What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-05-31 13:00:00 | Cyberheistnews Vol 13 # 22 [Eye on Fraud] Un examen plus approfondi de la hausse massive de 72% des attaques de phishing financier CyberheistNews Vol 13 #22 [Eye on Fraud] A Closer Look at the Massive 72% Spike in Financial Phishing Attacks (lien direct) |
CyberheistNews Vol 13 #22 | May 31st, 2023
[Eye on Fraud] A Closer Look at the Massive 72% Spike in Financial Phishing Attacks
With attackers knowing financial fraud-based phishing attacks are best suited for the one industry where the money is, this massive spike in attacks should both surprise you and not surprise you at all.
When you want tires, where do you go? Right – to the tire store. Shoes? Yup – shoe store. The most money you can scam from a single attack? That\'s right – the financial services industry, at least according to cybersecurity vendor Armorblox\'s 2023 Email Security Threat Report.
According to the report, the financial services industry as a target has increased by 72% over 2022 and was the single largest target of financial fraud attacks, representing 49% of all such attacks. When breaking down the specific types of financial fraud, it doesn\'t get any better for the financial industry:
51% of invoice fraud attacks targeted the financial services industry
42% were payroll fraud attacks
63% were payment fraud
To make matters worse, nearly one-quarter (22%) of financial fraud attacks successfully bypassed native email security controls, according to Armorblox. That means one in five email-based attacks made it all the way to the Inbox.
The next layer in your defense should be a user that\'s properly educated using security awareness training to easily identify financial fraud and other phishing-based threats, stopping them before they do actual damage.
Blog post with links:https://blog.knowbe4.com/financial-fraud-phishing
[Live Demo] Ridiculously Easy Security Awareness Training and Phishing
Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Join us Wednesday, June 7, @ 2:00 PM (ET), for a live demonstration of how KnowBe4 introduces a new-school approach to security awareness training and simulated phishing.
Get a look at THREE NEW FEATURES and see how easy it is to train and phish your users.
|
Ransomware Malware Hack Tool Threat Conference | Uber ChatGPT ChatGPT Guam | ★★ |
 |
2023-05-05 15:41:29 | L'ancien chef de la sécurité de l'uber a été condamné à la couverture du piratage Ex-Uber security chief sentenced over covering up hack (lien direct) |
Joseph Sullivan a été condamné pour couvrer une violation de sécurité de 57 millions de comptes d'utilisateurs en 2016.
Joseph Sullivan was convicted over covering up a security breach of 57 million user accounts in 2016. |
Hack | Uber | ★★ |
 |
2022-10-13 10:05:10 | What the Uber Hack can teach us about navigating IT Security (lien direct) | The recent Uber cyberattack shows us the myriad tactics employed by threat actors to breach corporate networks. Learn more about these tactics used and how to navigate IT Security. [...] | Hack Threat | Uber Uber | |
 |
2022-10-06 15:11:37 | Ex-Uber security chief convicted of hiding hack from federal regulators (lien direct) | Former security chief may be first exec found guilty of hiding a data breach. | Hack | Uber | |
 |
2022-10-06 13:16:00 | Guilty verdict in the Uber breach case makes personal liability real for CISOs (lien direct) | Yesterday, a federal jury handed down a guilty verdict to Joe Sullivan, the former CSO on charges of “obstruction of the proceedings of the Federal Trade Commission and misprision of felony in connection with the attempted cover-up of a 2016 hack at Uber” according to a notice published by the Department of Justice (DOJ).US Attorney Stephanie Hinds, upon learning of the verdict, admonished companies that are storing data as to their responsibility to also “protect that data and to alert customers and appropriate authorities when such data is stolen by hackers. Sullivan affirmatively worked to hide the data breach from the Federal Trade Commission (FTC) and took steps to prevent the hackers from being caught. We will not tolerate the concealment of important information from the public by corporate executives more interested in protecting their reputation and that of their employers than in protecting users. Where such conduct violates the federal law, it will be prosecuted.”To read this article in full, please click here | Data Breach Hack | Uber Uber | |
 |
2022-10-03 05:00:59 | Méfiance : l\'authentification multifacteur ne vous protège pas totalement des pirates (lien direct) | 
Le hack récent d'Uber a montré une fois de plus que les systèmes d'authentification à plusieurs facteurs ne sont pas toujours efficaces pour contrer les cybercriminels, qui usent de nouvelles techniques pour tenter de vous piéger.
