• CERTIFICATE
    • Eminent CIOs of India
    • Most Trusted Companies
    • Most Admired Brands
    • The most influential CMOs
  • SYNDICATION
    • AMD
    • DELL TECHNOLOGIES
    • HITACHI
    • LOGMEIN
    • MICROSOFT
    • RIVERBED
    • STORAGECRAFT
    • THALES
  • EVENTS
  • GO DIGITAL
  • INFOGRAPHICS
  • PRESS
    • Press Release PR News Wire
    • Press Release Business Wire
    • GlobeNewsWire
  • SPECIAL
    • WHITE PAPER
    • TECHNOMANIA
    • SME
    • SMART CITY
    • SERVICES
    • EDITOR SPEAK
    • CSR INITIATIVES
    • CHANNEL GURU
    • CHANNEL CHIEF
    • CASE STUDY
  • TECHTREND
    • VAR PANCHAYAT
    • TELECOM
    • SOFTWARE
    • POWER
    • PERIPHERALS
    • NETWORKING
    • LTE
    • CHANNEL BUZZ
    • ASK AN EXPERT
  • SUBSCRIBE
  • Apps
  • Game
  • KDS
  • Security
  • Telecom
  • WFH
  • Subscriber to Newsletter
  • August Issue
  • Blogs
  • Vlogs
  • Faceoff
SNA

HOME
NEWS

Uber’s security breach teaches us many hidden things

Uber’s security breach teaches us many hidden things

The user of the smartphones has to be smart enough on how and what to see in the smartphone . If you are not smart enough, you may land up in a great disaster. Your entire earned amount can be taken out in few seconds. That’s one pretty big reason why the Uber security breach is such a big deal.

 

A 18 year old hacker has involved in mass-scale attacks to Uber. He successfully obtaining the employee’s account password, the hacker tricked the employee into approving a push notification for multifactor authentication. The intruder then uncovered administrative credentials that gave access to some of Uber’s crown-jewel network resources. Uber responded by shutting down parts of its internal network while it investigates the extent of the breach.

 

We put a lot of trust into companies with our data. Some security breaches can ruin lives if the data falls into the wrong hands, and if I had an Uber account that I had used more than once, I’d be worried about what information may now be out there on the internet. There’s no telling what was stolen, as treasure troves of data like that can be sold for a lot of money on the underground market. Even if your smartphone is secure with a password, you’re putting a lot of trust in your phone’s security systems.

 

Only recently was a vulnerability in the Titan M security chip (found in Google Pixel phones) fixed in an Android security patch update, and it allowed for escalation of privilege with “user interaction not needed for exploitation”. Researchers were then able to extract cryptographic keys that should never leave the device.

 

Uber's breach taught us to re-evaluate the companies that you trust. The screenshots provided evidence that the individual had access to assets, including Uber’s Amazon Web Services and G Suite accounts and code repositories.

 

In other words, Uber’s breach should be a call to re-evaluate the companies that you trust, and with what data. While we don’t fully know the scope of that breach just yet, it was only a matter of time before a company had a breach of this potential scale.

 

While companies are expected to follow best practices in storing user data (including hashing and salting user passwords, credit cards, and more), you’re putting a lot of trust in companies to have followed those best practices. Even if a company claims to have encrypted those passwords, that doesn’t mean you’re safe forever if that data leaks.

 

Uber had MFA, short for multifactor authentication, in place in the form of an app that prompts the employee to push a button on a smartphone when logging in. To bypass this protection, the hacker repeatedly entered the credentials into the real site. The employee, apparently confused or fatigued, eventually pushed the button. With that the attacker was in.

