datasheet

Article count:16428 Read by:87919360

Hottest Technical Articles
Exclusive: A senior executive of NetEase Games was taken away for investigation due to corruption
OPPO is going global, and moving forward
It is reported that Xiaohongshu is testing to directly direct traffic to personal WeChat; Luckin Coffee is reported to enter the US and hit Starbucks with $2, but the official declined to comment; It is reported that JD Pay will be connected to Taobao and Tmall丨E-commerce Morning News
Yu Kai of Horizon Robotics stands at the historical crossroads of China's intelligent driving
Lei Jun: Don't be superstitious about BBA, domestic brands are rising in an all-round way; Big V angrily criticized Porsche 4S store recall "sexy operation": brainless and illegal; Renault returns to China and is building a research and development team
A single sentence from an overseas blogger caused an overseas product to become scrapped instantly. This is a painful lesson. Amazon, Walmart, etc. began to implement a no-return and refund policy. A "civil war" broke out between Temu's semi-hosted and fully-hosted services.
Tmall 3C home appliances double 11 explosion: brands and platforms rush to
Shareholders reveal the inside story of Huayun Data fraud: thousands of official seals were forged, and more than 3 billion yuan was defrauded; Musk was exposed to want 14 mothers and children to live in a secret family estate; Yang Yuanqing said that Lenovo had difficulty recruiting employees when it went overseas in the early days
The app is coming! Robin Li will give a keynote speech on November 12, and the poster reveals a huge amount of information
It is said that Zhong Shanshan asked the packaged water department to sign a "military order" and the entire department would be dismissed if the performance did not meet the standard; Ren Zhengfei said that it is still impossible to say that Huawei has survived; Bilibili reported that employees manipulated the lottery丨Leifeng Morning News
MoreDaily News
Hot WeChat Articles
Countdown to the "Core" discount, direct delivery of spot goods at TI.COM
Annual debate on autonomous driving: mass production is driven by three factors, and the essence is a data arms race | MEET2022
"Linux System Programming and Debugging and Tuning Technology" four-day offline course--starting in Shanghai on October 25, 2017
What’s so special about Wi-Fi 6?
Worried about the new US president turning the world upside down? Why not worry about the annoying smog first?
Will Ronaldo be the first chain-linked scoring champion in history?
Apple laptops expand production share in mainland China
Synopsys has settled in Zhihu and invites you to start the "core" journey together!
Welcome to participate in the ST New Year quiz and win a JD e-card
Popular Articles
LED chemical incompatibility test to see which chemicals LEDs can be used with
Application of ARM9 hardware coprocessor on WinCE embedded motherboard
What are the key points for selecting rotor flowmeter?
LM317 high power charger circuit
A brief analysis of Embest's application and development of embedded medical devices
Single-phase RC protection circuit
stm32 PVD programmable voltage monitor
Introduction and measurement of edge trigger and level trigger of 51 single chip microcomputer
Improved design of Linux system software shell protection technology
What to do if the ABB robot protection device stops
Other WeChat Articles
Simplify PCB layout, shorten design time, and "plant grass" this integrated isolated RS485 + isolated power transceiver!
ADI helps new infrastructure丨Arc detection, an essential skill for photovoltaic systems
ADI MEMS IMU helps Huace pocket RTK achieve efficient and high-precision positioning
Technology for good, ADI people take action to protect the world's environment
Say no to false alarms! Test this ADI smoke detector!
How to minimize the radiation of Ćuk stabilizer? This method will teach you ~
Accept the challenge of power IC requirements and easily achieve precisely regulated supply voltage!
What is our goal? Flexible, robust, low power, low latency, small size...
Here is a gadget that can instantly measure circuit characteristics.
The charging pile industry continues to benefit from the new infrastructure construction with high-efficiency and high-power charging solutions
Devices of possible interest
Q4.0-MQ1-30-30/100-T4
24TDMEJ40
1718561007
97-3107A18-19PY-417-940
906819-G30
KWLAWBAF
SC16M8200B5FJ1836
Y07868K45000Q0L
RNC55J3650DSR36
WBDDSS8-A-06-6812-C-B
Hot Download Recommendations
TCP/IP Explained, Volume 2: Implementation (pdf e-book)
Analysis of the Causes of Rural Transformer Failures
Realization of Universal Current Transfer Function Using CMOS Integrated Transconductor
Introduce the WiMAX Design Ver
Writing Bug-Free C Code
AP9585S
Examples of learning Struts and hibernate
Design of a time relay control circuit with adjustable delay time
Simple battery circuit extends Power-over-Ethernet (PoE) peak current
LCD12864 Display Program
Look around
Account Entry

Hackers hacked Tesla AWS account to mine

Latest update time:2018-02-21
    Reads:


Text | Li Qin

Report from Leiphone.com (leiphone-sz)

People's love for Tesla is at two extremes.