L'article Méfiance : l'authentification multifacteur ne vous protège pas totalement des pirates est à retrouver sur 01net.com. |
Hack | Uber | |
 |
2022-09-22 13:44:39 | Tech news you may have missed: Sept 15 – 21 (lien direct) | >Learn how to grant access to Excel workbook ranges, get the latest updates on the Windows 11 22H2 release and learn about the Uber hack in this week's roundup of the news. | Hack | Uber Uber | |
|
2022-09-22 02:00:00 | D&O insurance not yet a priority despite criminal trial of Uber\'s former CISO (lien direct) | The trial of former Uber CISO Joe Sullivan marks the first time a cybersecurity chief has faced potential criminal liability. Sullivan is charged with trying to conceal from federal investigators the details of a 2016 hack at Uber that exposed the email addresses and phone numbers of 57 million drivers and passengers. The two charges against Sullivan, obstruction of justice and failure to report a crime, carry potential jail time of five and three years, respectively, in a watershed case that has drawn the attention of security professionals.To read this article in full, please click here | Hack | Uber Uber | |
|
2022-09-19 14:26:20 | Uber links breach to Lapsus$ group, blames contractor for hack (lien direct) | Uber believes the hacker behind last week's breach is affiliated with the Lapsus$ extortion group, known for breaching other high-profile tech companies such as Microsoft, Cisco, Nvidia, Samsung, and Okta. [...] | Hack | Uber Uber | |
 |
2022-09-19 10:24:11 | GTA 6 Videos and Source Code Stolen in Rockstar Games Hack (lien direct) | The Rockstar Games hacker also claims to be behind the recent Uber breach | Hack | Uber Uber | |
 |
2022-09-18 11:58:11 | Uber says there is no evidence that users\' private information was compromised (lien direct) | Uber hack update: There is no evidence that users’ private information was compromised in the data breach. Uber provided an update regarding the recent security breach of its internal computer systems, the company confirmed that there is no evidence that intruders had access to users’ private information. “We have no evidence that the incident involved […] | Hack | Uber Uber | |
 |
2022-09-16 17:00:29 | Blame game follows Uber hack. Experts say don\'t fault employee. (lien direct) | The Uber hack may be a lesson in poor security design and points to problems with vulnerable multi-factor authentication. | Hack | Uber Uber | |
 |
2022-09-16 14:07:13 | Massive Data Breach at Uber (lien direct) | It’s big: The breach appeared to have compromised many of Uber’s internal systems, and a person claiming responsibility for the hack sent images of email, cloud storage and code repositories to cybersecurity researchers and The New York Times. “They pretty much have full access to Uber,” said Sam Curry, a security engineer at Yuga Labs who corresponded with the person who claimed to be responsible for the breach. “This is a total compromise, from what it looks like.” It looks like a pretty basic phishing attack; someone gave the hacker their login credentials. And because Uber has lousy internal security, lots of people have access to everything. So once a hacker gains a foothold, they have access to everything... | Data Breach Hack | Uber Uber | |
|
2022-09-16 10:10:38 | Uber investigating hack on its computer systems (lien direct) | A hacker was apparently able to gain access to the company's internal systems. | Hack | Uber | |
 |
2022-09-16 08:38:00 | Uber Says It\'s Investigating a Potential Breach of Its Computer Systems (lien direct) | Ride hailing giant Uber disclosed Thursday it's responding to a cybersecurity incident involving a breach of its network and that it's in touch with law enforcement authorities. The New York Times first reported the incident. The hack is said to have forced the company to take its internal communications and engineering systems offline as it investigated the extent of the breach. | Hack | Uber | |
 |
