A Teen Took Control of Teslas by Hacking a Third-Party App

/in


On Friday, Russia did the previously unimaginable: It actually arrested a bunch of ransomware operators. Not only that, but members of the notorious group REvil, which has been behind some of the biggest attacks of the last several years, including IT management firm Kaseya and meat giant JBS. Russian president Vladimir Putin had previously given ransomware hackers a free pass. It’s not clear yet whether this was a calculated political move, a sign of a broader crackdown, or both, but it’s certainly a watershed moment.

As everyone scrambles to find Log4j in their systems—no easy task for even well-resourced companies—the FTC has set strict deadlines for patching the very bad, no good vulnerability in the ubiquitous logging library. It’ll be unlikely if not impossible for everyone to find it in time, which speaks more to the fragile and opaque nature of the open source software world than the FTC’s aggressive timeline.

Telecoms around the world have pushed back against Apple’s Private Relay, a not-quite-VPN that bounces your traffic through a couple of servers to give you extra anonymity. T-Mobile in the US recently blocked it for customers who had parental control filters. It’s unclear why they’ve taken those measures against Apple and not the many, many VPNs that work unfettered, but it may have to do with the potential scale of Apple customers who could sign up for the service.

In other Apple privacy news, iOS 15 brought with it a new report that shows you what sensors your apps are accessing and what domains they’re contacting. It’s a lot of information all at once; we helped break down how to read it

North Korean hackers had a “banner year” in 2021, stealing nearly $400 million of cryptocurrency. And while Israeli spyware vendor NSO Group insists that it has controls in place to prevent abuses of its product, dozens of journalists and activists in El Salvador had their devices infected with Pegasus, NSO’s signature product, as recently as November.  

And that’s not all! Each week we round up all the security news WIRED didn’t cover in depth. Click on the headlines to read the full stories.

A 19-year-old security researcher named David Colombo detailed this week how he…

Source…