Top 7 Cybersecurity Stories This Week
Largest DDoS attack EVER hits KrebsOnSecurity Blog
The biggest DDoS attacks ever seen has been aimed at security blogger, Brian Krebs, after he exposed hackers who carry out such attacks for cash. At its peak, the attack aimed 620 gigabits of data a second at the site. Text found in attack data packets suggested it was mounted to protest against Krebs' work to uncover who was behind a prolific DDoS attack. Read more.
Tesla patches remote takeover bug in Model S
Tesla moved quickly to patch a vulnerability discovered by Tencent security research team Keen Security Lab. The vulnerability allowed someone to remotely gain control of the vehicle to trigger things including the turn signal, the sun roof, the seat position and unlock the doors while the vehicle is parked so long as the car was making use of its in-car web browser and was physically close to and connected with a maliciously modified Wi-Fi hotspot. Read more.
U.S. government green-lights guidelines for self-driving cars
The U.S. department of transportation issued a series of guidelines regarding autonomous vehicles last night. The guidelines include a 15-point safety assessment for vehicles for different categories, which include crashworthiness, privacy, vehicle cybersecurity, ethical considerations and how a vehicle sees the road. The benchmarks are currently left open ended to leave room for innovation with this new technology. Read more.
North Korea accidentally lets world access all 28 of its websites
A misconfiguration in the name server for North Korean websites allowed researcher Matthew Bryant to access the domain names for all websites registered to a “.kp” website. On North Korea's own 28 sites, users were able to find information on travel and flight booking, cooking, culture, news, a university, spirituality, and art and film. Read more.
2016 On Track To See Over 1 Billion Records Breached
According to the Breach Level Index (BLI) sponsored by Gemalto, there have been 554,454,942 records breached in in 974 publicly reported incidents over the first half of 2016, which is on pace to a 56 percent increase in breaches from last year. Read more.
San Bernardino iPhone Hack: Media Agencies Sue FBI For Vendor Details
Media companies Associated Press, Gannett Co. and Vice Media LLC have sued the FBI asking it to disclose the vendor behind the unlocking of the iPhone in the San Bernardino case and the amount of the payment made.The case was filed under the U.S. Freedom of Information Act, citing no legal basis to withhold the information. Earlier requests to reveal the secret deal were turned down by the government agency. Read more.
iPhone passcode bypassed with NAND mirroring attack
A Cambridge University computer scientist, Sergei Skorobogatov, demonstrated a hacking technique capable of cracking iPhone passcode security. Skorobogatov used a technique called NAND mirroring and $100 worth of computer parts, which allows the hacker to clone the flash memory chip for multiple attempts at cracking the passcode. Read more.