2022-08-10 12:00:24 | Making Linux Kernel Exploit Cooking Harder (lien direct) | Posted by Eduardo Vela, Exploit Critic Cover of the medieval cookbook. Title in large letters kernel Exploits. Adorned. Featuring a small penguin. 15th century. Color. High quality picture. Private collection. Detailed.The Linux kernel is a key component for the security of the Internet. Google uses Linux in almost everything, from the computers our employees use, to the products people around the world use daily like Chromebooks, Android on phones, cars, and TVs, and workloads on Google Cloud. Because of this, we have heavily invested in Linux's security - and today, we're announcing how we're building on those investments and increasing our rewards.In 2020, we launched an open-source Kubernetes-based Capture-the-Flag (CTF) project called, kCTF. The kCTF Vulnerability Rewards Program (VRP) lets researchers connect to our Google Kubernetes Engine (GKE) instances, and if they can hack it, they get a flag, and are potentially rewarded. All of GKE and its dependenci |
Hack | Uber | |
|
2022-05-19 02:00:00 | Uber CISO\'s trial underscores the importance of truth, transparency, and trust (lien direct) | Truth, transparency and trust are the three T's that all CISOs and CSOs should embrace as they march through their daily grind of keeping their enterprise and the data safe and secure. Failure to adhere to the three T's can have serious consequences.Case in point: A federal judge recently ordered Uber Technologies to work with its former CSO, Joseph Sullivan (who held the position from April 2015 to November 2017), and review a plethora of Uber documents that Sullivan has requested in unredacted form for use in his defense in the upcoming criminal trial.The case against Uber's former CSO By way of background, Uber's former CSO faces a five-felony count superseding indictment associated with his handling of the company's 2016 data breach. The court document, filed in December 2021, alleges Sullivan “engaged in a scheme designed to ensure that the data breach did not become public knowledge, was concealed, and was not disclosed to the FTC and to impacted users and drivers.” Furthermore, the two individuals, who are believed to have affected the hack and subsequently requested payment for non-disclosure ultimately received $100,000 from Uber's bug bounty program. These individuals were identified in media as, Vasile Mereacre, a Canadian citizen living in Toronto, and Brandon Glover, a Florida resident, both of whom were later indicted for their breach of Lynda (a company acquired by Linkedin).To read this article in full, please click here | Data Breach Hack | Uber Uber | |
 |
2021-12-24 10:25:00 | Former Uber CSO Faces New Charge for 2016 Breach (lien direct) | US feds accuse Joe Sullivan of using bug bounty to conceal 2016 hack and breach | Hack | Uber Uber | |
 |
2021-02-10 16:48:33 | Researcher manages to hack into 35 tech firms (lien direct) | Security researcher, Alex Birsan had an idea last year while working with Justin Gardner, another researcher. This idea led to him being able to gain access to over 35 major tech companies’ internal systems in a supply chain attack. Among these were Microsoft, Apple, Netflix and Uber. This particular supply chain attack is so sophisticated, […] | Hack | Uber | |
|
2021-02-09 13:04:16 | (Déjà vu) Researcher hacks over 35 tech firms in novel supply chain attack (lien direct) | A researcher managed to hack systems of over 35 major tech companies including Microsoft, Apple, PayPal, Shopify, Netflix, Tesla, Yelp, Tesla, and Uber in a novel software supply chain attack. For his ethical hacking research efforts, the researcher has been awarded over $130,000 in bug bounties. [...] | Hack | Uber Uber | |
|
2021-02-09 13:04:16 | Researcher hacks Microsoft, Apple, more in novel supply chain attack (lien direct) | A researcher managed to hack systems of over 35 major tech companies including Microsoft, Apple, PayPal, Shopify, Netflix, Tesla, Yelp, Tesla, and Uber in a novel software supply chain attack. For his ethical hacking research efforts, the researcher has been awarded over $130,000 in bug bounties. [...] | Hack | Uber Uber | |
 |
