Security News for the Week Ending November 26, 2021
Tesla Locks Owners Out of Cars – On Accident
Hundreds of Tesla owners got locked out of their cars when a server that powers the Tesla app crashed due to load. Apparently those owners forgot there is such a thing as a car key. The outage lasted about 5 hours and Elon Musk later tweeted that they would work to avoid this in the future. This doesn’t happen often; just a reminder that no tech is perfect. Credit: The Guardian
The Zelle Fraud Scam – Don’t Fall Victim
The Zelle fraud scam starts with a fake text message that asks if you made a Zelle payment in the amount of $X. If you respond to the text with anything, you will get a call from the scammer pretending to be your bank. The scammer asks for your online banking USER NAME (not password) and the hacker then does a password reset, asking you for the PIN that your bank sends to do the password reset. And then empties your bank account. For more details, see the Brian Krebs account of the attack.
Microsoft Says Attackers Don’t Bother to Brute Force Long Passwords
A Microsoft engineer analyzed over 25 million password attempts against a honeypot of SSH servers and discovered that 77% of the attempts to brute force a password used passwords of 7 characters or less and only 6% used passwords of over 10 characters. Also, only 7% of the attempts used a special character. This gives users some parameters for constructing passwords. Credit: The Record
US Sanctions 28 Quantum Computing Companies in China, Russia, Pakistan and Japan
The US continues to work on protecting our technology from foreign bad actors. The Commerce Department added 28 companies in multiple countries as a risk to the US. These sanctions prohibit US companies from dealing with these organizations. Given that quantum computing is a strategic technology for everyone, we do not want to accidentally be helping the bad guys. For a list of these companies, check out this article.
Israel Bans Sales of Hacking Tools to 65 Countries
In the wake of all of the negative press that Israeli hacking tools company NSO Group is getting, including being banned in the US, Israel reduced the list of countries that companies like NSO can sell to from 102 to just 37 countries. See the list here.
India to Ban Almost All Private Crypocurrencies
India is about to ban almost all private cryptocurrencies. A new bill will create a framework for an official digital currency, to be issued by the Reserve Bank of India. Included in the ban would be Bitcoin and Ethereum. Effectively, if this bill becomes law non-fiat cryptocurrency would cease to exist in one of the world’s most populous countries. Credit: Euronews