Reading Time: ~ 2 min.
Multiple Tesla Models Vulnerable to GPS Attacks
Though it’s not the only manufacturer to offer GPS
navigation in their vehicles, Tesla has once again suffered an attack on
their GPS autopilot features. These attacks were able to trick the car into
thinking it had arrived at an off-ramp more than two miles early, causing it to
start to merge and eventually turn off the road entirely, even with a driver
attempting to stop the action. Using off-the-shelf products, the test
conductors were able to gain control of Tesla’s GPS in less than a minute.
Oregon DHS Successfully Phished
The personally identifiable information for at least 645,000
Oregon
Department of Human Services (DHS) patients was illicitly accessed after a
successful phishing attack on nine DHS employees. The attack allowed the
hackers to obtain 2 million emails from the accounts, which contained
everything from names and birthdates to social security numbers and
confidential health information. Fortunately, the DHS issued a password reset
shortly after the initial breach that stopped the attackers from getting any
further and began contacting potential victims of the attack.
IP and Computer Blacklisting in New Ryuk Variant
The latest variant of the Ryuk
ransomware includes an IP blacklist and a computer name check prior to
beginning encryption. The IPs and computer name strings were likely implemented
to stop any encryption of Russian computer systems. After these checks, the
ransomware continues as normal using .RYK as the appended file extension and a
ransom note that points victims to make payments to one of two proton mail
accounts.
EatStreet Ordering Services Breached
A data breach is affecting the food ordering service EatStreet
and possibly all of its 15,000 partnered restaurants. Payment card information
for millions of customers using the app, along with some banking information
for the 15,000 business partners, is believed to have been compromised in the
breach. Though EatStreet quickly began improving their security and
implementing multi-factor authentication following the breach, the damage was
already done.
Fake System Cleaners on the Rise
While phony
system cleaner apps have been common for many years, a recent study shows
that user numbers for these apps has doubled from the same time last year to
nearly 1.5 million. These apps often appear innocent and helpful at the outset,
while others have begun taking an outright malicious approach. To make matters
worse, these apps are commonly installed to fix the very issues they later
create by slowing the computer down and causing annoying popups.
The post Cyber News Rundown: GPS Vulnerabilities in Tesla Vehicles appeared first on Webroot Blog.