Cyber Weekly Digest - 2022 Week #20


Take a look at this week’s Cyber Weekly Digest to stay up to date on the latest cyber security news including a ransomware gang threatening to overthrow the Costa Rica government and another Apple zero-day patch.


1. Conti ransomware group threatens to overthrow Costa Rican government.

The Conti ransomware gang, has threatened to "overthrow" the new government of the Costa Rica following the cyber attacks last month. The threat group posted on their official website that "We are determined to overthrow the government by means of a cyber attack, we have already shown you all the strength and power," along with claims that "We have our insiders in your government. We are also working on gaining access to your other systems, you have no other options but to pay us." To increase pressure on Costa Rica, Conti also raised ransom demands to $20 million in return for a decryption key to unlock their systems or they will delete the decryption keys in a week.


2. Apple released an emergency security update for an actively exploited zero-day.

Apple has released security updates to address a zero-day vulnerability that threat actors can exploit in attacks targeting Macs and Apple Watch devices. The flaw is an out-of-bounds write issue (CVE-2022-22675) in the AppleAVD (a kernel extension for audio and video decoding) that allows apps to execute arbitrary code with kernel privileges. The list of impacted devices includes Apple Watch Series 3 or late, Macs running macOS Big Sur, Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD.


3. Researchers have found a way attackers can target Tesla Model 3 using Bluetooth attacks.

Security researchers have developed a tool to carry out a Bluetooth Low Energy (BLE) relay attack that bypasses all existing protections to authenticate on target devices. BLE s used in a wide range or products such as building access control systems to cars like Tesla Model 3 and Model Y. While technical details behind this new BLE relay attack have not been published, the researchers say that they tested the method on a Tesla Model 3 from 2020 using an iPhone 13 mini running version 4.6.1-891 of the Tesla app. Tesla owners are encouraged to use the ‘PIN to Drive’ feature, so even if their car is unlocked, at least the attacker won't be able to drive away with it.