Tag: breach
Uber blames security breach on Lapsus$, says it bought credentials on the dark web
What Uber’s data breach reveals about social engineering
Uber confirms “cybersecurity incident” after 18-year-old claimed to be behind massive breach
The New York Times reports that the hacker used a common social engineering technique to access Uber’s systems. He sent a text message to one of the ride-hailing giant’s employees claiming to be a corporate IT person. The worker was persuaded to hand over their password, granting the perpetrator access…
Uber Investigating Computer System Breach – CNET
Breach of Software Maker Used To Backdoor Ecommerce Servers
“We are still investigating how the attacker accessed our systems and are not currently sure whether it was via a server exploit or an application exploit,” Ben Tideswell, the lead developer at FishPig, wrote in an email. “As for the attack itself, we are quite used to seeing automated exploits of applications and perhaps that is how the attackers initially gained access to our system. Once inside though, they must have taken a manual approach to select where and how to place their exploit.”
FishPig is a seller of Magento-WordPress integrations. Magento is an open source e-commerce platform used for developing online marketplaces. The supply-chain attack only affects paid Magento 2 modules. Tideswell said the last software commit made to its servers that didn’t include the malicious code was made on August 6, making that the earliest possible date the breach likely occurred. Sansec, the security firm that discovered the breach and first reported it, said the intrusion began on or before August 19. Tideswell said FishPig has already “sent emails to everyone who has downloaded anything from FishPig.co.uk in the last 12 weeks alerting them to what’s happened.” Tideswell declined to say how many active installations of its paid software there are. This post indicates that the software has received more than 200,000 downloads, but the number of paid customers is smaller. In a disclosure published after the Sansec advisory, FishPig describes how the intruders pulled off the intrusion and remained hidden for so long.
Read more of this story at Slashdot.
TikTok denies security breach after hackers claim to have records of more than a billion users
TikTok has denied a security breach after posts on hacking forums claimed to have compromised the app’s source code, as well as account details of potentially billions of people. In a statement posted to Twitter, the company said it “found no evidence of a breach,” following an investigation of the claims. The company also told Bloomberg UK that the alleged source code posted by the hackers “is completely unrelated to TikTok’s backend source code.”
Claims of a potential breach had been circulating among the security community after a post on a hacking forum claimed to be in possession of a database with more than two billion entries related to TikTok and WeChat accounts. The hacking group claimed to have obtained the TikTok records from an insecure cloud server.
The supposed hackers published a sample of the TikTok data but, as security researcher Troy Hunt pointed out, it contained data that was already publicly accessible and thus “could have been constructed without breach.” Hunt, who runs the “haveibeenpwned” service, said the data was overall “pretty inconclusive.”
TikTok prioritizes the privacy and security of our users’ data. Our security team investigated these claims and found no evidence of a security breach. https://t.co/TdCZDUFLPN
— TikTokComms (@TikTokComms) September 5, 2022
While TikTok has strongly denied a breach, the info in the database could have come from other means. As Bleeping Computer notes, it could be the result of a data broker or some other third-party that scraped publicly-available data from the service.
Claims of a security breach come just days after Microsoft researchers disclosed that they had found a “high-severity vulnerability” in TikTok’s Android app that put millions of accounts at risk. Microsoft said the vulnerability was fixed less than a month after it alerted TikTok to the issue in February of 2022. TikTok has long faced questions about its security practices and what user data is shared with parent company ByteDance. The company said last month that Oracle would review its algorithms and content moderation systems in an effort to assuage concerns.
Samsung says a data breach revealed some customers’ names, birthdays, and more
Samsung is warning customers about a cybersecurity incident in July, where “an unauthorized third party acquired information from some of Samsung’s U.S. systems,” including things like names, birthdays, contact info, and product registration information. The company says it discovered the breach on August 4th, and is currently investigating it with “a leading outside cybersecurity firm.”
According to the company’s FAQ about the incident, it’s sending emails to customers who were specifically affected, and it will continue doing so as its investigation progresses. Samsung says that not everybody will have had the same info leaked. The company didn’t immediately reply to The Verge’s request for comment on which of its systems were…
Samsung says hackers obtained some customer data in newly disclosed breach
Samsung has disclosed another cybersecurity incident. While an intrusion earlier this year led to hackers getting their hands on Galaxy source code, this time around, attackers obtained some customers’ personal information.
The company says that Social Security numbers, as well as credit and debit card numbers, were not accessed. However, the event “may have affected information such as name, contact and demographic information, date of birth and product registration information.” It hasn’t revealed how many people may have been affected. The company is notifying some customers directly via email.
Samsung says someone gained unauthorized access to its systems in late July. It determined in early August that the attacker had obtained customer data, but consumer devices weren’t affected. The company said it has taken steps to secure its systems and that it brought in a third-party cybersecurity firm. It’s also in communication with law enforcement.
In an FAQ, Samsung said it’s not necessary for customers to take immediate action based on what it has learned so far in its investigation. Still, it suggested that people exercise caution if they receive unsolicited emails and to review their accounts for signs of suspicious activity.
“We are committed to protecting the security and privacy of our customers,” Samsung said. “We will continue to work diligently to develop and implement immediate and longer-term next steps to further enhance the security across our systems.”
Arm Sues Qualcomm and Nuvia For Breach of License and Trademark
The lawsuit represents a major break between Qualcomm and Arm, one of its most important technology partners that Qualcomm relied on for years after Qualcomm stopped work on designing its own custom computing cores. But the two companies have been at odds for years, with some inside Qualcomm complaining privately that Arm’s slackening pace of innovation is causing Qualcomm’s chips to fall behind Apple’s processors in performance. Qualcomm bought Nuvia — a firm founded by former Apple chip architects — to reboot its efforts to make custom computing cores that would be different from standard Arm designs used by rivals such as Taiwan chip designer MediaTek.
Read more of this story at Slashdot.