What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-07-17 03:33:03 | Cracked Tesla 3 Windshield Leads to $10,000 Bug Bounty (lien direct) | Tesla paid a large bug bounty for a cross-site scripting (XSS) vulnerability in one of its backend apps that allowed gleaning vital statistics about a vehicle. [...] | Vulnerability | Tesla | |
 |
2019-04-02 11:55:05 | Hackers reveal how to trick a Tesla into steering towards oncoming traffic (lien direct) | A root vulnerability and a few stickers were all it took. | Vulnerability | Tesla | |
 |
2019-03-25 15:47:01 | Two white hats hack a Tesla, get to keep it (lien direct) | >The electric automaker is working to release a fix for the underlying vulnerability in a matter of days | Hack Vulnerability | Tesla | |
 |
2018-09-13 13:30:01 | Tesla\'s Remote Fix For Its Model S Key Fob Vulnerability Is A Positive Sign For The Auto Industry (lien direct) | Tesla Model S key fob system is vulnerable to spoofing attacks, Craig Smith, Rapid7's research director of transportation security, commented below on this report. According to reports, researchers identified a flaw which would allow attackers to steal a Tesla simply by walking past the owner and cloning his/her key. The malicious actor would have to first identify the … The ISBuzz Post: This Post Tesla’s Remote Fix For Its Model S Key Fob Vulnerability Is A Positive Sign For The Auto Industry | Vulnerability | Tesla | |
 |
2018-09-11 11:30:03 | A group of researchers showed how a Tesla Model S can be hacked and stolen in seconds using only $600 worth of equipment (lien direct) | A savvy car thief could drive off with a Tesla Model S by using just a few, relatively inexpensive pieces of computing hardware and some radios - at least, the thief could have until recently, when Tesla fixed an overlooked vulnerability in its cars’ security systems. View full story ORIGINAL SOURCE: Business Insider | Vulnerability | Tesla | |
 |
2018-06-22 13:00:00 | Things I Hearted this Week, 22nd June 2018 (lien direct) |
The Tesla Insider
Elon Musk sent out an email stating an employee had stabbed the company in the back like Brutus, changing production code, and leaking inside information. I'll admit that like many people who have talked about or written about insider threats in the past, I instinctively punched the air and yelled, "YES! I warned you but you didn't listen."
The incident is also notable for the impact it had on the company's share price which dropped more than 6% in trading.
"I was dismayed to learn this weekend about a Tesla employee who had conducted quite extensive and damaging sabotage to our operations, this included making direct code changes to the Tesla Manufacturing Operating System under false usernames and exporting large amounts of highly sensitive Tesla data to unknown third parties."
Insider threats defined | AlienVault
Tesla hit by insider saboteur who changed code, exfiltrated data | SC Magazine
Tesla sinks after Elon Musk says an employee conducted 'sabotage' and Trump ramps up fears of a trade war (TSLA) | Business Insider
Can't Fix Won't Fix, Don't Fix
Organisations cannot afford to view penetration testing as a tick box exercise. How should they mitigate the fact some vulnerabilities can’t be fixed, won’t be fixed, and in some instances, actually shouldn’t be fixed?
Can’t fix, won’t fix, don’t fix: Is it time for businesses to rethink how they action pen test results?| IT Pro Portal
On the topic of pen tests, check out Adrian Sanabria's presentation slides from RSA earlier this year on killing the pen test.
It's time to kill the pen test (PDF) | RSAconference
To add balance, and to convince you pen testers out there that I'm not a bad person who hates all pen testers, here's an awesome collection of penetration testing resources that include tools, online resources, books, courses, conferences, magazine...
Awesome Penetration Testing | Kinimiwar, GitHub
A Case Study In Bad Disclosure
Imagine you're a researcher and have found a vulnerability, you then disclose it responsibly to a vendor, then that vendor fixes the issue - but instead of sending the chopper over to you with a care package, they pretend like you didn't exist. Akin to Tom Cruise getting disavowed in every single Mission Impossible movie.
Then imagine that vendor submitted the vulnerability details to Google and received a bug bounty award to the tune of $5,000.
Then to top it off, they sat back in a massive reclining chair, threw their head back and laughed as they donated the full $5,000 to a good cause.
|
Hack Vulnerability Guideline | Bithumb Tesla Tesla |
1
We have: 6 articles.
We have: 6 articles.
To see everything:
Our RSS (filtrered)
