Security Week Briefing

Tesla key card feature can be abused to steal cars.

Views expressed in this cybersecurity-cyber crime update are those of the reporters and correspondents.

Accessed on 13 June 2022, 2030 UTC.

Content provided by email subscription to "Security Week Briefing."

Source:  https://mail.google.com/mail/u/0/#inbox/FMfcgzGpGTGBmMDTBPChflRWQcXXstMP

Please click link or scroll down to read your selections.

Thanks for joining us today.

Russ Roberts

https://www.hawaiicybersecurityjournal.net

https://paper.li/RussellRoberts (machine learning, artificial intelligence, IoT, and information security)

Visit SecurityWeek.Com | Advertise | Contact   WebcastsRSS Feed 06.13.22 Monday, June 13, 2022 Featured Session Fireside Chat With Aanchal Gupta, VP, Azure Security and Head of Microsoft Security Response Join us as we discuss Microsoft's security response mission and priorities, the CISO's decision-making process, and best practices for securing public and private cloud deployments. June 15th | Virtual Event Register Here Facilitating Convergence of Physical Security and Cyber Security With Open Source Intelligence Fusion centers are able to converge cyber and physical security, close gaps in coverage, and scale security to protect facilities and hundreds of thousands of employees. Read the Full Column by Landon Winkelvoss 4 Ways to Close the OT Cybersecurity Talent Gap There are no easy solutions to close the operational technology (OT) cybersecurity talent gap, but here are few ideas to help you get started. Read the Full Column by Galina Antova Digital Experience Monitoring: More Important Than Ever Digital experience monitoring technology goes beyond the monitoring of resources and applications, allowing for automated remediation and uncompromised user productivity. Read the Full Column by Torsten George Automation. Where do We Go from Here? As automation continues to evolve, a new approach to accelerate detection and response is emerging based on data and business logic to automatically trigger simple actions that can be standalone or be chained together. Read the Full Column by Marc Solomon Tapping Neurodiverse Candidates Can Address Cybersecurity Skills Shortage Cybersecurity teams must be much more inclusive in their hiring processes, if they want to hire the best people and have loyal staff. Read the Full Column by Jeff Orloff SecurityWeek’s Cloud Security Summit, Presented by Palo Alto Networks Learn how to utilize tools, controls, and design models needed to properly secure cloud environments. June 15th | Virtual Event Register Here See All Recent Articles at SecurityWeek.Com Researcher Shows How Tesla Key Card Feature Can Be Abused to Steal Cars: A researcher has found a new way to hack and steal Teslas, via a Bluetooth-based relay attack that abuses a key card feature. Read More New Speculative Execution Attack Against Apple M1 Chips: MIT researchers present PACMAN, a new speculative execution attack that bypasses the software security primitive called pointer authentication on Apple’s M1 processor. Read More Researchers: Wi-Fi Probe Requests Expose User Data: Academics discover that mobile devices leak identifying information about their owners via Wi-Fi probe requests. Read More Drupal Patches 'High-Risk' Third-Party Library Flaws: A pair of high-risk flaws in a third-party library exposes Drupal-powered websites to remote takeover attacks. Read More HYCU Raises $53 Million for Data Backup Technology: Backup-as-a-service firm HYCU has raised $53 million in a Series B funding round led by Acrew Capital. Read More Chinese Hackers Adding Backdoor to iOS, Android Web3 Wallets in 'SeaFlower' Campaign: Researchers analyze SeaFlower, an activity cluster linked to China that involves adding backdoors to popular iOS and Android Web3 wallets. Read More Cybercriminals, State-Sponsored Threat Actors Exploiting Confluence Server Vulnerability: Multiple cybercrime and state-sponsored threat groups are exploiting the recently patched Confluence Server vulnerability tracked as CVE-2022-26134. Read More Cybersecurity Courses Ramp Up Amid Shortage of Professionals: Cybersecurity training grounds are popping up for students, recent grads and people who don’t even attend the college but are interested in cybersecurity careers. Read More Billion-Dollar Valuations Can't Halt Layoffs at OneTrust, Cybereason: Despite soaring valuations, several well-capitalized cybersecurity startups with 'unicorn' valuations are cutting staff to weather macroeconomic storms. Read More 38 Tech Leaders Sign Cyber Resilience Pledge: In partnership with Coalition to Reduce Cyber Risk (CR2), 37 organizations in eight countries have signed a pledge to improve cyber resilience against ransomware and other threats. Read More Vulnerabilities in HID Mercury Access Controllers Allow Hackers to Unlock Doors: Access control products from LenelS2 and other vendors using HID Mercury controllers are affected by vulnerabilities that can allow hackers to remotely unlock doors. Read More Chinese Cyberspy Group 'Aoqin Dragon' Targeting Southeast Asia, Australia Since 2013: SentinelOne details the MO of a Chinese cyberespionage group actively targeting education, government, and telecommunication organizations since at least 2013. Read More