Daily Tech News, Interviews, Reviews and Updates

Uber which drives the world to its destination is being driven by hackers nowadays

Ride-share company Uber has brought startling news to customers in which it confirmed the hacking of its internal system and the company’s account of multiple third-party systems. 

In a report, the New York Times mentioned that Uber was investigating the compromise of its internal system. They have tried to arrange meetings with their engineers in offline mode. As many of their employees have confirmed the access of slack accounts of Uber employees to hackers that is a thing to worry for them. 

This whole series of events has shaken the whole Uber to its core. Uber confirmed this hacking. Several security researchers have confirmed the contact access with hackers. 

“We are currently responding to a cyber security incident. We are in touch with law enforcement and will post additional updates here as they become available,” Uber’s communications team wrote on Twitter.

The extent of compromise done by hackers is known yet but the screenshot posted by the actor, indicate they have access to Uber’s administrative account on third-party services.

“We’re in close contact with Uber’s security team, have locked their data down, and will continue to assist with their investigation,” said Chris Evans, CISO for HackerOne.

Corben Leo, a security researcher, and chief marketing officer at Zellic, told SC Media that he learned directly from the hacker that the individual phished an Uber employee to gain access to Uber’s corporate VPN. From there, they were able to scan Uber’s internal corporate network, where they found administrative user credentials for Uber’s Thycotic account, a privileged access management system, through a shared network resource.

“Using this they were able to access Uber’s AWS environment, GSuite, Duo (can thus bypass 2FA for anything), OneLogin, get Domain Admin, etc.,” Corben said through a Twitter direct message.

Leo told SC Media that he had not tried after that to make any contact with hackers. 

Readers like you help support The Tech Outlook. When you make a purchase using links on our site, we may earn an affiliate commission. We cannot guarantee the Product information shown is 100% accurate and we advise you to check the product listing on the original manufacturer website. Thetechoutlook is not responsible for price changes carried out by retailers. The discounted price or deal mentioned in this item was available at the time of writing and may be subject to time restrictions and/or limited unit availability. Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates Read More
You might also like

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More