President Trump was taken aback when Treasury chief Steven Mnuchin said the U.S. asked China's trade delegation to reschedule a farm tour.Politicsread more
As China marks the 70th anniversary of its founding on Oct. 1, CNBC takes a look at the rise of the Asian giant through the years — and projections of where it's headed.China Economyread more
The tax cut came as Indian Prime Minister Narendra Modi's government attempts to spur the country's slowing economy.Asia Economyread more
Lawmakers in Congress on Monday pressed for full disclosure of a whistleblower's complaint about President Donald Trump as Democratic calls for impeachment intensified over...Politicsread more
Stocks have been grinding sideways, but technical analysts say once they breakout, the move to the upside could be powerful.Market Insiderread more
The brewer also issued an additional 189,354,000 shares. Budweiser APAC's IPO is now expected to raise about US$5 billion.China Marketsread more
Rising home prices and conservative borrowing have today's homeowners sitting on a record amount of potential cash. Today's mortgage holders saw their home equity increase by...Real Estateread more
Shareholders are accusing Tesla of improperly valuing the SolarCity deal, providing flawed analysis and misleading investors.Technologyread more
The FAA says each country's regulator will decide when the Boeing 737 Max can return to the skies as the grounding of Boeing's best seller, edges toward its eighth month.Airlinesread more
U.S. Treasury Secretary Steven Mnuchin said Monday that the two country's negotiators had made some progress in easing their trade tensions in last week's deputy-level...World Politicsread more
Stocks were barely changed. American Express gained, but Netflix was a notable laggard.Marketsread more
Tesla's cloud system was hijacked by hackers who used it to mine cryptocurrency, according to researchers.
Hackers were able to infiltrate the automaker's Kubernetes administration console because it was not password protected, cybersecurity firm RedLock said Tuesday. Kubernetes is a Google-designed system aimed at optimizing cloud applications.
This left access credentials for Tesla's Amazon Web Services (AWS) account exposed, and hackers deployed cryptocurrency mining software called Stratum to mine cryptocurrency using the cloud's computing power.
Cryptocurrency mining is a process whereby so-called miners solve complex mathematical problems to validate a transaction and add it to the underlying network.
RedLock did not specify which cryptocurrency was mined in the cyber breach.
Other major firms, including British insurer Aviva and Dutch SIM-maker Gemalto, were affected by similar problems, RedLock said. But the incident affecting Tesla's cloud system was more sophisticated, and used a number of different strategies to hide the hackers from being detected.
RedLock said that it notified Tesla of the cyber exposure and that it was swiftly rectified.
Tesla said that it did not see any initial impact on customer data protection or the safety and security of its vehicles.
"We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it," a spokesperson for Tesla said in an emailed statement.
"The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way."
RedLock CTO Gaurav Kumar said businesses should monitor suspicious cyber activities to avoid being compromised.
"The message from this research is loud and clear — the unmistakable potential of cloud environments is seriously compromised by sophisticated hackers identifying easy-to-exploit vulnerabilities," Kumar said in a statement Tuesday.
"In our analysis, cloud service providers such as Amazon, Microsoft and Google are trying to do their part, and none of the major breaches in 2017 was caused by their negligence."
He added: "However, security is a shared responsibility. Organizations of every stripe are fundamentally obliged to monitor their infrastructures for risky configurations, anomalous user activities, suspicious network traffic, and host vulnerabilities. Without that, anything the providers do will never be enough."
This incident marks another case of what is known in the cryptocurrency world as "cryptojacking."
Cryptojacking is a process whereby hackers deploy software that exploits a computer's CPU (central processing unit) to mine cryptocurrency.
This version of Browsealoud infected the government websites with Coinhive code, which is used to generate units of privacy-focused cryptocurrency monero.
U.S. online news outlet Salon is even asking visitors to its site who use ad blocking plugins if it can use their computing power to mine monero instead.