378 matches found
Uber: pam_ussh does not properly validate the SSH certificate authority
The pamussh module that Uber open-sourced in https://github.com/uber/pam-ussh does not validate that the SSH certificate presented by a user is actually signed by a trusted CA listed in the configured cafile...
Phone Cloning Scam
A newspaper in Malaysia is reporting on a cell phone cloning scam. The scammer convinces the victim to lend them their cell phone, and the scammer quickly clones it. Whats clever about this scam is that the victim is an Uber driver and the scammer is the passenger, so the driver is naturally busy...
Uber: Chain of IDORs Between U4B and Vouchers APIs Allows Attackers to View and Modify Program/Voucher Policies and to Obtain Organization Employees' PII
The security researchers discovered a number of connected IDORs in the Uber business and voucher applications. By chaining these vulnerabilities together, the researchers could retrieve information related to existing voucher policies and modify those policies for monetary gain, such as for free...
Uber: Chain of vulnerabilities in Uber for Business Vouchers program allows for attacker to perform arbitrary charges to victim's U4B payment account
We have determined that through a chain of 3 vulnerabilities, it is possible for any U4B user to apply credit card charges or holds to any business using the Vouchers site. These charges originate from Uber and are unsolicited by the victim business, and can be made in any amount of the attacker'...
Uber: 4 Subdomains Takeover on 2 domains ( muberscolombia.com & ubereats.pl )
The host at https://muberscolombia.com/ and http://sklep.ubereats.pl/ had a dangling record pointing to unclaimed Wix and Shoplo assets. The hacker registered the latter, and claimed ownership of the resource...
Uber: IDOR leads to leak analytics of any restaurant
The GraphQL service at https://restaurant.uber.com, did not properly perform an authZ check, allowing an attacker to obtain detailed sales statistics, etc for any restaurant. Writeup at https://0xprial.com/idor-leads-to-leak-any-uber-eats-restaurant-analytics/...
Dependency Confusion Supply-Chain Attack Hit Over 35 High-Profile Companies
In what's a novel supply chain attack, a security researcher managed to breach over 35 major companies' internal systems, including that of Microsoft, Apple, PayPal, Shopify, Netflix, Yelp, Tesla, and Uber, and achieve remote code execution. The technique, called dependency confusion or a...
SQL injection vulnerability in the ne***.asp page of the website building system of Ruian Uber Technology Co. Ltd (CNVD-2021-15513)
Ltd. is a social mass to provide web design and production, Baidu / Google SEO optimization and promotion, cell phone website, WeChat public platform, foreign trade monitoring enterprise mailboxes and other network information consulting services, product albums catalogs, corporate CD-ROM design...
SQL injection vulnerability in the ne***.asp page of the website builder system of Ruian Uber Technology Co.
Ltd. is a social public to provide web design and production, Baidu / Google SEO optimization and promotion, cell phone website, WeChat public platform, foreign trade monitoring enterprise mailboxes and other network information consulting services, product albums catalogs, corporate CD-ROM desig...
SQL injection vulnerability in the ne***.asp page of the website building system of Ruian Uber Technology Co. Ltd (CNVD-2021-15514)
Ltd. is a social public to provide web design and production, Baidu / Google SEO optimization and promotion, cell phone website, WeChat public platform, foreign trade monitoring enterprise mailboxes and other network information consulting services, product albums catalogs, corporate CD-ROM desig...
SQL injection vulnerability in the pr***.asp page of the website building system of Ruian Uber Technology Co. Ltd (CNVD-2021-15516)
Ltd. is a social public to provide web design and production, Baidu / Google SEO optimization and promotion, cell phone website, WeChat public platform, foreign trade monitoring enterprise mailboxes and other network information consulting services, product albums catalogs, corporate CD-ROM desig...
Code Injection in uber/petastorm
Description Petastorm is an open source data access library developed at Uber ATG. This library enables single machine or distributed training and evaluation of deep learning models directly from datasets in Apache Parquet format. Petastorm supports popular Python-based machine learning ML...
Uber: Corss-Tenant IDOR on Business allowing escalation privilege, invitation takeover, and edition of any other Businesses' employees
A Business employee with the user role was able to escalate their privilege to admin using a crafted request to the https://business.uber.com/rpc?rpc=updateEmployees endpoint, as long as the employeeUuid is known...
APKLab - Android Reverse Engineering WorkBench For VS Code
APKLab seamlessly integrates the best open-source tools: Apktool, Jadx, uber-apk-signer and more to the excellent VS Code so you can focus on app analysis and get it done without leaving the IDE. Features Decode all the resources from an APK Disassemble the APK to Dalvik bytecode aka Smali...
Uber: Request Access for Uber Device Returns Management Platform (https://www.eats-devicereturns.com/request-access/) Bypass Allows Access to PII
The hacker identified a registration page on a website ran by a 3rd party for Uber for managing Uber Eats devices, for example devices' returns when they stop working. Due to the authentication not being integrated with Uber's central authentication, the website was interesting. Although the...
Uber: RCE via npm misconfig -- installing internal libraries from the public registry
The hacker spotted some orphaned references to Uber-branded Node.js library packages and claimed them on the public NPM registry to run their own proof-of-concept code. Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies...
Uber: Unrestricted File Upload Results in Cross-Site Scripting Attacks
It was found that an attacker can upload any type of file including HTML files when adding a menu during the onboarding process after signing up at https://www.ubereats.com/restaurant/en-CA/signup. The hacker identified a file upload endpoint used by restaurants applying for Uber Eats which was...
Ex-Uber CSO Joseph Sullivan charged over 2016 data breach cover up
By Zara Khan Joseph Sullivan also paid hackers $100,000 in Bitcoin. This is a post from HackRead.com Read the original post: Ex-Uber CSO Joseph Sullivan charged over 2016 data breach cover up...
A Former Uber Exec's Indictment Is a Warning Shot
Prosecutors allege that former Uber security chief Joseph Sullivan covered up a major breach, in the first high-profile case of its kind...
Former Uber CSO Charged With Paying ‘Hush Money’ in 2016 Breach Cover-Up
A former Uber security executive has been charged for his role in the cover-up of a massive 2016 data breach, in which attackers accessed the company’s Amazon Web Services accounts and stole data associated with 57 million passengers and drivers. The U.S. State Attorney for the Northern District ...