Hey there, FixMeFans and StartMeStars! We’re back with another edition of our weekly cybersecurity roundup where we deliver the most recent comings and goings of the cybersecurity world.
This week we’re dealing with news about how researchers hacked into a Tesla vehicle using a drone. As well as how a newly discovered vulnerability is putting millions of Dell PCs at risk. And finally how German police have arrested four members of a gang suspected to be behind one of the world’s biggest child abuse image websites.
Hacking cars from a drone in the sky definitely seems like something from a movie, but cybersecurity researchers are always proving that nothing is impossible. Recently, researchers showcased their ability to crack open a Tesla’s doors with a remote hack from a drone carrying a Wi-Fi dongle.
At the CanSecWest Applied Security conference that was held earlier in April, a team of security researchers displayed their exploit, stating that they required no interaction from anyone in the car. This type of hack would be particularly useful for thieves hoping to nab themselves a new car.
Once hacked, they would be able to “compromise parked cars and control their infotainment systems over WiFi,” the researchers wrote in a post promoting their so-called TBONE hack. “It would be possible for an attacker to unlock the doors and trunk, change seat positions, both steering and acceleration modes – in short, pretty much what a driver pressing various buttons on the console can do. This attack does not yield drive control of the car though.”
Although Tesla has yet to offer a comment on the hack, the vulnerabilities were patched in October last year, so the hack shouldn’t be possible today, according to the researchers.
You can read more about it here!
Recently, cybersecurity researchers have discovered several high severity weaknesses that have been lying dormant on Dell computers. Apparently, these vulnerabilities date back to nearly 12 years ago, and if left unattended, can allow hackers to gain complete control over a victim’s computer!
In order to fully exploit the vulnerabilities, hackers would require some level of access to the affected computer. The weakness lays in the BIOS, the code responsible for launching the PC and its operating system. However, once the hackers gain control over this section, they’d be capable of doing almost anything they wanted to the PC, whether it’s locking up all the files within, destroying them, or installing code that spies on all user activity.
Although Dell has since issued an update for the vulnerability, they claim that they haven’t seen any evidence that the weaknesses have been exploited by malicious hackers. The tech giant recommended that customers review its security advisory at DSA-2021-088, released this morning, where users can find information on the patch that fixes the vulnerability.
You can read up on the situation here!
On Monday, German police announced that they had arrested four members of a gang suspected to be behind one of the world’s largest child abuse image websites, totaling more than 400,000 members worldwide. The website had been a platform for distributing indecent images and videos of children, Germany’s federal police agency said in a statement.
According to reports, the police operation raided seven addresses across Germany and arrested three men who had been linked to operating the website. Police had also arrested a man in Paraguay, who is due to be extradited to Frankfurt. The arrested suspects, who cannot be named due to German law, were 40 to 64 years old.
The three suspects arrested in Germany were accused of founding and maintaining the site, as well as giving members advice on how to avoid arrest. One of them is alleged to have personally uploaded more than 3,500 images.
The website had existed since at least June 2019 and “served the worldwide exchange of child pornography by platform members, whereby mainly recordings of abuse of boys were exchanged.” Although the website and its related chat rooms have since been shutdown, police are still investigating other individuals that may be linked to the website.
You can read more about the situation here!
That’s all for this week’s roundup folks! We hope you’re staying safe with all that’s going on, especially when it comes to your cybersecurity!