At one extreme, after someone got into a serious car accident while driving a Tesla, the person enthusiastically reported the bug to Tesla officials without saying anything, and then casually ordered a new Tesla.

Some people... hacked into Tesla's AWS account just to mine.

Hackers accessed Tesla's Amazon cloud account and used it to run mining software, researchers at security firm RedLock said in a report on Tuesday. The researchers said the incident was similar to the plight of Gemalto, the world's largest SIM card manufacturer, and Aviva, a multinational insurance company.

In October, hackers gained access to cloud accounts at both Amazon and Microsoft after discovering that access credentials were not being properly secured, using them to run a wave of coin-mining malware.

Tuesday's report said the initial entry point into the Tesla cloud breach was an insecure management console for Kubernetes, the open-source software package that companies use to deploy and manage vast swathes of cloud-based applications and resources.

"The hackers penetrated Tesla's unprotected Kubernetes console," RedLock researchers wrote. "In a Kubernetes pod, access credentials were exposed to Tesla's AWS environment, which contained sensitive data such as telemetry."

In order to hide their tracks and avoid being discovered too early, thus disrupting the mining plan, the attackers hid the IP address of the malware in the security company Cloudflare. They also configured the mining software to access the Internet using non-standard ports and connect to unlisted or semi-public endpoints instead of known mining pools. The attackers may also cut CPU resources used to mine digital coins. These measures can help hide illegal mining and make it difficult to detect.

In addition to allowing the attackers to run mining malware, RedLock said the hackers' intrusion also exposed certain non-public Tesla data, including sensitive telemetry information related to Tesla vehicles. RedLock said it has reported the discovery to Tesla.

In an email, a Tesla representative wrote: "We have a bug bounty program to encourage this kind of research, and we fixed the vulnerability within hours of learning about it. This hack appears to have only affected internal engineering test vehicles, and after initial investigation, we have not found any customer privacy or vehicle security impacted by this incident."

Researchers also recently discovered that a trove of sensitive FedEx customer data was exposed on a publicly accessible Amazon storage site and could have been available to anyone for years. Researchers also reported that cryptocurrency malware is even making some companies unable to operate.

It seems that the black tycoons can't resist the urge to mine, and even ignore the "Tesla" that everyone loves.

Translated from ars Technica

- END -

The Spring Festival is approaching, and the golden charging period is coming! AI MOOC Academy has launched the "Spring Festival AI Charging" event for AI learning enthusiasts, with high-quality AI introductory courses, popular application series courses, and multiple choices! Winter vacation AI learning carnival, discounts on discounts, and benefits are endless! Spring Festival AI Charging 2018 wins at the starting line! Click for details Read the original text Link or long press to identify the QR code above~

Latest articles about

Database "Suicide Squad" 
Exclusive: Yin Shiming takes over as President of Google Cloud China 
After more than 150 days in space, the US astronaut has become thin and has a cone-shaped face. NASA insists that she is safe and healthy; it is reported that the general manager of marketing of NetEase Games has resigned but has not lost contact; Yuanhang Automobile has reduced salaries and laid off employees, and delayed salary payments 
Exclusive: Google Cloud China's top executive Li Kongyuan may leave, former Microsoft executive Shen Bin is expected to take over 
Tiktok's daily transaction volume is growing very slowly, far behind Temu; Amazon employees exposed that they work overtime without compensation; Trump's tariff proposal may cause a surge in the prices of imported goods in the United States 
OpenAI's 7-year security veteran and Chinese executive officially announced his resignation and may return to China; Yan Shuicheng resigned as the president of Kunlun Wanwei Research Institute; ByteDance's self-developed video generation model is open for use丨AI Intelligence Bureau 
Seven Swordsmen 
A 39-year-old man died suddenly while working after working 41 hours of overtime in 8 days. The company involved: It is a labor dispatch company; NetEase Games executives were taken away for investigation due to corruption; ByteDance does not encourage employees to call each other "brother" or "sister" 
The competition pressure on Douyin products is getting bigger and bigger, and the original hot-selling routines are no longer effective; scalpers are frantically making money across borders, and Pop Mart has become the code for wealth; Chinese has become the highest-paid foreign language in Mexico丨Overseas Morning News 
ByteDance has launched internal testing of Doubao, officially entering the field of AI video generation; Trump's return may be beneficial to the development of AI; Taobao upgrades its AI product "Business Manager" to help Double Eleven丨AI Intelligence Bureau 

 
EEWorld WeChat Subscription

 
EEWorld WeChat Service Number

 
AutoDevelopers

About Us Customer Service Contact Information Datasheet Sitemap LatestNews

Room 1530, Zhongguancun MOOC Times Building,Block B, 18 Zhongguancun Street, Haidian District,Beijing, China Tel:(010)82350740 Postcode:100190

Copyright © 2005-2024 EEWORLD.com.cn, Inc. All rights reserved 京ICP证060456号 京ICP备10001474号-1 电信业务审批[2006]字第258号函 京公网安备 11010802033920号