Facebook Vice President David Marcus is the face of the company's Libra digital currency, but the original driving force was a 26-year-old female corporate-development...Technologyread more
Amazon's new policy for account suspensions doesn't go far enough to protect sellers from potentially unfair and wrongful suspensions, merchants say.Technologyread more
There is no end in sight to the Boeing 737 Max grounding after two fatal crashes, prompting airlines to rethink their growth plans.Airlinesread more
After a year of flooding, Midwest farmers face a stifling heat wave that's spreading across the U.S.Agricultureread more
A quarter of the S&P 500 companies report earnings next week, and that could buffet the market as investors await the July Fed meeting.Market Insiderread more
Moving lots of data to a public cloud over the internet can take months or years. CNBC got an inside look at how AWS transfers data to the cloud for its clients.Technologyread more
Iran's Revolutionary Guard claims a British tanker it still holds, Stena Impero, failed to follow international maritime rules.World Newsread more
"It troubles me that the most important political office in the world is becoming the face of racism and exclusion," Kaeser said in a Twitter post.Politicsread more
Silver's rally could be losing its shine after the precious metal reached its year-to-date high, futures experts warn.Futures Nowread more
Some 40% of Americans would struggle to come up with even $400 to pay for an emergency expense. Just how are so many Americans so short on cash? Blame debt.Personal Financeread more
Amazon hires Trump-allied lobbyist Jeff Miller as battle for Pentagon contract heats up.Politicsread more
Tesla's cloud system was hijacked by hackers who used it to mine cryptocurrency, according to researchers.
Hackers were able to infiltrate the automaker's Kubernetes administration console because it was not password protected, cybersecurity firm RedLock said Tuesday. Kubernetes is a Google-designed system aimed at optimizing cloud applications.
This left access credentials for Tesla's Amazon Web Services (AWS) account exposed, and hackers deployed cryptocurrency mining software called Stratum to mine cryptocurrency using the cloud's computing power.
Cryptocurrency mining is a process whereby so-called miners solve complex mathematical problems to validate a transaction and add it to the underlying network.
RedLock did not specify which cryptocurrency was mined in the cyber breach.
Other major firms, including British insurer Aviva and Dutch SIM-maker Gemalto, were affected by similar problems, RedLock said. But the incident affecting Tesla's cloud system was more sophisticated, and used a number of different strategies to hide the hackers from being detected.
RedLock said that it notified Tesla of the cyber exposure and that it was swiftly rectified.
Tesla said that it did not see any initial impact on customer data protection or the safety and security of its vehicles.
"We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it," a spokesperson for Tesla said in an emailed statement.
"The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way."
RedLock CTO Gaurav Kumar said businesses should monitor suspicious cyber activities to avoid being compromised.
"The message from this research is loud and clear — the unmistakable potential of cloud environments is seriously compromised by sophisticated hackers identifying easy-to-exploit vulnerabilities," Kumar said in a statement Tuesday.
"In our analysis, cloud service providers such as Amazon, Microsoft and Google are trying to do their part, and none of the major breaches in 2017 was caused by their negligence."
He added: "However, security is a shared responsibility. Organizations of every stripe are fundamentally obliged to monitor their infrastructures for risky configurations, anomalous user activities, suspicious network traffic, and host vulnerabilities. Without that, anything the providers do will never be enough."
This incident marks another case of what is known in the cryptocurrency world as "cryptojacking."
Cryptojacking is a process whereby hackers deploy software that exploits a computer's CPU (central processing unit) to mine cryptocurrency.
This version of Browsealoud infected the government websites with Coinhive code, which is used to generate units of privacy-focused cryptocurrency monero.
U.S. online news outlet Salon is even asking visitors to its site who use ad blocking plugins if it can use their computing power to mine monero instead.