Security News

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

The threat actors behind ClearFake, SocGholish, and dozens of other actors have established partnerships with another entity known as VexTrio as part of a massive "criminal affiliate program," new...

Joe Sullivan, Uber's CEO during their 2016 data breach, is appealing his conviction. Prosecutors charged Sullivan, whom Uber hired as CISO after the 2014 breach, of withholding information about the 2016 incident from the FTC even as its investigators were scrutinizing the company's data security and privacy practices.

Joe Sullivan, the former Uber CSO who has been convicted last year for attempting to cover up a data breach Uber suffered in 2016 and kept it hidden from the Federal Trade Commission, has been sentenced to three years of probation plus 200 hours of community service. Sullivan became Chief Security Officer at Uber in April 2015, and in November 2016 testified before the FTC under oath that the company had taken to keep customer data secure following a 2014 data breach.

Joe Sullivan won't serve any serious time behind bars for his role in covering up Uber's 2016 computer security breach and trying to pass off a ransom payment as a bug bounty. A San Francisco judge on Thursday sentenced the app maker's now-former chief security officer to three years of probation plus 200 hours of community service, despite prosecutors' pleas to throw Sullivan in the cooler.

Uber has had more of its internal data stolen from a third party that suffered a security breach. Uber did not respond to The Register's question about how many of its drivers had their records stolen.

Uber executives said the information leaked was not from the massive breach in September, but from an attack on Teqtivity, a supplier whose software enables enterprises to keep track of their IT assets, such as phones and computers, and performs work for Uber. According to a statement from Teqtivity, an attacker gained access to a company backup server hosted by Amazon Web Services that stored code and data files related to Teqtivity's customers, such as Uber.

Uber has suffered a new data breach after a threat actor leaked employee email addresses, corporate reports, and IT asset information stolen from a third-party vendor in a cybersecurity incident. Early Saturday morning, a threat actor named 'UberLeaks' began leaking data allegedly stolen from Uber and Uber Eats on a hacking forum known for publishing data breaches.

I have been meaning to write about Joe Sullivan, Uber's former Chief Security Officer. He was convicted of crimes related to covering up a cyberattack against Uber.

Uber's security compromise earlier this month is an unfortunate result of concerns left over from an attack the company sustained in 2016 when a pair of hackers outside of Uber accessed user data that was stored on a 3rd-party server. While MFA can guard against attacks using stolen credentials, that doesn't protect against what could happen if a hacker has credentials and uses them for a more advanced attack.