A savvy car thief could drive off with a Tesla Model S by using just a few, relatively inexpensive pieces of computing hardware and some radios — at least, the thief could have until recently, when Tesla fixed an overlooked vulnerability in its cars’ security systems.
The Kaspersky Lab Global Research and Analysis Team (GReAT) has discovered several infections from a previously unknown Trojan, which is most likely related to the infamous Chinese-speaking threat actor – LuckyMouse. The most peculiar trait of this malware is its hand-picked driver, signed with a legitimate digital certificate, which has been issued by a company developing information security-related software.
A concentrated spam campaign pushing ransomware is targeting businesses in Europe, encrypting files and demanding victims pay a ransom in order to retrieve them.
More than 5,000 people have been affected by the data breach at Cork City’s Park by Phone service, it emerged last night.
Users of the Mega.nz file hosting and sharing service were targeted through a supply chain attack in which hackers replaced the company’s official Chrome extension with a malicious version. The attack happened Sept. 4 at 14:30 UTC (10:30 a.m. EST), when MEGA’s Chrome extension was updated to version 3.39.4 on the Google Chrome Web Store. The update was not pushed by MEGA itself, but by hackers, and the new version contained code designed to steal people’s login credentials on various websites, including amazon.com, live.com, github.com, google.com, myetherwallet.com, mymonero.com and idex.market.
