Toggle light / dark theme

PerfektBlue Bluetooth Vulnerabilities Expose Millions of Vehicles to Remote Code Execution

Cybersecurity researchers have discovered a set of four security flaws in OpenSynergy’s BlueSDK Bluetooth stack that, if successfully exploited, could allow remote code execution on millions of transport vehicles from different vendors.

The vulnerabilities, dubbed PerfektBlue, can be fashioned together as an exploit chain to run arbitrary code on cars from at least three major automakers, Mercedes-Benz, Volkswagen, and Skoda, according to PCA Cyber Security (formerly PCAutomotive). Outside of these three, a fourth unnamed original equipment manufacturer (OEM) has been confirmed to be affected as well.

“PerfektBlue exploitation attack is a set of critical memory corruption and logical vulnerabilities found in OpenSynergy BlueSDK Bluetooth stack that can be chained together to obtain Remote Code Execution (RCE),” the cybersecurity company said.

Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord

The attack chains begin when one of these adversary-controlled accounts messages a victim through X, Telegram, or Discord, urging them to test out their software in exchange for a cryptocurrency payment.

Should the target agree to the test, they are redirected to a fictitious website from where they are promoted to enter a registration code provided by the employee to download either a Windows Electron application or an Apple disk image (DMG) file, depending on the operating system used.

On Windows systems, opening the malicious application displays a Cloudflare verification screen to the victim while it covertly profiles the machine and proceeds to download and execute an MSI installer. Although the exact nature of the payload is unclear, it’s believed that an information stealer is run at this stage.

Researchers discover more efficient way to route information in quantum computers

Quantum computers have the potential to revolutionize computing by solving complex problems that stump even today’s fastest machines. Scientists are exploring whether quantum computers could one day help streamline global supply chains, create ultra-secure encryption to protect sensitive data against even the most powerful cyberattacks, or even develop more effective drugs by simulating their behavior at the atomic level.

But building efficient quantum computers isn’t just about developing faster chips or better hardware. It also requires a deep understanding of quantum mechanics—the strange rules that govern the tiniest building blocks of our universe, such as atoms and electrons—and how to effectively move information through .

In a paper published in Physics Review X, a team of physicists—including graduate student Elizabeth Champion and assistant professor Machiel Blok from the University of Rochester’s Department of Physics and Astronomy—outlined a method to address a tricky problem in quantum computing: how to efficiently move information within a multi-level system using quantum units called qudits.

/* */