petya attacks, to get their files back.
Categories:
Cybercrime
Malware
Tags: ChimeraChimera ransomwareEternalPetyaGoldeneye ransomwarejanusNotPetyapetyaPetya ransomwareransomwareteslacrypt
(Read more...)
|
NotPetya Tesla | ||
|
2017-06-21 15:23:04 | TeslaWare Plays Russian Roulette with your Files (lien direct) | I was told about a new ransomware called TeslaWare that is being promoted on a black hat criminal site. After a quick search, I was able to find a sample that was compiled yesterday and I began to dig into to it. What did I find? That the marketing poster promoting TeslaWare was more advanced than the ransomware itself. [...] | Tesla | ||
|
2017-05-12 02:51:43 | Some notes on Trump\'s cybersecurity Executive Order (lien direct) | President Trump has finally signed an executive order on "cybersecurity". The first draft during his first weeks in power were hilariously ignorant. The current draft, though, is pretty reasonable as such things go. I'm just reading the plain language of the draft as a cybersecurity expert, picking out the bits that interest me. In reality, there's probably all sorts of politics in the background that I'm missing, so I may be wildly off-base.Holding managers accountableThis is a great idea in theory. But government heads are rarely accountable for anything, so it's hard to see if they'll have the nerve to implement this in practice. When the next breech happens, we'll see if anybody gets fired."antiquated and difficult to defend Information Technology"The government uses laughably old computers sometimes. Forces in government wants to upgrade them. This won't work. Instead of replacing old computers, the budget will simply be used to add new computers. The old computers will still stick around."Legacy" is a problem that money can't solve. Programmers know how to build small things, but not big things. Everything starts out small, then becomes big gradually over time through constant small additions. What you have now is big legacy systems. Attempts to replace a big system with a built-from-scratch big system will fail, because engineers don't know how to build big systems. This will suck down any amount of budget you have with failed multi-million dollar projects.It's not the antiquated systems that are usually the problem, but more modern systems. Antiquated systems can usually be protected by simply sticking a firewall or proxy in front of them."address immediate unmet budgetary needs necessary to manage risk"Nobody cares about cybersecurity. Instead, it's a thing people exploit in order to increase their budget. Instead of doing the best security with the budget they have, they insist they can't secure the network without more money.An alternate way to address gaps in cybersecurity is instead to do less. Reduce exposure to the web, provide fewer services, reduce functionality of desktop computers, and so on. Insisting that more money is the only way to address unmet needs is the strategy of the incompetent.Use the NIST frameworkProbably the biggest thing in the EO is that it forces everyone to use the NIST cybersecurity framework.The NIST Framework simply documents all the things that organizations commonly do to secure themselves, such run intrusion-detection systems or impose rules for good passwords.There are two problems with the NIST Framework. The first is that no organization does all the things listed. The second is that many organizations don't do the things well.Password rules are a good example. Organizations typically had bad rules, such as frequent changes and complexity standards. So the NIST Framework documented them. But cybersecurity experts have long opposed those complex rules, so have been fighting NIST on them.Another good example is intrusion-detection. These days, I scan the entire Internet, setting off everyone's intrusion-detection systems. I can see first hand that they are doing intrusion-detection wrong. But the NIST Framework recommends they do it, because many organizations do it, but the NIST Framework doesn't demand they do it well.When this EO forces everyone to follow the NIST Framework, then, it's likely just going to i | Guideline | Yahoo Tesla | |
|
2017-04-26 00:40:17 | "Fast and Furious 8: Fate of the Furious" (lien direct) | So "Fast and Furious 8" opened this weekend to world-wide box office totals of $500,000,000. I thought I'd write up some notes on the "hacking" in it. The tl;dr version is this: yes, while the hacking is a bit far fetched, it's actually more realistic than the car chase scenes, such as winning a race with the engine on fire while in reverse.[SPOILERS]Car hacking The most innovative cyber-thing in the movie is the car hacking. In one scene, the hacker takes control of the cars in a parking structure, and makes them rain on to the street. In another scene, the hacker takes control away from drivers, with some jumping out of their moving cars in fear.How real is this?Well, today, few cars have a mechanical link between the computer and the steering wheel. No amount of hacking will fix the fact that this component is missing.With that said, most new cars have features that make hacking possible. I'm not sure, but I'd guess more than half of new cars have internet connections (via the mobile phone network), cameras (for backing up, but also looking forward for lane departure warnings), braking (for emergencies), and acceleration.In other words, we are getting really close.As this Wikipedia article describes, there are levels for autonomous cars. At level 2 or 3, cars get automated steering, either for parking or for staying in the lane. Level 3 autonomy is especially useful, as it means you can sit back and relax while your car is