Skip to content

Gotham Security Daily Threat Alerts

by on April 1, 2014

March 28, Threatpost – (International) FTC settles with Fandango, Credit Karma over SSL issues in mobile apps. Fandango and Credit Karma agreed to a settlement with the Federal Trade Commission (FTC) after the FTC charged that both companies deliberately misrepresented the security of their mobile apps and created apps that failed to validate SSL certificates. The companies are required by the settlement to submit to independent security audits for the next 20 years and to create comprehensive security programs. Source: http://threatpost.com/ftc-settles-with-fandango-credit-karma-over-ssl-issues-in-mobile-apps/105128

March 28, IDG News Service – (International) Philips smart TVs open to remote attacks via default wireless connection, researchers say. Researchers at ReVuln published a demonstration video showing that the newest firmware for some Philips smart TVs opens an insecure Miracast wireless network that could allow attackers within signal range to control the TV. The Miracast feature is vulnerable to attackers due to a hard-coded password. Source: http://www.networkworld.com/news/2014/032814-philips-smart-tvs-open-to-280196.html

March 31, Softpedia – (International) Hackers can unlock Tesla cars by stealing owners’ passwords. A security researcher reported that the password created by Tesla car owners can be easily obtained via brute force attacks due to it only containing six letters and numbers, allowing attackers to track the location of Tesla cars or unlock the door locks remotely. The remote management API also may share credentials with untrusted third parties that could also lead to security issues. Source: http://news.softpedia.com/news/Hackers-Can-Unlock-Tesla-Cars-by-Stealing-Owners-Passwords-434979.shtml

From → Security

Comments are closed.

%d bloggers like this: