Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2023-01-09 16:16:26 |
Microsoft: Kubernetes clusters hacked in malware campaign via PostgreSQL (lien direct) |
The Kinsing malware is now actively breaching Kubernetes clusters by leveraging known weaknesses in container images and misconfigured, exposed PostgreSQL containers. [...] |
Malware
|
Uber
|
★★
|
|
2022-12-12 13:30:18 |
Uber suffers new data breach after attack on vendor, info leaked online (lien direct) |
Uber has suffered a new data breach after a threat actor leaked employee email addresses, corporate reports, and IT asset information stolen from a third-party vendor in a cybersecurity incident. [...] |
Data Breach
Threat
|
Uber
Uber
|
★
|
|
2022-10-13 10:05:10 |
What the Uber Hack can teach us about navigating IT Security (lien direct) |
The recent Uber cyberattack shows us the myriad tactics employed by threat actors to breach corporate networks. Learn more about these tactics used and how to navigate IT Security. [...] |
Hack
Threat
|
Uber
Uber
|
|
|
2022-09-19 14:26:20 |
Uber links breach to Lapsus$ group, blames contractor for hack (lien direct) |
Uber believes the hacker behind last week's breach is affiliated with the Lapsus$ extortion group, known for breaching other high-profile tech companies such as Microsoft, Cisco, Nvidia, Samsung, and Okta. [...] |
Hack
|
Uber
Uber
|
|
|
2022-06-28 06:39:23 |
Over 900,000 Kubernetes instances found exposed online (lien direct) |
Over 900,000 misconfigured Kubernetes clusters were found exposed on the Internet to potentially malicious scans, some even vulnerable to data-exposing cyberattacks. [...] |
|
Uber
|
|
|
2022-02-04 10:43:31 |
Argo CD vulnerability leaks sensitive info from Kubernetes apps (lien direct) |
A vulnerability in Argo CD, used by thousands of orgs for deploying applications to Kubernetes, can be leveraged in attacks to disclose sensitive information such as passwords and API keys. [...] |
Vulnerability
|
Uber
|
|
|
2022-01-25 11:56:28 |
Linux kernel bug can let hackers escape Kubernetes containers (lien direct) |
A vulnerability affecting Linux kernel and tracked as CVE-2022-0185 can be used to escape Kubernetes containers, giving access to resources on the host system. [...] |
Vulnerability
|
Uber
|
|
|
2022-01-02 09:48:35 |
(Déjà vu) Uber ignores vulnerability that lets you send any email from Uber.com (lien direct) |
A vulnerability in Uber's email system allows just about anyone to send emails on behalf of Uber. Uber is aware of the flaw but has decided not to fix it for now. [...] |
Vulnerability
|
Uber
Uber
|
|
|
2022-01-02 09:48:35 |
Uber dismisses vulnerability that lets you email anyone as Uber! (lien direct) |
A vulnerability in Uber's email system allows just about anyone to send emails on behalf of Uber. Uber is aware of the flaw but has decided not to fix it. [...] |
Vulnerability
|
Uber
Uber
|
|
|
2021-10-20 11:49:39 |
Google: YouTubers\' accounts hijacked with cookie-stealing malware (lien direct) |
Google says YouTube creators have been targeted with password-stealing malware in phishing attacks coordinated by financially motivated threat actors since at least late 2019. [...] |
Malware
|
Uber
|
|
|
2021-08-04 01:02:03 |
NSA and CISA share Kubernetes security recommendations (lien direct) |
The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have published comprehensive recommendations for strengthening the security of an organization's Kubernetes system. [...] |
|
Uber
|
|
|
2021-07-23 11:27:27 |
Attackers deploy cryptominers on Kubernetes clusters via Argo Workflows (lien direct) |
Threat actors are abusing misconfigured Argo Workflows instances to deploy cryptocurrency miners on Kubernetes (K8s) clusters. [...] |
Threat
|
Uber
|
|
|
2021-07-07 14:31:10 |
White House urges mayors to review local govts\' cybersecurity posture (lien direct) |
Following recent ransomware attacks, Deputy National Security Advisor Anne Neuberger asked US mayors to immediately hold a meeting with the heads of state agencies to evaluate their cybersecurity posture. [...] |
Ransomware
|
Uber
|
|
|
2021-07-01 11:00:00 |
NSA: Russian GRU hackers use Kubernetes to run brute force attacks (lien direct) |
The National Security Agency (NSA) warns that Russian nation-state hackers are conducting brute force attacks to access US networks and steal email and files. [...] |
|
Uber
|
|
|
2021-06-09 13:05:29 |
Microsoft warns of cryptomining attacks on Kubernetes clusters (lien direct) |
Microsoft warns of an ongoing series of attacks compromising Kubernetes clusters running Kubeflow machine learning (ML) instances to deploy malicious containers that mine for Monero and Ethereum cryptocurrency. [...] |
|
Uber
|
|
|
2021-06-07 06:51:59 |
New Kubernetes malware backdoors clusters via Windows containers (lien direct) |
New malware active for more than a year is compromising Windows containers to compromise Kubernetes clusters with the end goal of backdooring them and paving the way for attackers to abuse them in other malicious activities. [...] |
Malware
|
Uber
|
|
|
2021-06-03 09:56:30 |
White House urges businesses to "take ransomware crime seriously" (lien direct) |
The White House has urged business leaders and corporate executives to "take ransomware crime seriously" in a letter issued by Anne Neuberger, the National Security Council's chief cybersecurity adviser. [...] |
Ransomware
Guideline
|
Uber
|
|
|
2021-02-09 13:04:16 |
(Déjà vu) Researcher hacks over 35 tech firms in novel supply chain attack (lien direct) |
A researcher managed to hack systems of over 35 major tech companies including Microsoft, Apple, PayPal, Shopify, Netflix, Tesla, Yelp, Tesla, and Uber in a novel software supply chain attack. For his ethical hacking research efforts, the researcher has been awarded over $130,000 in bug bounties. [...] |
Hack
|
Uber
Uber
|
|
|
2021-02-09 13:04:16 |
Researcher hacks Microsoft, Apple, more in novel supply chain attack (lien direct) |
A researcher managed to hack systems of over 35 major tech companies including Microsoft, Apple, PayPal, Shopify, Netflix, Tesla, Yelp, Tesla, and Uber in a novel software supply chain attack. For his ethical hacking research efforts, the researcher has been awarded over $130,000 in bug bounties. [...] |
Hack
|
Uber
Uber
|
|
|
2020-12-08 09:20:00 |
All Kubernetes versions affected by unpatched MiTM vulnerability (lien direct) |
The Kubernetes Product Security Committee has provided advice on how to temporarily block attackers from exploiting a vulnerability that could enable them to intercept traffic from other pods in multi-tenant Kubernetes clusters in man-in-the-middle (MiTM) attacks. [...] |
Vulnerability
|
Uber
|
|
|
2020-07-10 14:06:37 |
(Déjà vu) Uber Eats outage in multiple countries, \'Internal Server Error" reports (lien direct) |
The Uber Eats food delivery service is having an outage in multiple countries that is preventing orders from being placed in the app. [...] |
|
Uber
|
★★
|
|
2020-07-10 14:06:37 |
Uber Eats outage reported in multiple countries (lien direct) |
The Uber Eats food delivery service is having an outage in multiple countries that is preventing orders from being placed in the app. [...] |
|
Uber
|
|
|
2019-10-02 12:59:59 |
Zendesk Security Breach May Impact Orgs Like Uber, Slack, and FCC (lien direct) |
Customer service software company Zendesk is sending users notifications regarding a security incident that might have impacted roughly 10,000 Zendesk Support and Chat accounts activated prior to November 1, 2016. [...] |
|
Uber
|
|
|
2019-08-20 11:15:02 |
Severe Flaws in Kubernetes Expose All Servers to DoS Attacks (lien direct) |
Two high severity security flaws impacting the Kubernetes open-source system for handling containerized apps can allow an unauthorized attacker to trigger a denial of services state remotely, without user interaction. [...] |
|
Uber
|
|
|
2019-06-20 16:30:04 |
