Security News

Uber believes the hacker behind last week's breach is affiliated with the Lapsus$ extortion group, known for breaching other high-profile tech companies such as Microsoft, Cisco, NVIDIA, Samsung, and Okta. The company added that the attacker used the stolen credentials of an Uber EXT contractor in an MFA fatigue attack where the contractor was flooded with two-factor authentication login requests until one of them was accepted.

I'm coming to you from Vancouver, I'm downtown, I'm looking out the window, and there's actually an Uber sitting outside the window. At a very high level, the consensus appears to be that there was some social engineering of an Uber employee that allowed someone to get a foothold inside of Uber's network.

Empress EMS, a New York-based emergency response and ambulance service provider, has disclosed a data breach that exposed customer information. According to the notification, the company suffered a ransomware attack on July 14, 2022.

Uber, in an update, said there is "No evidence" that users' private information was compromised in a breach of its internal computer systems that was discovered late Thursday. "All of our services including Uber, Uber Eats, Uber Freight, and the Uber Driver app are operational."

Ride-sharing company Uber suffered a security breach Thursday, Aug. 15, that forced the company to shut down several internal communications and engineering systems. Prior to Slack being taken offline Thursday afternoon, Uber employees received a message that said, "I announce I am a hacker and Uber has suffered a data breach." The message also detailed several internal databases the hacker claimed had been compromised, according to the Times.

The breach appeared to have compromised many of Uber's internal systems, and a person claiming responsibility for the hack sent images of email, cloud storage and code repositories to cybersecurity researchers and The New York Times. "They pretty much have full access to Uber," said Sam Curry, a security engineer at Yuga Labs who corresponded with the person who claimed to be responsible for the breach.

Ride hailing giant Uber disclosed Thursday it's responding to a cybersecurity incident involving a breach of its network and that it's in touch with law enforcement authorities.The hack is said to have forced the company to take its internal communications and engineering systems offline as it investigated the extent of the breach.

The operators behind the Lornenz ransomware operation have been observed exploiting a now-patched critical security flaw in Mitel MiVoice Connect to obtain a foothold into target environments for follow-on malicious activities. Lorenz, like many other ransomware groups, is known for double extortion by exfiltrating data prior to encrypting systems, with the actor targeting small and medium businesses located in the U.S., and to a lesser extent in China and Mexico, since at least February 2021.

Hackers have injected malware in multiple extensions from FishPig, a vendor of Magento-WordPress integrations that count over 200,000 downloads. The intruders took control of FishPig's server infrastructure and added malicious code to the vendor's software to gain access to websites using the products, in what is described as a supply-chain attack.

U.S. moving and storage rental company U-Haul has suffered a data breach due to an unauthorized person having accessed an unspecified number of rental contracts, U-Haul's parent company Amerco has revealed in a last week.It is not known have many customers have been affected, but apparently their payment card information is safe - the person had access "Only" to customers' name, driver's license or state identification number.