FEDORA-EPEL-2022-81ce78cd62
Packages in this update:
rubygem-git-1.11.0-1.el8
Update description:
Security fix for CVE-2022-25648
rubygem-git-1.11.0-1.el8
Security fix for CVE-2022-25648
Locks that use Bluetooth Low Energy to authenticate keys are vulnerable to remote unlocking. The research focused on Teslas, but the exploit is generalizable.
In a video shared with Reuters, NCC Group researcher Sultan Qasim Khan was able to open and then drive a Tesla using a small relay device attached to a laptop which bridged a large gap between the Tesla and the Tesla owner’s phone.
“This proves that any product relying on a trusted BLE connection is vulnerable to attacks even from the other side of the world,” the UK-based firm said in a statement, referring to the Bluetooth Low Energy (BLE) protocol—technology used in millions of cars and smart locks which automatically open when in close proximity to an authorised device.
Although Khan demonstrated the hack on a 2021 Tesla Model Y, NCC Group said any smart locks using BLE technology, including residential smart locks, could be unlocked in the same way.
Another news article.
A new report warns hackers could exploit flaws in agricultural hardware used to plant and harvest crops
The UK’s Revenge Porn Helpline received 1124 reports of sextortion last year, compared to 593 in 2020
Ivanti observed a 7.6% rise in the number of vulnerabilities tied to ransomware, most of which were exploited by Conti
needrestart-3.6-1.el8
Security fix for CVE-2022-30688
needrestart-3.6-1.el7
Security fix for CVE-2022-30688