Who would be an Uber secops employee today ...

Sinbad2000

Sinbad2000

Sinbad2000

Associate
Joined
19 Nov 2021
Posts
1,088
Location
Portsmouth
Looks like their entire infrastructure was owned via a social engineering attack, which allowed the actor to access their VPN. From there he found a network share with some powershell scripts - one of which had admin credentials for their password management system.
He got domain admin, google cloud admin, AWS admin, slack admin, HackerOne admin plus a whole bunch of other stuff.

From the PoV of someone in IT, this is terrifying to contemplate!

 
Gammawolf said:
Not saying this isn't bad but its not the worst. The attacker looks more like they are in it for the thrills given how open they are about it with media.
Imagine all this and add ransomware on top (don't ask me how i know, but i know the above feel + ransomware)
Click to expand...
This is true...
Challenge now being to prove that no PI/PCI data was exfiltrated, and that no nasty little surprises have been left lying around.
 
You must log in or register to reply here.
Back
Top Bottom