A teenager took control of Teslas by breaking a third-party app

A teenager took control of Teslas by breaking a third party

On Friday, Russia did the unbelievable thing before: he arrested a number of ransomware operators. Not only that, but members of the well-known group REvil, which has been behind some of the biggest attacks in the last several years, include the IT management company Kaseya and meat giant JBS. Russian President Vladimir Putin had issued a free pass to ransomware hackers. It is not yet clear whether this was a responsible political movement, a sign of a wider crackdown, or both, but it is certainly a unique moment.

As everyone scrambles to find Log4j in their systems - it's no easy task for even well - resourced companies - the FTC has set tight deadlines for keeping track of out the real bad, or good vulnerability in the ubiquitous log library. It will be unlikely if not impossible for everyone to find in time, which speaks more to the fragile and obscure nature of the open source software world of the aggressive timeline. FTC.

Worldwide telecommunications has pushed back against Apple's Private Relay, a non - virtual VPN that kicks your traffic through two servers to make you even more anonymous. T-Mobile in the U.S. recently blocked it for customers who had parental control filters. It's not clear why they have taken these steps against Apple and not the many, many VPNs that operate unhindered, but that could be related to the level of customers Apple that could sign up for the service.

In other privacy news from Apple, iOS 15 introduced a new report that shows you what sensors your apps are receiving and what areas they're communicating with. There is much knowledge altogether; we helped break it down as we read it.

North Korean hackers had a "flagship year" in 2022, stealing nearly $ 400 million worth of digital money. And while Israeli spyware dealer NSO Group maintains they have controls in place to prevent the misuse of their product, dozens of journalists and activists in El Salvador have been on the capture their devices with Pegasus, NSO's signature product, as far back as November.

And that's not all! Each week we collect all the security news that WIRED did not cover in depth. Click on the headlines to read the full stories.

19-year-old security researcher David Colombo explained this week how to remotely unlock doors, open windows, blow up music, and start driving without key for dozens of Teslas. The vulnerabilities he used to do so are not in Tesla's own software, but in a third-party app. There are some limits to what Colombo could accomplish; he could do nothing of steering, or speeding, or slowing down. But he was able to gather a lot of sensitive data about the vehicles he was affected by. Cars are now computers, perhaps larger than Teslas, which means that they come with computer problems such as third - party software that is causing major problems.

READ  Hot Contract: Get 20% off temperature control Ember Smart Mug 2

As tensions rise on the border between Russia and Ukraine, more than 70 official Ukrainian government websites have been hacked this week, suggesting that for people to “prepare for the worst”. While it is a shame to accept that it was the work of the Russian government, this is not a particularly solemn hack despite its widespread impact and visibility. (That is not to say either it was not Russia; it's just impossible to know right now.) The White House also warned this week that Russia was plotting a "false flag" to justify an attack, so there may be more to come. here.

The US has not adopted Covid-19 communication tracking apps despite the core functionality being built into all iOS and Android phones. Other countries, however, have embraced it much more widely. That includes Germany, where police recently used data from Luca's contact tracking app to find out who had been at a particular restaurant on a particular November night. , and used that information to identify 21 witnesses. Law enforcers have said they will no longer use that data after a public uprising. But the incident represents just the kind of worst-case scenario that privacy advocates have warned about, at a time when public confidence in finding communications is more important than ever.

The developer behind two widely used open source libraries broke his own code this week, disrupting thousands of projects in the process. The changes resulted in applications printing zero messages in an infinite loop. The developer seemed motivated to report big companies benefiting from his work for free, but in the process he made a very miserable life for customers of all stripes.


More Great WIRED Stories

Related Posts

Deja una respuesta

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *

Subir

We use cookies to ensure that we give the best user experience on our website. If you continue to use this site we will assume that you agree. More information