Uber hacked, internal systems breached and vulnerability reports stolen

Here is the latest phishing attack on GitHub users, which is most likely able to bypass MFA via authentication apps. So I'm guessing hackers make use of advanced MITM phishing tools like Evilginx2 for example, see link 2.

https://github.blog/2022-09-21-security-alert-new-phishing-campaign-targets-github-users/
https://www.netskope.com/blog/multi...ss-through-man-in-the-middle-phishing-attacks

 

"GitHub is warning of an ongoing phishing campaign targeting its users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform...

Phishing messages claims that a user’s CircleCI session expired and attempt to trick recipients into logging in using GitHub credentials...

Recipients are redirected to the phishing pages mimicking GitHub login page designed to steal in real-time the credentials and 2FA code entered by the users...

Below is a list of known phishing domains that were used as part of this campaign:
circle-ci[.]com
emails-circleci[.]com
circle-cl[.]com
email-circleci[.]com..."

https://securityaffairs.co/wordpress/136211/hacking/phishing-circleci-github-accounts.html

 

It's being reported the same 17 year-old responsible for the GTA6 hack and Uber's also did Microsoft's, Samsung's and two others back in March. He's been described as "autistic" and is worth as much as 14 million US bucks.

The Twitter post can link directly to the source-article. They say he's also charged with two violations of his bail conditions--well..yeah.

https://twitter.com/GossiTheDog/status/1574496065646215178

 

Yes but that's the thing, these kids weren't even that smart or anything, even we could have pulled off these hacks if you look at the relatively simple techniques that were used to hack most of these companies, that's the shocking part. It has opened my eyes, the state of IT security at many of the big companies is pretty much a joke. I don't think you can blame it all on ''click happy'' employees, in my view the current security tools are too easy too bypass. Tools like MFA and EDR should really be doing a better job.

 

Here's actually an interesting article about how to prevent hacks like on Uber. A possible solution to the MFA problem is MFA number matching, but to be honest I don't see how this improves MFA security.

https://techcrunch.com/2022/09/19/how-to-fix-another-uber-breach/