News & Events

New Malware that Attacks Android Devices, Hackers Steal a Tesla in 30 Seconds and Much More: The Top News in Product Security for This Past Week

Karamba Security | August 30th, 2019
random shapes

A look at some of the top stories from this past week in the world of automotive, IoT, Industry 4.0, and Enterprise Edge product cybersecurity.

New Mirai-like Malware ‘Ares’ Attacks Android Set-top Boxes (Zdnet)

android

Ares searches for Android devices with open ADB ports and then infects the device, causing it to then seek out new vulnerable Android devices. Ares can also target devices running Telnet services, Linux-based servers, and smart devices. The initial main targets included HiSilicon, Cubetek, and QezyMedia. Read the full technical report here.

Flaw in Open-Source Hardware Virtualization Package QEMU Allows Virtual Machine Escapes and Arbitrary Code Attacks (TechRepublic)

code

The vulnerability (CVE-2019-14378) allows attackers to break out of their guest OS and attack the host OS that QEMU runs on.

Day One Attacks on Enterprise Networks: Hackers Have Pulse Secure, Fortinet VPNs, and Webmin Servers in their Crosshairs (ZDNet)

servers

Vulnerabilities found in these devices were made public earlier this month by researchers – and the attacks didn’t take long to follow. These are considered some of the worst attacks over the past year, due to the highly sensitive nature of the systems they target.

Gone in 30 Seconds: Hackers Steal a Tesla from Owner’s Driveway Using a Keyless Hack (DailyMail)

tesla

Footage of hack caught by doorbell camera shows thieves using wires to pick up signal from the car’s electronic key and relay it to the vehicle, which is tricked into thinking the key is in close proximity.

Buffer overflow (CVE-2019-12527) in Squid Web Proxy Could Allow Hackers to Carry Out Remote Code Execution Attacks (SCMedia)

circuit

By sending a crafted HTTP request to the targeted server, an attacker can run malicious code remotely with the privileges of the server process while an unsuccessful attack will cause a Denial of Service condition.

Read the full analysis here.

Read more

Want to learn more?

Contact Us
Loc

USA

41000 Woodward Ave
Building East, Suite 350
Bloomfield Hills, MI 48304
Tel: +1 248-574-5171

Loc

Israel

24 HaNagar Street
Hod Hasharon
45277-13
Tel: +972 9 88 66 113

Loc

Germany

Wasserburger
Landstr. 264, Munich
81827
Tel: +49 151 1471 6088