Security News

Oil and Gas Firms Targeted With Agent Tesla Spyware
2020-04-21 13:59

Attackers are targeting energy companies with the Agent Tesla spyware, as seen in recent spearphishing emails with malicious attachments. The emails leverage the tumultuous nature of today's oil and gas markets, which have been under tremendous stress in recent weeks, as the global COVID-19 pandemic lowered oil demand.

Vulnerability Exposed Tesla Central Touchscreen to DoS Attacks
2020-03-23 16:34

Hackers could have caused a Tesla Model 3's central touchscreen to become unusable simply by getting the targeted user to visit a specially crafted website. A researcher who uses the online moniker Nullze discovered that the Tesla Model 3's web interface is affected by a denial-of-service vulnerability.

DoppelPaymer Ransomware Used to Steal Data from Supplier to SpaceX, Tesla
2020-03-03 11:56

A company that provides custom parts to aerospace giants Lockheed Martin, SpaceX and Boeing, has been the target of an attack by an emerging type of ransomware that can both encrypt files and exfiltrate data. Attackers also tweeted in an account using the name "DoppelPaymer" that more files were on the way, alerting researchers that attackers likely used the DoppelPaymer ransomware in the attack, according to reports.

Nvidia patches severe flaws affecting GeForce, Quadro NVS and Tesla
2020-03-03 11:09

This is in the Windows GPU Display Driver control panel for the GeForce, Quadro NVS, and Tesla products leading to a corrupt system file and escalation of privileges or denial of service. A second control panel flaw affecting the same products is CVE‑2020‑5958, which might allow the planting of a malicious DLL file with the same results as above along with information disclosure.

DoppelPaymer Ransomware Slams Supplier to Boeing and Tesla
2020-03-03 10:48

DoppelPaymer has set up a public website with files from companies it claims it has compromised but have not paid a ransom, and it now lists Visser on that site, together with excerpts of allegedly stolen data. In an effort to exert even more pressure on victims to pay, in part by trying to name and shame them in public, some ransomware groups are upping the ante by stealing data before they forcibly encrypt everything.

Tesla Autopilot Duped By ‘Phantom’ Images
2020-02-03 19:45

The Mobileye 630 PRO and Tesla's HW 2.5 autopilot system, which comes embedded in the Tesla Model X. On the scale of level 0 to level 5, these two systems are considered "Level 2" automation. In one instance, researchers showed how they were able to cause the Tesla Model X to brake suddenly due to a phantom image, perceived as a person, projected in front of the car.

Pwn2Own 2020: Researchers Again Invited to Hack Tesla
2020-01-10 13:06

Trend Micro's Zero Day Initiative on Thursday announced the targets and prizes for the 2020 Pwn2Own competition, which is set to take place on March 18-20 in Vancouver at the CanSecWest conference. Pwn2Own 2019 introduced the automotive category and participants were invited to hack a Tesla Model 3.

Modifying a Tesla to Become a Surveillance Platform
2019-08-22 10:21

From DefCon: At the Defcon hacker conference today, security researcher Truman Kain debuted what he calls the Surveillance Detection Scout. The DIY computer fits into the middle console of a Tesla...

Tesla Vulnerability: A Bounty Hunter's Tale
2019-07-19 07:33

The latest edition of the ISMG Security Report describes the accidental discovery of a Tesla software vulnerability. Also featured: an analysis of the latest ransomware trends and insights from...

How a Big Rock Revealed a Tesla XSS Vulnerability
2019-07-16 16:18

Bug Hunter Sam Curry's Find Left Tesla Slightly Red FacedSoftware vulnerabilities sometimes have an uncanny knack of revealing themselves, even when a bug hunter is looking someplace else. Sam...