Tag Archive for: Find

Tesla Hackers Find ‘Unpatchable’ Jailbreak to Unlock Paid Features for Free

/in


Tesla Infotainment MCU Hack Blackhat

Tesla Infotainment MCU Hack Blackhat

A security researcher along with three PhD students from Germany have reportedly found a way to exploit Tesla’s current AMD-based cars to develop what could be the world’s first persistent “Tesla Jailbreak.”

The team published a briefing ahead of their presentation at next week’s Blackhat 2023. There, they will present a working version of an attack against Tesla’s latest AMD-based media control unit (MCU). According to the researchers, the jailbreak uses an already-known hardware exploit against a component in the MCU, which ultimately enables access to critical systems that control in-car purchases—and perhaps even tricking the car into thinking these purchases are already paid for.

Tesla Infotainment MCU Hack

Tesla Infotainment MCU Hack

“Tesla has been known for their advanced and well-integrated car computers, from serving mundane entertainment purposes to fully autonomous driving capabilities,” wrote the researchers in the briefing. “More recently, Tesla has started using this well-established platform to enable in-car purchases, not only for additional connectivity features but even for analog features like faster acceleration or rear heated seats. As a result, hacking the embedded car computer could allow users to unlock these features without paying.”

Separately, the attack will allow researchers to extract a vehicle-specific cryptography key that is used to authenticate and authorize a vehicle within Tesla’s service network.

According to the researchers, the attack is unpatchable on current cars, meaning that no matter what software updates are pushed out by Tesla, attackers—or perhaps even DIY hackers in the future—can run arbitrary code on Tesla vehicles as long as they have physical access to the car. Specifically, the attack is unpatchable because it’s not an attack directly on a Tesla-made component, but rather against the embedded AMD Secure Processor (ASP) which lives inside of the MCU.

It’s unclear of the specifics of this attack, at least until next week’s talk, but researchers say that they use “low-cost, off-the-self hardware” to accomplish it. This attack is complicated, but using a previous presentation at Black Hat 2022 given in part by Niklas Jacob…

Source…

Cyberattacks on hospitals ‘should be considered a regional disaster,’ researchers find : NPR

/in


Cyberattacks on hospitals “should be considered a regional disaster,” a study finds.

Busà Photography/Getty Images


hide caption

toggle caption

Busà Photography/Getty Images

Cyberattacks on hospitals “should be considered a regional disaster,” a study finds.

Busà Photography/Getty Images

It was early May in 2021 when patients flooded the emergency room at the University of California San Diego Health Center.

“We were bringing in backup staff, our wait times had gone haywire, the whole system was overloaded,” said Dr. Christopher Longhurst, UC San Diego’s chief medical officer and digital officer. “We felt it.”

But the crunch wasn’t the result of a massive accident or the latest wave of patients infected by a new coronavirus variant. The influx was the direct result of a ransomware attack, a costly and unfortunately now common form of cybercrime in which hackers lock down their victims’ files and demand a ransom, often millions of dollars, to unlock them.

In reality, UC San Diego wasn’t the target. Their systems were intact. Instead, hackers had breached the hospital down the street, Scripps Health. The culprits not only took over the hospital’s digital records system and its entire computer network, but stole millions of patients’ confidential data. Scripps struggled for weeks to get back online, and is still dealing with the aftermath, having paid $3.5 million in a legal settlement earlier this year with patients whose data was exposed.

Cyberattacks on hospitals ‘should be considered a regional disaster,’ a study finds

Previously, there’s been very little concrete data or analysis breaking down the direct impacts of a cyberattack on a hospital, let alone an entire region of healthcare providers. Most evidence of harm, including deaths, remains anecdotal and has been the subject of lawsuits, including one…

Source…

Ransomware attacks increased 91% in March, as threat actors find new vulnerabilities

/in


Ransomware attacks skyrocketed last month according to the new monthly cybersecurity report by NCC Group. New threat group Cl0p is behind the increase as it exploited vulnerabilities in GoAnywhere file transfer manager.

An upset person looking at multiple screens that say ransomware.
Image: zephyr_p/Adobe Stock

Ransomware attacks have spiked, according to the NCC Group’s Global Threat Intelligence Team. In its monthly threat report, NCC Group reported a 91% increase in ransomware attacks in March versus February and a 62% increase versus the month last year — the highest number of monthly ransomware attacks the group has ever measured (Figure A).

Figure A

Ransomware attacks, 2023 versus 2022.
Image: NCC Group. Ransomware attacks, 2023 versus 2022.

Ransomware-as-a-Service provider Cl0p, the most active threat actor, accounted for 28% of all March victims. NCC Group said it is also the first time Cl0p has been the top RaaS for cybercriminal groups.

Cl0p, a Russian linked entity specializing in double extortion, exfiltrates data then threatens to release it if ransom isn’t forthcoming. The hacking group has been around since 2019, when it successfully attacked major companies like Hitachi, Shell and several other enterprises.

LockBit 3.0 came in second, accounting for 21% of attacks. NCC Group said March 2023 was the second month since September 2021 in which LockBit had not been the top ransomware threat actor. The group’s victims declined 25% from February, per NCC.

SEE: The Royal scam — threat actors promise challenging 2023 

The non-aligned attack group Royal, which appeared in September last year targeting the healthcare sector, was the third most active attacker with a 106% increase in attacks in March versus February (Figure B).

Figure B

Top threat actors in March, 2023.  
Image: NCC Group. Top threat actors in March, 2023.

Cl0p accessed GoAnywhere MFT vulnerability to attack organizations

NCC Group said the increase in attacks by CL0p reflected its exploitation of a vulnerability in Fortra’s GoAnywhere managed file transfer used by thousands of organizations around the world, causing large-scale disruption.

As reported, Fortra found the zero-day vulnerability in January and told only its authenticated users, but it was not assigned a CVE ID on Mitre or patched…

Source…

Is Your Email Safe From Potential Hackers? Here’s How To Find Out

/in


closeup-hands-holding-iphone

closeup-hands-holding-iphone

If you think about how many emails you send and receive every day you may be shocked to learn that a big chunk of your daily life revolves around email. Given its importance, you’ll want to protect your email account and keep it as safe from hackers as possible. “As we all know, keeping our personal information and online accounts secure is more important than ever,” says Tech Expert Jessica Shee, manager at tech company iBoysoft. “With so much of our daily lives happening over email, it’s crucial to know how to tell if your email is safe from hackers and what steps you can take to keep it that way.”

Shee outlines a few major ways you can check whether your email has already been hacked — and some preventative steps you can take to make sure your account is as secure, private, and safe from prying eyes as possible. 

Check If Your Email Is Currently Secure

Is your email account secure at the moment? There are a few ways to check. 

“One easy way is to look for the ‘https’ in the website address or a padlock icon in your browser when you log in to your email,” Shee said. “This indicates that your connection is encrypted and secure. You can also check your account settings to make sure you have two-factor authentication enabled. This adds an extra layer of security by requiring a code to be sent to your phone or another device in addition to your password.”

Another thing Shee suggests doing is regularly checking your sent items and trash folders for emails that you didn’t send. “This can indicate your account has been compromised and you should change your password immediately,” Shee said. 

Preventative Measures 

Even if everything looks solid and secure in your email account today, it’s not a bad idea to take preventative measures that can help keep future hacking attempts at bay. 

First and foremost, use a strong and unique password for your email account,” Shee said. “Avoid using personal information such as your name, birthdate, or address, and mix letters, numbers, and symbols to make it harder for hackers to crack. Another good practice is to be cautious when opening email from unknown senders,…

Source…