While the company says that they did not find any evidence of malicious use of the exposed data, the incident highlights an increasing threat as car manufacturers push into vehicle connectivity and AI-enabled features require the collection of massive quantities of data.
You can check the types of data a particular car manufacturer might be collecting and sharing using this free tool made by automotive privacy company Privacy4Cars.
The United States and its allies have successfully disabled Russian malware that one of the Kremlin’s most sophisticated hacker units had installed on hundreds of computers around the world. After spending years monitoring a malware network called Snake, the FBI developed and deployed a tool called Perseus—named after the Greek hero who slayed monsters—that caused the malware to overwrite and disable itself, the Department of Justice announced on Tuesday.
Snake is developed and operated by Turla, a notorious state-sponsored hacking group linked to Russia’s Federal Security Service, or FSB. Prosecutors said the Russian spies behind Turla have used versions of the Snake malware to steal sensitive documents from scores of governments, journalists, and “other targets of interest to the Russian Federation.”
According to unsealed court documents, the Snake malware operated as a “peer-to-peer” network linking infected computers around the world, allowing Turla to install malware and exfiltrate data.
Europe this week got one step closer to banning facial recognition in public spaces with a lawmaker agreement to strengthen proposed legislation governing how artificial intelligence technology can be used in the European Union.
In a vote on Thursday morning, members of the European Parliament agreed to include the ban in the text of the highly anticipated AI Act, the world’s first comprehensive legislation governing the technology. “This vote is a milestone in regulating AI, and a clear signal from the Parliament that fundamental rights should be a cornerstone of that,” MEP Kim van Sparrentak told Reuters. “AI should serve people, society, and the environment, not the other way around.”
A ransomware group attempted to extort money from Dragos, a leading industrial cybersecurity firm, in an unsuccessful campaign targeting company executives, the firm said on Wednesday.
While the hackers gained access to a limited set of customer data, Dragos said it chose not to engage with the group. “The data that was lost and likely to be made public because we chose not to pay the extortion is regrettable,” the company said. “However, it is our hope that highlighting the methods of the adversary will help others consider additional defenses against these approaches so that they do not become a victim to similar efforts.”