Reading Time: ~ 2 min.

Multiple Tesla Models Vulnerable to GPS Attacks

Though it’s not the only manufacturer to offer GPS navigation in their vehicles, Tesla has once again suffered an attack on their GPS autopilot features. These attacks were able to trick the car into thinking it had arrived at an off-ramp more than two miles early, causing it to start to merge and eventually turn off the road entirely, even with a driver attempting to stop the action. Using off-the-shelf products, the test conductors were able to gain control of Tesla’s GPS in less than a minute.

Oregon DHS Successfully Phished

The personally identifiable information for at least 645,000 Oregon Department of Human Services (DHS) patients was illicitly accessed after a successful phishing attack on nine DHS employees. The attack allowed the hackers to obtain 2 million emails from the accounts, which contained everything from names and birthdates to social security numbers and confidential health information. Fortunately, the DHS issued a password reset shortly after the initial breach that stopped the attackers from getting any further and began contacting potential victims of the attack.

IP and Computer Blacklisting in New Ryuk Variant

The latest variant of the Ryuk ransomware includes an IP blacklist and a computer name check prior to beginning encryption. The IPs and computer name strings were likely implemented to stop any encryption of Russian computer systems. After these checks, the ransomware continues as normal using .RYK as the appended file extension and a ransom note that points victims to make payments to one of two proton mail accounts.

EatStreet Ordering Services Breached

A data breach is affecting the food ordering service EatStreet and possibly all of its 15,000 partnered restaurants. Payment card information for millions of customers using the app, along with some banking information for the 15,000 business partners, is believed to have been compromised in the breach. Though EatStreet quickly began improving their security and implementing multi-factor authentication following the breach, the damage was already done.

Fake System Cleaners on the Rise

While phony system cleaner apps have been common for many years, a recent study shows that user numbers for these apps has doubled from the same time last year to nearly 1.5 million. These apps often appear innocent and helpful at the outset, while others have begun taking an outright malicious approach. To make matters worse, these apps are commonly installed to fix the very issues they later create by slowing the computer down and causing annoying popups. 

Connor Madsen

About the Author

Connor Madsen

Threat Research Analyst

As a Threat Research Analyst, Connor is tasked with discovering and identifying new malware variants, as well as testing current samples to ensure efficacy. Don’t miss the latest security news from around the world in his weekly Cyber News Rundown blog.

Share This