Tesla key fob issues, Tor Browser zero-day woes, and you’ve got malware!

Weekly Security Mashup - September 18, 2018

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup.

Dude, don’t take my Tesla! Plus Tor Browser zero-day (already wiped away), and you’ve got malware (if you fall for it!). Watch this week’s episode here:

Tesla Model S hack could let thieves clone key fobs to steal cars

Technology is wonderful when it makes life more convenient—your life, that is. But what happens when it makes it more convenient for a thief to steal your stuff? More specifically, what if your Tesla key fob makes it easy to steal your Tesla? Last week, researchers at KU Leven University in Belgium demonstrated how they could break the encryption used in the Model S wireless key fob. Watch this segment to learn why the Tesla key fob is trending in security news.

TOR Browser zero-day vulnerability revealed on Twitter; patched immediately

The major selling point of the Tor Browser (the recommended browser for using The Onion Router network) is anonymity. Hence its popularity with privacy advocates, political dissidents in repressive countries, and yes, criminals (including hackers and terrorists). The promise is that you can say and do what you want and nobody can find you—unless, of course, something goes wrong with Tor’s application security testing and a zero-day vulnerability is born, discovered, and bought and sold. Watch this segment to discover why it’s trending.

Phishing warning: One in every one hundred emails is now a hacking attempt

One in every hundred emails received across the globe is a malicious email. That is, it was sent with malicious intent, which covers any cyber-criminal purpose, including installing malware, spear phishing, and fraud. The security firm FireEye is out with a new report on email threats. It says that after reviewing more than half a billion emails between July and December 2017, the firm found that one in every 101 was a malicious email. Watch this segment to see why it’s trending.

Stay up-to-date on the latest security news.

Subscribe to the blog today!

*** This is a Security Bloggers Network syndicated blog from Software Integrity authored by Taylor Armerding. Read the original post at:

Secure Guardrails