Security News

The billionaire behind Trump's 'unhackable' phone is on a mission to fight Tesla's FSD
2024-10-21 19:30

Dan O'Dowd tells El Reg about the OS secrets and ongoing clash with Musk Interview This month, presidential hopeful Donald Trump got a tool in his arsenal, some allegedly "unhackable"...

Tesla, Intel, deny they're the foreign company China just accused of making maps that threaten national security
2024-10-21 05:33

As TSMC defends itself against report it may have helped Huawei Tesla has denied it was involved in illegal-map making activities in China after Beijing asserted an unnamed foreign firm working on...

Cybercriminals Target Polish Businesses with Agent Tesla and Formbook Malware
2024-07-30 11:06

Cybersecurity researchers have detailed widespread phishing campaigns targeting small and medium-sized businesses in Poland during May 2024 that led to the deployment of several malware families like Agent Tesla, Formbook, and Remcos RAT. Some of the other regions targeted by the campaigns include Italy and Romania, according to cybersecurity firm ESET. "Attackers used previously compromised email accounts and company servers, not only to spread malicious emails but also to host malware and collect stolen data," ESET researcher Jakub Kaloč said in a report published today. These campaigns, spread across nine waves, are notable for the use of a malware loader called DBatLoader to deliver the final payloads.

Windows 11, Tesla, and Ubuntu Linux hacked at Pwn2Own Vancouver
2024-03-21 07:07

On the first day of Pwn2Own Vancouver 2024, contestants demoed Windows 11, Tesla, and Ubuntu Linux zero-day vulnerabilities and exploit chains to win $732,500 and a Tesla Model 3 car. Synacktiv won the Tesla Model 3 and $200,000 after hacking the Tesla ECU with Vehicle CAN BUS Control in under 30 seconds using an integer overflow.

MiTM phishing attack can let attackers unlock and steal a Tesla
2024-03-07 17:07

Researchers demonstrated how they could conduct a Man-in-the-Middle phishing attack to compromise Tesla accounts, unlocking cars, and starting them. The attack works on the latest Tesla app, version 4.30.6, and Tesla software version 11.1 2024.2.7.

Flipper Zero WiFi phishing attack can unlock and steal Tesla cars
2024-03-07 17:07

An easy phishing attack using a Flipper Zero device can lead to compromising Tesla accounts, unlocking cars, and starting them. The attack works on the latest Tesla app, version 4.30.6, and Tesla software version 11.1 2024.2.7.

Flipper Zero WiFi attack can unlock and steal Tesla cars
2024-03-07 17:07

An easy phishing attack using a Flipper Zero device can lead to compromising Tesla accounts, unlocking cars, and starting them. The attack works on the latest Tesla app, version 4.30.6, and Tesla software version 11.1 2024.2.7.

Tesla hacks make big bank at Pwn2Own's first automotive-focused event
2024-01-29 01:29

Five $60,000 bounties - the second-highest monetary awards behind Synacktiv's $100k Tesla hacks - were awarded for attacks on EV chargers manufactured by Emporia, ChargePoint, Ubiquiti, Phoenix and JuiceBox. Three attacks against Automotive Grade Linux were also attempted, with only one succeeding.

Pwn2Own Automotive: $1.3M for 49 zero-days, Tesla hacked twice
2024-01-26 12:32

The first edition of Pwn2Own Automotive has ended with competitors earning $1,323,750 for hacking Tesla twice and demoing 49 zero-day bugs in multiple electric car systems between January 24 and January 26.After a zero-day vulnerability is exploited and reported to vendors during Pwn2Own, they have 90 days to release security patches before Trend Micro's Zero Day Initiative discloses it publicly.

Tesla hacked again, 24 more zero-days exploited at Pwn2Own Tokyo
2024-01-25 15:49

Security researchers hacked the Tesla infotainment system and demoed 24 more zero-days on the second day of the Pwn2Own Automotive 2024 hacking competition. On the first day of Pwn2Own Automotive 2024, Synacktiv also collected another $295,000 after getting root on a Tesla Modem and hacking Ubiquiti Connect EV and JuiceBox 40 Smart EV Charging Stations using three chains, exploiting a total of seven zero-days.