Tesla Jailbreak Unlocks Theft of In-Car Paid Features

Want heated seats for free? Self-driving in Europe despite a regulatory ban? Researchers have discovered the road to free car-modding on the popular Tesla EVs. [TechWeb]( Follow Dark Reading: [RSS]( August 03, 2023 LATEST SECURITY NEWS & COMMENTARY [Tesla Jailbreak Unlocks Theft of In-Car Paid Features]( Want heated seats for free? Self-driving in Europe despite a regulatory ban? Researchers have discovered the road to free car-modding on the popular Tesla EVs. [Russian APT 'BlueCharlie' Swaps Infrastructure to Evade Detection]( Despite being outed earlier this year, the advanced persistent threat group is trying to sneak past researchers again. [Iranian Company Plays Host to Reams of Ransomware, APT Groups]( Cloudzy is a command-and-control provider (C2P) to APT groups in Iran, North Korea, and Russia, according to Halcyon. [Instagram Flags AI-Generated Content]( Amid the national discussion about AI safety and non-human-originated content in the US, an app researcher spotted an effort by the social media app to flag AI posts for its 2+ billion users. [Hot Topic Apparel Brand Faces Credential-Stuffing Attack]( Due to the nature of the attack, Hot Topic says that it was unable to tell which accounts were accessed by legitimate users and which were accessed by threat actors, making the situation all the more difficult. [Utilities Face Security Challenges as They Embrace Data in New Ways]( A culture of cybersecurity and implementing industry best practices can go a long way toward protecting a utility. [Cyber-Insurance Underwriting Is Still Stuck in the Dark Ages]( Innovations in continuous controls monitoring may be the only way underwriters can offer cyber-insurance policies that make sense in the market. [(Sponsored Article) How to Put the Sec in DevSecOps]( Learn the importance of adding security practices into DevOps life cycles and how to make security stronger. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS ['DarkBERT' GPT-Based Malware Trains Up on the Entire Dark Web]( The DarkBART and DarkBERT cybercriminal chatbots, based on Google Bard, represent a major leap ahead for adversarial AI, including Google Lens integration for images and instant access to the whole of the cyber-underground knowledge base. [Why the California Delete Act Matters]( Bill 362 is a perfect template for a nationwide win against data brokers and the privacy infringements they cause. [CISA: 'Submarine' Backdoor Torpedoes Barracuda Email Security]( A China-nexus cyber-espionage campaign rages on with the fourth backdoor to surface in the wild that takes advantage of the CVE-2023-2868 zero-day security bug — with severe threat of lateral movement, CISA warns. [Lessons Not Learned From Software Supply Chain Attacks]( Businesses that develop business-, mission-, or safety-critical software must learn from previous victims of software supply chain attacks. [MORE]( EDITORS' CHOICE [Apple Users Open to Remote Control via Tricky macOS Malware]( The Hidden Virtual Network Computing (hVNC) malware infests Macs and silently executes complete takeovers, with no user permission needed. It also sports persistence through reboots. LATEST FROM THE EDGE [CISOs Need Backing to Take Charge of Security]( Unless the CEO and other C-suite executives defer to the CISO's decisions on cybersecurity, is the CISO really running things? LATEST FROM DR TECHNOLOGY [What Implementing Biometrics for Authentication Looks Like]( CISOs are incorporating biometrics as part of their multifactor authentication strategies. This is what they should be thinking about during implementation. LATEST FROM DR GLOBAL [Iran's APT34 Hits UAE With Supply Chain Attack]( The prolific APT, also known as OilRig and MuddyWater, was caught targeting an IT company's government clients in the region, with the aim of carrying out cyber espionage. WEBINARS - [Implementing Zero-Trust With A Remote Workforce]( The shift to remote work and a distributed workforce model highlighted the importance of the zero-trust model for organizations. Corporate endpoint devices are no longer protected behind the enterprise perimeter, connect to routers with unknown levels of security, and share ... - [Where and When Automation Makes Sense For Enterprise Cybersecurity]( A shortage of skilled IT security professionals has made it tempting to try to automate everything. But security teams have to be able to determine which tasks are safe to automate. How does emerging automation technology work, and how can ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [The Ultimate Guide to the CISSP]( - [Rediscovering Your Identity]( - [2023 Global Future of Cyber Report]( - [Cybersecurity in a post pandemic world: A focus on financial services]( - [Cybersecurity in 2023 and beyond: 12 leaders share their forecasts]( - [Know your customer: Enable a 360-degree view with customer identity & access management]( [View More White Papers >>]( FEATURED REPORTS - [Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks]( The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ... - [How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment]( Concerns over API security and low-code/no-code use added to an already-full plate of application security challenges for many organizations over the last year. IT and security decision-makers are deeply concerned about compromises resulting from vulnerabilities in the software supply ... - [Successfully Managing Identity in Modern Cloud and Hybrid Environments]( Cloud promised to simplify the security and management of enterprise systems. In many ways it has, but when it comes to identity management it's as complicated as ever. This report details how to get identity programs on track -- and ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [SynSaber and ICS Advisory Project Identify Vulnerability Trends Within The Critical Infrastructure Sector]( [VALIC Retirement Services Company Experiences PBI Data Breach Exposing Approximately 798,000 Social Security Numbers]( [Global Optical Sensor Market to Reach $45.56B by 2030, Rising Demand in Consumer Electronics and IoT Applications]( [Solvo Unveils SecurityGenie: A Revolutionary ChatGPT-Like Solution for Cloud Security Teams]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [How to Use Threat Intelligence to Mitigate Third-Party Risk]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=117584&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_08.24.23&sp_cid=49388&utm_content=DR_NL_Dark%20Reading%20Daily_08.24.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#5c If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)