Epic Games Sues YouTuber CBV for Selling Fortnite Cheats (lien direct) |
In a lawsuit filed Tuesday, Epic Games is suing a YouTuber who goes by the name CBV for allegedly selling cheats Fornite and ruining the game for other users. [...] |
|
Uber
|
|
|
2019-05-08 03:10:00 |
Scammers Try to Trick YouTubers Into Giving Up Password (lien direct) |
A scammer looking to take over a YouTube account got a big fat nothing by targeting the owner of a channel that saw right through the fraud and spread the word about the attempt. [...] |
|
Uber
|
|
|
2019-02-15 13:16:02 |
Ai-Powered Website Generates Realistic Human Faces On the Spot (lien direct) |
A website created by Philip Wang, an Uber software engineer, and hosted at thispersondoesnotexist.com allows its visitors to generate realistic looking human faces of people that do NOT actually exist each time they hit the Refresh button. [...] |
|
Uber
|
|
|
2019-02-11 14:10:01 |
RunC Vulnerability Gives Attackers Root Access on Docker, Kubernetes Hosts (lien direct) |
A container breakout security flaw found in the runc container runtime allows malicious containers to overwrite the host runc binary and gain root-level code execution on the host machine. [...] |
Vulnerability
|
Uber
|
|
|
2018-12-04 11:12:03 |
Kubernetes Updates Patch Critical Privilege Escalation Bug (lien direct) |
A critical vulnerability in Kubernetes open-source system for handling containerized applications can enable an attacker to gain full administrator privileges on Kubernetes compute nodes. [...] |
Vulnerability
|
Uber
|
|
|
2018-11-27 08:21:04 |
Uber Fined for Covering Up 2016 Data Breach (lien direct) |
The time has come for Uber to pay the piper for the data breach two years ago that leaked personal details of 57 million users and drivers as two data protection offices in Europe set fines that collectively amount to over 1 million euros. [...] |
Data Breach
|
Uber
|
★★
|
|
2018-03-22 15:10:01 |
CoinMiner Campaigns Move to the Cloud via Docker, Kubernetes (lien direct) |
After becoming a scourge inside browsers, on desktops, and on servers, cryptocurrency-mining malware is now invading the cloud, and it appears to be quite successful. [...] |
|
Uber
|
|
|
2018-03-19 17:00:05 |
Uber Self-Driving Car Strikes and Kills Arizona Woman (lien direct) |
An Uber self-driving car has struck and killed a woman pedestrian in Tempe, Arizona, the company has revealed today. [...] |
|
Uber
|
|
|
2017-12-18 00:30:00 |
Hacker "Courvoisier" Pleads Guilty to Attacks on Uber, Groupon, T Mobile, Others (lien direct) |
A UK man living in a caravan park has pleaded guilty last week to cyber-attacks on 17 websites and selling stolen user information on the Dark Web. [...] |
Guideline
|
Uber
|
|
|
2017-11-21 19:16:44 |
Uber Supposedly Paid Hackers $100,000 to Keep Quiet About a 2016 Data Breach (lien direct) |
Uber confirmed that hackers breached some part of its network in October 2016 and made off with personal data for 50 million users and 7 million drivers. [...] |
|
Uber
|
|
|
2017-08-13 01:00:00 |
GoDaddy Has the Best Password Practices, Netflix, Spotify, Uber Have the Worst (lien direct) |
The team at Dashlane — a password manager app — has analyzed the password policies of 40 popular online services and has discovered that not all websites are alike when it comes to password security, but some are worse than others. [...] |
|
Uber
|
|
|
2017-06-26 13:12:25 |
Chrome Beats Edge in Independent Battery Life Test Despite Microsoft\'s Claims (lien direct) |
A YouTuber has taken it into his hands to resolve the silent war over battery life benchmarks currently raging between Microsoft, Google, and Opera. [...] |
|
Uber
|
|
|
2017-02-13 01:00:00 |
Man Sues Uber After iOS App Bug Exposes His Affair (lien direct) |
A French man is suing ride-sharing service Uber for €45 million after a bug in the company's iOS app sent notifications to his wife's phone, which exposed his affair and led to the couple's divorce. [...] |
|
Uber
|
|