See What’s Next in Tech With the Fast Forward Newsletter

SECURITY
View All
Quick Heal, SEQRITE and Tata Tele Business Services together to offer cybersecurity solutions to Enterprise customers
Technology

Quick Heal, SEQRITE and Tata Tele Business Services together to offer cybersecurity solutions to Enterprise customers

by VARINDIA 2023-09-22
Sophos outperforms in MITRE Engenuity ATT&CK Evaluations
Technology

Sophos outperforms in MITRE Engenuity ATT&CK Evaluations

by VARINDIA 2023-09-21
Cisco announces Secure Application, offers expanded visibility and intelligent business risk insights
Technology

Cisco announces Secure Application, offers expanded visibility and intelligent business risk insights

by VARINDIA 2023-09-15
SOFTWARE
View All
Elastic launches AI Assistant for Observability, general availability of Universal Profiling
Technology

Elastic launches AI Assistant for Observability, general availability of Universal Profiling

by VARINDIA 2023-09-21
Red Hat together with Intel to deliver Open Source Industrial Automation
Technology

Red Hat together with Intel to deliver Open Source Industrial Automation

by VARINDIA 2023-09-21
Dell intros latest generation of VxRail
Technology

Dell intros latest generation of VxRail

by VARINDIA 2023-09-20
START - UP
View All
Datacultr expands its reach to LATAM and Africa Regions
Technology

Datacultr expands its reach to LATAM and Africa Regions

by VARINDIA 2023-09-05
Indium Software Recognized as One of America's Fastest-Growing Technology Companies
Technology

Indium Software Recognized as One of America's Fastest-Growing Technology Companies

by VARINDIA 2023-08-21
HC dismisses Indian startups plea against Google's billing policy
Technology

HC dismisses Indian startups plea against Google's billing policy

by VARINDIA 2023-08-05

Tweets From @varindiamag

Nothing to see here - yet

When they Tweet, their Tweets will show up here.

CIO - SPEAK
Automation has the potential to greatly improve efficiency and production

Automation has the potential to greatly improve efficiency and production

by VARINDIA
Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

by VARINDIA
Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

by VARINDIA
Start-Up and Unicorn Ecosystem
Accenture Invests in Writer to Accelerate Enterprise Use of Generative AI

Accenture Invests in Writer to Accelerate Enterprise Use of Generative AI

by VARINDIA
VIAVI wins funding for three projects in DSIT ONE competition

VIAVI wins funding for three projects in DSIT ONE competition

by VARINDIA
Comviva partners with XoXoday to revolutionize loyalty experiences

Comviva partners with XoXoday to revolutionize loyalty experiences

by VARINDIA
ManageEngine Named a Challenger in the 2023 Gartner® Magic Quadrant™ for PAM

ManageEngine Named a Challenger in the 2023 Gartner® Magic Quadrant™ for PAM

by VARINDIA
Standard Chartered Bank teams up with Cummins Technologies to digitalise incentive payments to mechanics

Standard Chartered Bank teams up with Cummins Technologies to digitalise incentive payments to mechanics

by VARINDIA
Genesys and Salesforce announce AI-powered customer experience solution

Genesys and Salesforce announce AI-powered customer experience solution

by VARINDIA
GIGABYTE rolls out two White Motherboards

GIGABYTE rolls out two White Motherboards

by VARINDIA
HCLTech to help Elders in its next phase of digital transformation

HCLTech to help Elders in its next phase of digital transformation

by VARINDIA
Tech Mahindra announces generative AI powered Ops amplifAIer for IT support engineers

Tech Mahindra announces generative AI powered Ops amplifAIer for IT support engineers

by VARINDIA
Apollo Hospitals partners with Google Cloud to boost India’s healthcare ecosystem

Apollo Hospitals partners with Google Cloud to boost India’s healthcare ecosystem

by VARINDIA
×

Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.

  • Distributors & VADs
  • Industry Associations
  • Telco's in India
  • Indian Global Leaders
  • Edit Calendar
  • About Us
  • Advertise Us
  • Contact Us
  • Disclaimer
  • Privacy Statement
  • Sitemap

Copyright varindia.com @1999-2023 - All rights reserved.