![]() ![]() UPDATE: More Uber information data disclosed: vSphere, Google workplace data, and more AWS data. The screenshots revealed that the hackers had access to various internal systems, including G Suite accounts, Amazon Web Services, and code repositories. The Uber employee eventually accepted one of those login requests.Īfter gaining initial access, the attackers sent messages to a company-wide Slack channel announcing the massive security breach and reconfigured Uber’s OpenDNS. They used the phishing technique to steal passwords and repeatedly sent multifactor authentication (MFA) login notifications. The intruders sent a direct message to the employee pretending to be an Uber IT staffer. The company believes that someone affiliated with the hacking group Lapsus$ leveraged the MFA fatigue attack technique to compromise an Uber employee account.Īccording to the New York Times, the hackers social engineered the company’s worker after discovering his WhatsApp number. Last week, Uber confirmed a major cybersecurity attack that compromised its internal communications and engineering systems. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |