Lucene search
K

378 matches found

Malwarebytes
Malwarebytes
added 2022/07/29 4:44 p.m.15 views

To settle with the DoJ, Uber must confess to a cover-up. And it did.

Uber covered up the 2016 data breach that affected its 57 million customers and drivers. The confession came as part of the settlement between the DOJ US Department of Justice and the taxi company, which will see it avoid criminal prosecution. In a press release from the DOJ, Uber "admits that it...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/07/29 4:0 p.m.12 views

To settle with the DoJ, Uber must confess to a cover-up. And it did.

Uber covered up the 2016 data breach that affected its 57 million customers and drivers. The confession came as part of the settlement between the DOJ US Department of Justice and the taxi company, which will see it avoid criminal prosecution. In a press release from the DOJ, Uber "admits that it...

7.4AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/07/26 1:36 p.m.2 views

Malicious code in uber-images (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9dd8d0258403cf035485142912d4cab1fa8404aa0ecadcef51cec2c48994ce27 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/07/26 1:36 p.m.3 views

MAL-2022-6726 Malicious code in uber-images (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9dd8d0258403cf035485142912d4cab1fa8404aa0ecadcef51cec2c48994ce27 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/07/26 1:36 p.m.2 views

Malicious code in uber-unify (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 21e225a3970b7b05148665407d43149de0796a652a40af4f9cb8dfeb3898b82f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/07/26 1:36 p.m.6 views

MAL-2022-6727 Malicious code in uber-unify (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 21e225a3970b7b05148665407d43149de0796a652a40af4f9cb8dfeb3898b82f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Hacker One
Hacker One
added 2022/07/26 11:15 a.m.208 views

Uber: Golang expvar Information Disclosure

Package expvar provides a standardized interface to public variables, such as stack trace information and operation counters in servers...

3.6AI score
Exploits0
Fedora
Fedora
added 2022/07/17 1:16 a.m.25 views

[SECURITY] Fedora 35 Update: golang-github-uber-athenadriver-1.1.12-5.fc35

A fully-featured AWS Athena database driver...

9.3CVSS8.2AI score0.05994EPSS
Exploits4
OpenVAS
OpenVAS
added 2022/07/06 12:0 a.m.11 views

Fedora: Security Advisory for golang-github-uber-athenadriver (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS8.9AI score0.05994EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2022/07/06 12:0 a.m.15 views

Fedora: Security Advisory for golang-github-uber-jaeger-client (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS8.9AI score0.05994EPSS
Exploits4References2
Fedora
Fedora
added 2022/07/04 1:35 a.m.20 views

[SECURITY] Fedora 36 Update: golang-github-uber-jaeger-client-2.30.0-2.fc36

Instrumentation library that implements an OpenTracing Tracer for Jaeger https://jaegertracing.io...

9.3CVSS8.2AI score0.05994EPSS
Exploits4
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:21 p.m.2 views

Malicious code in uber-i18n (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dbcca9f20db138ccc1d9933fcfbdadcf78824e95f8eefca0cfb094f62ca84bdc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/06/14 12:0 a.m.9 views

ai.catboost:catboost-spark_3.1_2.12 (>=1.0.1 <=1.2.8), ai.chronon:aggregator_2.12 (>=0.0.25 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91) +1301 more potentially affected by CVE-2021-37404 via org.apache.hadoop:hadoop-common (>=3.0.0 <=3.2.2)

org.apache.hadoop:hadoop-common MAVEN version =3.0.0, =1.0.1, =0.0.25, =0.0.25, =0.0.62, =0.0.25, =0.0.86, =thread-pool-0.0.24-dev, =0.0.6, =0.0.2, =3.34.0.3-1-3.1, =0.0.3, =1.0.0, =1.4.0, =1.5.0 and more Source cves: CVE-2021-37404 Source advisory: OSV:GHSA-RMPJ-7C96-MRG8...

9.8CVSS7.2AI score0.02885EPSS
Exploits0
Hacker One
Hacker One
added 2022/04/14 3:58 a.m.55 views

Uber: Full read SSRF in flyte-poc-us-east4.uberinternal.com

Uber summary TBD. @shubs and I discovered an instance of Flyte Console on uberinternal.com. After auditing the open source code, we noticed an unauthenticated route for a “CORS proxy”. This was a classic server-side request forgery issue, allowing us to pass an arbitrary request to be performed b...

5CVSS0.7AI score0.09662EPSS
Exploits0
Hacker One
Hacker One
added 2022/03/01 6:44 p.m.29 views

Uber: Uber Test Report 20220301

Test summary from Team Uber. This is the summary from secret John. This is the edit from hacker John after disclosure was approved. Second test after disclosure...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/01/10 11:58 a.m.18 views

A week in security (January 3 – 9)

Last week on Malwarebytes Labs: Ransomware attacks Finalsite, renders 8,000 school sites unreachable for days Patchwork APT caught in its own web Sophisticated phishing scheme spent years robbing authors of their unpublished work Google and Facebook fined $240 million for making cookies hard to...

0.1AI score
Exploits0
ThreatPost
ThreatPost
added 2022/01/05 8:49 p.m.16 views

Uber Bug, Ignored for Years, Casts Doubt on Official Uber Emails

A security vulnerability that would allow malicious attackers to send email from Uber’s network appears to be closed – but users could have been swindled already. The easy-to-find bug has been hanging around for years, ready to take Uber’s customers for a ride of a very different sort. According ...

7.2AI score
Exploits0References11
Malwarebytes
Malwarebytes
added 2022/01/05 1:39 p.m.15 views

Careful! Uber flaw allows anyone to send an email from uber.com

On New Years Eve, Seif Elsallamy @0x21SAFE on Twitter, a bug bounty hunter and security researcher, pointed out a phish-worthy security flaw he found on Uber’s email system. The flaw allowed anyone to send emails on behalf of Uber, meaning they would end with "@uber.com", just like the one below:...

7.2AI score
Exploits0
Hacker One
Hacker One
added 2021/10/29 4:8 p.m.31 views

Uber: Exposed Golang Pprof debugger at https://cn-geo1.uber.com/

The Golang pprof debug interface was exposed on an Uber endpoint. This allowed introspection of stack traces, application timing, command line parameters and memory usage...

3.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/09/24 4:46 p.m.27 views

Uber security alert scam spoofs real Uber number—Watch out!

This morning Malwarebytes Labs received a scam masquerading as a security alert from Uber. The alert was pretty convincing and used the kind of language were used to seeing in genuine security emails and SMS messages. It read: Your Uber account was recently logged into from iPhone in London. If...

6.9AI score
Exploits0
Rows per page
Query Builder