2020-08-24 15:21:46 | Former Uber Security Chief Charged With Paying Hush Money To Cover Up 2016 Hack (lien direct) | As reported by The Verge, Uber's former security chief has been charged with obstruction of justice for trying to hide a data breach from the Federal Trade Commission and Uber management, according to a statement from the Department of Justice. Joseph Sullivan, who was Uber's chief security officer from April 2015 to November 2017, allegedly concealed … The ISBuzz Post: This Post Former Uber Security Chief Charged With Paying Hush Money To Cover Up 2016 Hack | Data Breach Hack | Uber | |
|
2020-08-21 10:04:22 | Uber ex-security boss accused of covering up hack attack (lien direct) | Joseph Sullivan has been charged with obstruction of justice in the US over a 2016 data breach. | Hack | Uber | |
 |
2020-08-20 20:51:02 | Former Uber CSO charged for 2016 hack cover-up (lien direct) | DOJ officials say former Uber CSO Joe Sullivan lied to management about the security breach and paid hush money to the hackers. | Hack | Uber | |
 |
2020-08-20 16:30:00 | Former Uber CSO Charged in Hack Cover-up (lien direct) | The charges stem from a 2016 attack in which 57 million records were breached. | Hack | Uber | |
 |
2020-07-25 05:22:55 | CarryMinati\'s YouTube Channel Hacked To Stream Bitcoin Scam (lien direct) | Popular Indian roaster and streamer on YouTube, Ajey Nagar, aka CarryMinati is the latest victim of the ongoing BitCoin hack scandal. The hack happened on the second channel of CarryMinati, which goes by the name of CarryisLive, where he streams himself playing video games, often with other YouTubers and celebrities. Just a week ago in […] | Hack | Uber | |
|
2020-07-15 22:11:20 | Several High-Profile Accounts Hacked in the Biggest Twitter Hack of All Time (lien direct) | Social media platform Twitter, earlier today on Wednesday, was on fire after it suffered one of the biggest cyberattacks in its history.
A number of high-profile Twitter accounts, including those of US presidential candidate Joe Biden, Amazon CEO Jeff Bezos, Bill Gates, Elon Musk, Uber, and Apple, were breached simultaneously in what's a far-reaching hacking campaign carried out to promote a |
Hack | Uber | |
 |
2020-03-04 12:26:32 | Police raid tech support scam centre who had their CCTV hacked by vigilantes (lien direct) | An indepth investigation by online vigilantes has exposed the activities of an Indian tech support scam centre. Extraordinarily, fraudsters had the tables turned on them as YouTuber Jim Browning was able to hack into the call centre and access recordings of scam phone calls and even watch live CCTV footage exposing the criminals at work. | Hack | Uber | |
 |
2020-01-28 16:53:00 | There\'s no evidence the Saudis hacked Jeff Bezos\'s iPhone (lien direct) | There's no evidence the Saudis hacked Jeff Bezos's iPhone.This is the conclusion of the all the independent experts who have reviewed the public report behind the U.N.'s accusations. That report failed to find evidence proving the theory, but instead simply found unknown things it couldn't explain, which it pretended was evidence.This is a common flaw in such forensics reports. When there's evidence, it's usually found and reported. When there's no evidence, investigators keep looking. Todays devices are complex, so if you keep looking, you always find anomalies you can't explain. There's only two results from such investigations: proof of bad things or anomalies that suggest bad things. There's never any proof that no bad things exist (at least, not in my experience).Bizarre and inexplicable behavior doesn't mean a hacker attack. Engineers trying to debug problems, and support technicians helping customers, find such behavior all the time. Pretty much every user of technology experiences this. Paranoid users often think there's a conspiracy against them when electronics behave strangely, but "behaving strangely" is perfectly normal.When you start with the theory that hackers are involved, then you have an explanation for the all that's unexplainable. It's all consistent with the theory, thus proving it. This is called "confirmation bias". It's the same thing that props up conspiracy theories like UFOs: space aliens can do anything, thus, anything unexplainable is proof of space aliens. Alternate explanations, like skunkworks testing a new jet, never seem as plausible.The investigators were hired to confirm bias. Their job wasn't to do an unbiased