Uber: Lapsus$ Targeted Contractor With MFA Bombing Attack | Spell-Check in Google & Microsoft Browsers Leaks Passwords

The ride-sharing giant says a member of the notorious Lapsus$ hacking group started the attack by compromising an external contractor's credentials, as researchers parse the incident for takeaways. [TechWeb]( Follow Dark Reading: [RSS]( September 22, 2022 LATEST SECURITY NEWS & COMMENTARY [Uber: Lapsus$ Targeted External Contractor With MFA Bombing Attack]( The ride-sharing giant says a member of the notorious Lapsus$ hacking group started the attack by compromising an external contractor's credentials, as researchers parse the incident for takeaways. [Spell-Checking in Google Chrome, Microsoft Edge Browsers Leaks Passwords]( It's called "spell-jacking": Both browsers have spell-check features that send data to Microsoft and Google when users fill out forms for websites or Web services. [15-Year-Old Python Flaw Slithers into Software Worldwide]( An unpatched flaw in more than 350,000 unique open source repositories leaves software applications vulnerable to exploit. The path traversal-related vulnerability is tracked as CVE-2007-4559. [ChromeLoader Malware Evolves into Prevalent, More Dangerous Cyber Threat]( Microsoft and VMware are warning that the malware, which first surfaced as a browser-hijacking credential stealer, is now being used to drop ransomware, steal data, and crash systems at enterprises. [Real Estate Phish Swallows 1,000s of Microsoft 365 Credentials]( The attacks showcase broader security concerns as phishing grows in volume and sophistication, especially given that Windows Defender's Safe Links feature for identifying malicious links in emails completely failed in the campaign. [Hacker Pwns Uber Via Compromised VPN Account]( A teen hacker reportedly social-engineered an Uber employee to hand over an MFA code to unlock the corporate VPN, before burrowing deep into Uber's cloud and code repositories. [Attacker Apparently Didn't Have to Breach a Single System to Pwn Uber]( Alleged teen hacker claims he found an admin password in a network share inside Uber that allowed complete access to ride-sharing giant's AWS, Windows, Google Cloud, VMware, and other environments. [Threat Actor Abuses LinkedIn's Smart Links Feature to Harvest Credit Cards]( The tactic is just one in a constantly expanding bag of tricks that attackers are using to get users to click on links and open malicious documents. [Microsoft Brings Zero Trust to Hardware in Windows 11]( A stacked combination of hardware and software protects the next version of Windows against the latest generation of firmware threats. [Token-Mining Weakness in Microsoft Teams Makes for Perfect Phish]( Access tokens for other Teams users can be recovered, allowing attackers to move from a single compromise to the ability to impersonate critical employees, but Microsoft isn't planning to patch. [Sophisticated Hermit Mobile Spyware Heralds Wave of Government Surveillance]( At the SecTor 2022 conference in Toronto next month, researchers from Lookout will take a deep dive into Hermit and the shadowy world of mobile surveillance tools used by repressive regimes. [Don't Wait for a Mobile WannaCry]( Attacks against mobile phones and tablets are increasing, and a WannaCry-level attack could be on the horizon. [Ransomware: The Latest Chapter]( As ransomware attacks continue to evolve, beyond using security best practices organizations can build resiliency with extended detection and response solutions and fast response times to shut down attacks. [Cyberattack Costs for US Businesses up by 80%]( Cyberattacks keep inflicting more expensive damage, but firms are responding decisively to the challenge. [Business Application Compromise & the Evolving Art of Social Engineering]( Be wary of being pestered into making a bad decision. As digital applications proliferate, educating users against social engineering attempts is a key part of a strong defense. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [How to Dodge New Ransomware Tactics]( The evolving tactics increase the threat of ransomware operators, but there are steps organizations can take to protect themselves. [5 Best Practices for Building Your Data Loss Prevention Strategy]( The entire security team should share in the responsibility to secure sensitive data. [MORE]( EDITORS' CHOICE [Highlights of the 2022 Pwnie Awards]( Since 2007, the Pwnies have celebrated the good, the bad, and the wacky in cybersecurity. Enjoy some of the best moments of this year's ceremony. LATEST FROM THE EDGE [Tackling Financial Fraud With Machine Learning]( Financial services firms need to learn how — and when — to put machine learning to use. LATEST FROM DR TECHNOLOGY [Note to Security Vendors: Companies Are Picking Favorites]( A stunning three-quarters of companies are looking to consolidate their security products this year, up from 29% in 2020, suggesting fiercer competition among cybersecurity vendors. WEBINARS - [Strategies for DDoS Resilience and Response]( There are few things more disruptive than a distributed denial-of-service (DDoS) attack. The criminals behind these attacks have one objective: to bring everything to a stop so you can't conduct business as usual. How can you ensure business continuity during ... - [Emerging Cyber Vulnerabilities That Every Enterprise Should Know About]( Every day, black hat attackers and white hat researchers are discovering new security vulnerabilities in widely-used systems and applications that might be exploited to compromise your data. Are you aware of the newest-and potentially most impactful-vulnerabilities that have been discovered/... [View More Dark Reading Webinars >>]( WHITE PAPERS - [State of Ransomware Readiness: Facing the Reality Gap]( - [Understanding the Zero Trust Approach]( - [Addressing Cyber Risk Starts with Understanding Cyber Risk]( - [How Hybrid Work Fuels Ransomware Attacks]( - [Your Digital Transformation Is Being Sabotaged - The Surprising Impact of Sophisticated Bots]( - [BotGuard Supplements CDN and WAF Case Study]( - [Achieve Balanced Security and Performance with Next-Generation Software-Defined WAN]( [View More White Papers >>]( FEATURED REPORTS - [Breaches Prompt Changes to Enterprise IR Plans and Processes]( - [Practical Network Security Approaches for a Multicloud, Hybrid IT World]( The report covers areas enterprises should focus on for their multicloud/hybrid cloud security strategy: -increase visibility over the environment -learning cloud-specific skills -relying on established security frameworks -re-architecting the network - [State of the Cloud: A Security Perspective]( Cloud computing has evolved over the years from a nice-to-have item on the IT wish list to a core technology driving business initiatives. But despite widespread adoption, cloud-based IT systems continue to be saddled with issues related to data security, ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [New Kaspersky EDR Optimum Further Simplifies Protection Against Evasive Threats]( [ThreatQuotient Enhances Data-Driven Automation Capabilities With New ThreatQ TDR Orchestrator Features]( [SASE Bucks Economic Uncertainty With Over 30% Growth in 2Q 2022, According to Dell'Oro Group]( [Invicti Security and ESG Report on How Companies are Shifting for Higher Quality, Secure Application Code]( [TPx Introduces Penetration Scanning, Expands Security Advisory Services]( [Fortanix Raises $90M in Series C Funding Led by Goldman Sachs Asset Management]( [Byos Releases Free Assessment Tool to Provide Companies With Tailored Network Security Recommendations]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Ransomware Resilience and Response: The Next-Generation]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Weekly -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2022]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)