sitting in a traffic jam. Higher levels of autonomy are still decades away, but most new cars, even the cheapest low end cars, will be level 3 within 5 years. That they make traffic jams bearable makes this an incredibly attractive feature.Thus, while this scene is laughable today, it'll be taken seriously in 10 years. People will look back on how smart this movie was at predicting the future.Car hacking, part 2Quite apart from the abilities of cars, let's talk about the abilities of hackers.The recent ShadowBrokers dump of NSA hacking tools show that hackers simply don't have a lot of range. Hacking one car is easy -- hacking all different models, makes, and years of cars is far beyond the ability of any hacking group, even the NSA.I mean, a single hack may span more than one car model, and even across more than one manufacturer, because they buy such components from third-party manufacturers. Most cars that have cameras buy them from MobileEye, which was recently acquired by Intel. As I blogged before, both my Parrot drone and Tesla car have the same WiFi stack, and both could be potential hacked with the same vulnerability. So hacking many cars at once isn't totally out of the question.It's just that hacking all the different cars in a garage is completely implausible.God's EyeThe plot of the last two movies as been about the "God's Eye", a device that hacks into every camera and satellite to view everything going on in the world.First of all, all hacking is software. The idea of stealing a hardware device in order enable hacking is therefore (almost) always fiction. There's one corner case where a quantum chip fact |
Tesla | ||
 |
2017-03-06 12:06:45 | Consumer Reports to grade tech products on security, privacy (lien direct) | Consumer Reports, a major source for gadget and appliance reviews in the U.S., plans to start rating products on data security and privacy.On Monday, the non-profit publication unveiled a set of new testing standards it hopes will push the tech industry to create safer products."The goal is to help consumers understand which digital products do the most to protect their privacy and security, and give them the most control over their personal data," the publication said.Already, cybersecurity experts are constantly finding new tech products, whether they be cars or smart teddy bears, that are often poorly secured and easy to hack.  To read this article in full or to leave a comment, please click here | Tesla | ||
|
2017-02-06 10:37:34 | Lurk: Retracing the Group\'s Five-Year Campaign (lien direct) | Fileless infections are exactly what their namesake says: they're infections that don't involve malicious files being downloaded or written to the system's disk. While fileless infections are not necessarily new or rare, it presents a serious threat to enterprises and end users given its capability to gain privileges and persist in the system of interest to an attacker-all while staying under the radar. For instance, fileless infections have been incorporated in a targeted bot delivery, leveraged to deliver ransomware, infect point-of-sale (PoS) systems, and perpetrate click fraud. The key point of the fileless infection for the attacker is to be able to evaluate each compromised system and make a decision whether the infection process should continue or vanish without a trace. The cybercriminal group Lurk was one of the first to effectively employ fileless infection techniques in large-scale attacks-techniques that arguably became staples for other malefactors. Post from: Trendlabs Security Intelligence Blog - by Trend Micro Lurk: Retracing the Group's Five-Year Campaign | Guideline | Tesla | |
|
2016-12-01 13:06:11 | Major cybercrime network Avalanche dismantled in global takedown (lien direct) | Law enforcement agencies have dismantled a major cybercriminal network responsible for malware-based attacks that have been harassing victims across the globe for years.The network, called Avalanche, operated as many as 500,000 infected computers on a daily basis and was responsible for delivering malware through phishing email attacks. Avalanche has been active since at least 2009, but on Thursday, authorities in the U.S. and Europe announced they had arrested five suspects allegedly involved with it.Avalanche has been found distributing more 20 different malware families including GozNym, a banking Trojan designed to steal user credentials, and Teslacrypt, a notorious ransomware. Europol estimated the network has caused hundreds of millions of dollars in damages across the world.To read this article in full or to leave a comment, please click here | Tesla | ||
|
2016-11-28 23:30:21 | A week in security (Nov 20 – Nov 26) (lien direct) |  A compilation of notable security news and blog posts from the 20th of November to the 26th. This week, we talked about PrincessLocker, ransomware decryptors, malvertising on the Mac, and the Windows Firewall.Categories:
Security world
Week in securityTags: decryptorfirewallmalvertisingPrincessLockerransomwarerecapteslacryptweekly blog roundup(Read more...) |
Tesla | ||
|
2016-11-28 09:07:00 | Researchers exploit app flaw and steal a Tesla Model S (lien direct) | In September, Chinese researchers from Keen Security Lab showed how a Tesla Model S could be remotely hacked while it was being driven. The hack demonstrated by Promon, a Norwegian security company, provided “additional functionality†for cyber thugs to control the vehicle, including enabling “keyless driving functionality,†which could allow a crook to drive away with a Tesla without have a key fob present.To read this article in full or to leave a comment, please click here | Tesla |
To see everything:
Our RSS (filtrered)