investigation of the phone, but instead, to find evidence confirming the suspicion that the Saudis hacked Bezos.Remember the story started in February of 2019 when the National Inquirer tried to extort Jeff Bezos with sexts between him and his paramour Lauren Sanchez. Bezos immediately accused the Saudis of being involved. Even after it was revealed that the sexts came from Michael Sanchez, the paramour's brother, Bezos's team double-downed on their accusations the Saudi's hacked Bezos's phone.The FTI report tells a story beginning with Saudi Crown Prince sending Bezos a message using WhatsApp containing a video. The story goes:The downloader that delivered the 4.22MB video was encrypted, delaying or preventing further study of the code delivered along with the video. It should be noted that the encrypted WhatsApp file sent from MBS' account was slightly larger than the video itself.This story is invalid. Such messages use end-to-end encryption, which means that while nobody in between can decrypt them (not even WhatsApp), anybody with possession of the ends can. That's how the technology is supposed to work. If Bezos loses/breaks his phone and needs to restore a backup onto a new phone, the backup needs to have the keys used to decrypt the WhatsApp messages.Thus, the forensics image taken by the investigators had the necessary keys to decrypt the video -- the investigators simply didn't know about them. In a previous blogpost I explain these magical WhatsApp keys and where to find them so that anybody, even you at home, can forensics their own iPhone, retrieve these keys, and decrypt their own videos. | Hack | Uber | |
|
2019-10-31 22:20:11 | (Déjà vu) Men who were paid $100,000 by Uber to hush-up hack plead guilty to extortion scheme (lien direct) | Two hackers face up to five years in prison after pleading guilty to their involvement in a scheme which saw them attempt to extort money from Uber and LinkedIn in exchange for the deletion of stolen data. Read more in my article on the Tripwire State of Security blog. | Hack Guideline | Uber | |
 |
2019-10-31 18:10:27 | Men paid $100K by Uber to hush up hack plead guilty to extortion scheme (lien direct) | Two hackers face up to five years in prison after pleading guilty to their involvement in a scheme which saw them attempt to extort money from Uber and LinkedIn in exchange for the deletion of stolen data. Twenty-six-year-old Brandon Charles Glover and Vasile Meacre, 23, entered guilty pleas this week at a federal court in […]… Read More | Hack Guideline | Uber | |
|
2018-12-27 03:00:00 | The most interesting and important hacks of 2018 (lien direct) | Each year a few hackers do something new that begs further examination. The general public and Hollywood paints most hackers as these uber-smart people who can take control of entire city's infrastructure and crack any password in seconds. The reality is that most hackers are fairly average people with average intelligence. Most don't do anything new. They just repeat the same things that have worked for years, if not decades, using someone else's tool based on someone else's hack from many years ago. | Hack Tool | Uber | |
|
2018-11-05 02:20:03 | Kemp Cites Voter Database Hacking Attempt, Gives No Evidence (lien direct) | The office of Secretary of State Brian Kemp, who is also the Republican gubernatorial nominee, said Sunday it is investigating the state Democratic Party in connection with an alleged attempt to hack Georgia's online voter database, which is used to check in voters at polling places in the midterm elections. | Hack | Uber | |
|
2018-10-30 03:00:00 | Biggest data breach penalties for 2018 (lien direct) | Uber: $148 million Image by Getty/UberIn 2016 ride-hailing app Uber had 600,000 driver and 57 million user accounts were breached. Instead of reporting the incident the company paid the perpetrator $100,000 to keep the hack under wraps. Those actions, however, cost the company dearly. The company was fined $148 million -- the biggest data-breach payout in history – for violation of state data breach notification laws. |
Data Breach Hack | Uber |
1
We have: 34 articles.
We have: 34 articles.
To see everything:
Our RSS (filtrered)
