Security
Headlines
HeadlinesLatestCVEs

Tag

#google

Uber Claims No Sensitive Data Exposed in Latest Breach… But There's More to This

Uber, in an update, said there is "no evidence" that users' private information was compromised in a breach of its internal computer systems that was discovered late Thursday. "We have no evidence that the incident involved access to sensitive user data (like trip history)," the company said. "All of our services including Uber, Uber Eats, Uber Freight, and the Uber Driver app are operational."

The Hacker News
#vulnerability#google#cisco#intel#aws#auth#The Hacker News
CVE-2022-35986: Fix RaggedBincount Segmentation Fault from the Splits arg · tensorflow/tensorflow@7a4591f

TensorFlow is an open source platform for machine learning. If `RaggedBincount` is given an empty input tensor `splits`, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 7a4591fd4f065f4fa903593bc39b2f79530a74b8. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

The Uber Hack’s Devastation Is Just Starting to Reveal Itself

An alleged teen hacker claims to have gained deep access to the company’s systems, but the full picture of the breach is still coming into focus.

Attacker Apparently Didn't Have to Breach a Single System to Pwn Uber

Alleged teen hacker claims he found an admin password in a network share inside Uber that allowed complete access to ride-sharing giant's AWS, Windows, Google Cloud, VMware, and other environments.

GHSA-p2g7-xwvr-rrw3: Helm Controller denial of service

Helm controller is tightly integrated with the Helm SDK. [A vulnerability](https://github.com/helm/helm/security/advisories/GHSA-7hfp-qfw3-5jxh) found in the Helm SDK allows for specific data inputs to cause high memory consumption, which in some platforms could cause the controller to panic and stop processing reconciliations. ### Impact In a shared cluster multi-tenancy environment, a tenant could create a HelmRelease that makes the controller panic, denying all other tenants from their Helm releases being reconciled. ### Credits The initial crash bug was reported by [oss-fuzz](https://github.com/google/oss-fuzz). The Flux Security team produced the first exploit and worked together with the Helm Security team to ensure that both projects were patched timely. ### For more information If you have any questions or comments about this advisory: - Open an issue in any of the affected repositories. - Contact us at the CNCF Flux Channel. ### References - https://bugs.chromium.org/p/...

Real Estate Phish Swallows 1,000s of Microsoft 365 Credentials

The attacks showcase broader security concerns as phishing grows in volume and sophistication, especially given that Windows Defender's Safe Links feature for identifying malicious links in emails completely failed in the campaign.

Threat Roundup for September 9 to September 16

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 9 and Sept. 16. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats. As a reminder, the information provided for the following threats in this post is non-exhaustive and current as of the date of publication. Additionally, please keep in mind that IOC searching is only one part of threat hunting. Spotting a single IOC does not necessarily indicate maliciousness. Detection and coverage for the following threats is subject to updates, pending additional threat or vulnerability analysis. For the most current information, please refer to your Firepower Management Center, Snort.org, or ClamAV.net. For each threat described below, this blog post only lists ...

GHSA-3633-5h82-39pq: Improper handling of different key IDs for the same public keys in attacker-controlled metadata

### Issue If an attacker is able to control a threshold of keys to insert the same public key more than once with different key IDs into signed, trusted metadata on a TUF repository, then go-tuf [clients](https://github.com/theupdateframework/go-tuf#client) < [0.3.2](https://github.com/theupdateframework/go-tuf/releases/tag/v0.3.2) are susceptible to an attack where attackers can cause the same signature from the same public key to be counted more than once against the threshold of signatures because they were mistakenly distinguished due to having different key IDs. For example, suppose that in the root metadata file, there were a threshold of 2 self-signatures required from 2 different keys $K_A$ and $K_B$ belonging to Alice and Bob respectively. Bob has either mistakenly or maliciously produced a signed a malicious version of the root metadata file where Alice's key is listed once with the keyid $SHA2_{256}(K_A)$, but his public key is listed twice, once with the keyid $SHA2_{256}...

Akamai Mitigated Record-Breaking DDoS Attack Against European Customer

By Waqas Threat actors managed to target more than 1,800 IP addresses of a single organization, and the DDoS attack was dispersed at six different locations. This is a post from HackRead.com Read the original post: Akamai Mitigated Record-Breaking DDoS Attack Against European Customer

Hacker Pwns Uber Via Compromised VPN Account

A teen hacker reportedly social-engineered an Uber employee to hand over an MFA code to unlock the corporate VPN, before burrowing deep into Uber's cloud and code repositories.