Flipper Zero attacks Teslas, Google engineer indicted, PetSmart attack warning
Flipper Zero WiFi attack can unlock and steal Tesla cars
The versatile device has found a new skillset which includes compromising Tesla accounts, unlocking the cars and even starting them. This is according to two security researchers, Talal Haj Bakry and Tommy Mysk, who reported the vulnerability to Tesla. The trick is to deploy a “Tesla Guest,” spoofed WiFi network, a name commonly found at charging stations. Once on this network, victims arrive at a fake Tesla login page and are asked to log in using Tesla account credentials, which attackers can see on the Flipper Zero in real time. For its part, representatives of Tesla have determined the researchers’ report to be “out of scope.”
Former Google engineer indicted for stealing AI secrets for Chinese companies
38-year-old Chinese national Linwei Ding was charged on Tuesday by a federal jury in San Francisco with four counts of theft of trade secrets. According to the indictment, quoted by Reuters, “Ding stole detailed information about the hardware infrastructure and software platform that lets Google’s supercomputing data centers train large AI models through machine learning.” Ding allegedly began his thefts in 2022 while being approached to become chief technology officer for an early-stage Chinese tech company. By May 2023, the indictment says, he had uploaded more than 500 confidential files. He faces up to 10 years in prison and a $250,000 fine on each criminal count.
(Reuters)
PetSmart warns customers of credential stuffing attack
The largest retailer chain for pet products in the U.S. is telling some customers that their passwords have been reset following an ongoing credential stuffing attack. The email alert states that PetSmart reset passwords for accounts that were logged in during the time of the attacks since they could not determine if the logged-in user was the account owner or the hackers. It adds there is no indication that petsmart.com or any of its systems had been compromised.
Canadian city says ransomware attack recovery timeline unknown
The City of Hamilton, Ontario, a city of 600,000 located essentially halfway between Toronto and Buffalo New York continues to dig out from under a ransomware attack that was discovered on February 25. Infrastructure services such as water and wastewater treatment, waste collection, and transit are operational, but everything that needs digital transactions for payments including taxes and fines must now be done in cash. Municipal government services, including child-care and libraries are dealing with website and phone problems. City representatives do not have a timeline for full recovery, and no ransomware group has yet taken credit for the attack.
领英推荐
(The Record)?
Huge thanks to this week’s episode sponsor, Conveyor
Thieves use Wi-Fi jammers to break into people’s homes
Burglars are using WiFi jammers to disarm home surveillance cameras and alarms that many people choose to buy cheap on marketplaces like Amazon. Despite being illegal to use in the U.S., they have proven to be an inexpensive and effective way to overwhelm many WiFi connected devices. The Los Angeles Police Department recommends residents use hard-wired security systems instead.
Threat actors using Facebook messages to spread Snake information stealer
Researchers at Cybereason state that the infostealer is based on Python and seeks to pull credentials from an infected system and transmit them to platforms including Discord, GitHub, and Telegram. The procedure is initiated by sending Facebook messenger direct messages to the victims to get them to download RAR or ZIP files. Certain phraseology and tools used within the campaign, suggest that it belongs to Vietnamese speaking individuals.??
New Linux malware campaign targets range of misconfigured instances
This new campaign targets misconfigured Apache Hadoop, Confluence, Docker, and Redis instances. According to researchers from Cado Security, the threat actors are using “previously undetected payloads, including four Golang binaries used to automate the discovery and infection of hosts running the above services.” It appears the attackers are using this campaign to drop and execute a cryptocurrency miner.