#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

android apps hack | Breaking Cybersecurity News | The Hacker News

Researchers Show How to Steal Tesla Car by Hacking into Owner's Smartphone

Researchers Show How to Steal Tesla Car by Hacking into Owner's Smartphone

Nov 26, 2016
New technology is always a little scary, so are Smart Cars. From GPS system and satellite radio to wireless locks, steering, brakes, and accelerator, today vehicles are more connected to networks than ever, and so they are more hackable than ever. It's not new for security researchers to hack connected cars. Previously they had demonstrated how to hijack a car remotely , and how to disable car's crucial functions like airbags by exploiting security bugs affecting significant automobiles. Now this time, researchers at Norway-based security firm Promon have demonstrated how easy it is for hackers to steal Tesla cars through the company's official Android application that many car owners use to interact with their vehicle. Two months ago, Chinese security researchers from Keen Lab managed to hack a Tesla Model S , which allowed them to control a car in both Parking and Driving Mode from 12 miles away. However, Promon researchers have taken an entirely different app
Over 1 Billion Mobile App Accounts can be Hijacked Remotely with this Simple Hack

Over 1 Billion Mobile App Accounts can be Hijacked Remotely with this Simple Hack

Nov 05, 2016
Security researchers have discovered a way to target a huge number of Android and iOS apps that could allow them to remotely sign into any victim's mobile app account without any knowledge of the victim. A group of three researchers – Ronghai Yang, Wing Cheong Lau, and Tianyu Liu – from the Chinese University of Hong Kong has found [ PPT ] that most of the popular mobile apps that support single sign-on (SSO) service have insecurely implemented OAuth 2.0. OAuth 2.0 is an open standard for authorization that allows users to sign in for other third-party services by verifying existing identity of their Google, Facebook, or Chinese firm Sina accounts. This process enables users to sign-in to any service without providing additional usernames or passwords. How are app developers required to implement OAuth? (Right Way) When a user logs into a third party app via OAuth, the app checks with the ID provider, let's say, Facebook, that it has correct authentication details. I
Cybersecurity Tactics FinServ Institutions Can Bank On in 2024

Cybersecurity Tactics FinServ Institutions Can Bank On in 2024

Feb 14, 2024Financial Security / Cyber Threats
The landscape of cybersecurity in financial services is undergoing a rapid transformation. Cybercriminals are exploiting advanced technologies and methodologies, making traditional security measures obsolete. The challenges are compounded for community banks that must safeguard sensitive financial data against the same level of sophisticated threats as larger institutions, but often with more limited resources. The FinServ Threat Landscape Recent trends show an alarming increase in sophisticated cyber-attacks. Cybercriminals now deploy advanced techniques like deep fake technology and AI-powered attacks, making it increasingly difficult for banks to differentiate between legitimate and malicious activities. These developments necessitate a shift towards more sophisticated and adaptive cybersecurity measures. Take these industry statistics, for example. Financial firms report 703 cyberattack attempts per week.1 On average, 270 attacks (entailing unauthorized access of data, appl
Cybersecurity Resources