Please wait, authorizing ...

Don't have an account? Register here today.


Samsung, Zoom and Uber, suffer breaches in their cybersecurity

Uber sufre ciberataque

International. Samsung, Zoom and Uber have been accountable news of cyberattacks and security breaches that have exposed the provision of their services and the data of their users. Being the transport platform perhaps the most affected by the level of acuity of the attack suffered.

These large companies, which are always in the media eye at a global level, suffer a second level of affectation due to these negative events in their cybersecurity; the detriment of the trust of its customers and the negative perception in the market.

Samsung: Massive Data Loss
Samsung Electronics admitted to having a cybersecurity breach in late July, which exposed personal information of some customers in the United States, such as names, date of birth, registered products, demographic information and contact details.

On the other hand, the company assured that other relevant data such as social security numbers and credit cards were not affected. However, the total number of users affected was not made known to the public.


- Publicidad -

In addition, Samsung stated that it has taken steps to protect compromised U.S. systems. "As part of our ongoing investigation, we have also hired a leading third-party cybersecurity firm and are coordinating with law enforcement."

Zoom: Vulnerability in audio and video control
Recently, 2 vulnerabilities of unauthorized access in Zoom were detected, by which the control of the audio and video of this program of conferences and virtual meetings could be compromised.

Specifically, the Zoom security bulletin published, on September 13, a highly relevant information:

"Zoom On-Premise Meeting Connector MMR prior to version 4.8.20220815.130 contains an inappropriate access control vulnerability. As a result, a malicious actor could obtain audio and video streaming of a meeting they were not authorized to join and cause other disruptions to the meeting."

In that sense, the National Institute of Cybersecurity of Spain (INCIBE), through the Office of Internet Security (OSI), recommended "keeping applications and programs correctly updated. And if the configuration allows it, activate the automatic update option so that whenever an update that fixes security flaws is released, it is installed as soon as possible."

Uber: hacked "down to the source code"
Last Thursday, January 15, through its official Twitter account, the transport services platform shared that it was under attack. "Currently, we are responding to a cybersecurity incident. We are in contact with the Police and will post additional updates here as they become available."

Also, the company had to disconnect the Slack system that it used as a business chat, in the afternoon hours of that same day, after its employees received a message from the alleged cybercriminal who was carrying out the attacks. "I announce that I am a hacker and that Uber has suffered a violation." The comment included emojis, memes and a list of several internal databases, so they could verify the veracity of the situation.

- Publicidad -

Twitter oficial de Uber

According to a New York Times publication , the person responsible would be an 18-year-old person, who provided screenshots of the internal systems of the transport platform to prove the veracity of his statement. The self-styled Hacker assured the media that he managed to infiltrate by doing social engineering, through a text message, to an Uber employee.

Other statements by the perpetrator were that he had broken into the systems because the company had little security and that Uber drivers should receive a higher salary.

The New York Times contacted Sam Curry, security engineer at Yuga Labs, who had a correspondence conversation with the hacker, of said communication the expert indicated several situations: "the person seemed to have access to the source code, email and other internal systems of Uber", that is, "they practically have full access" and assured that apparently it was an attack with a total compromise of the system.

Finally, according to screenshots shared by the cybercriminal, the cybercriminal has full access to Uber's IT systems, including the company's security software and Windows domain. A complex situation to solve and that adds to the incident of 2016, the year in which the company suffered theft of information and paid $ 100,000 in ransom, a circumstance that today involves a trial against former employee Joe Sullivan, who claims to be a scapegoat of the company.

Iris Montoya Ricaurte
Author: Iris Montoya Ricaurte
Periodista con amplia experiencia en corrección de estilo y generación de contenidos de valor para el sector especializado - [email protected]

No thoughts on “Samsung, Zoom and Uber, suffer breaches in their cybersecurity”

• If you're already registered, please log in first. Your email will not be published.

Leave your comment

In reply to Some User
Suscribase Gratis

Security Solutions for Penitentiary Systems Summit - Bienvenida

Bienvenida al Security Solutions for Penitentiary Systems Summit producido por el medio Ventas de Seguridad de la mano del periodista Duván Chaverra e Invitados.

Sesión 1: PANEL - La infraestructura penitenciaria enfocada a la Seguridad electrónica

La gestión de la seguridad en los centros penitenciarios es una práctica que implica la convergencia entre personal altamente capacitado, infraestructura física especialmente diseñada y estrategias rigurosas, esto apoyado en soluciones tecnológicas confiables y complementarias. Entonces, ya que las cárceles en su rol de servicio público tienen el gran reto de reformar a los ciudadanos, a partir de la privación de su libertad, son instalaciones que deben velar en todo momento por la seguridad al exterior, pero también al interior de todos sus espacios; de ahí que la seguridad electrónica se convierta en un apoyo fundamental, pues entrega beneficios imprescindibles a este sector, gracias a que con su constante evolución, responde e incluso se anticipa a las necesidades que puedan surgir. Modera: Duván Chaverra - Ventas de Seguridad Juan José García Ruiz - Magal Security Systems. Manuel Zamudio - Axis Communications Jose Luis Calderón - Eximco

Sesión 2: Soluciones Integrales de Seguridad Electrónica para Sistemas Penitenciarios

Los centros penitenciarios tienen un foco de atención crucial en el tema de la seguridad, por ello en esta conferencia se expresarán las diferentes tecnologías, soluciones y servicios de Magal, de los cuales estos centros deben contemplar dependiendo su nivel de seguridad. Juan José García Ruíz, Director Comercial para América Latina: Magal Security Systems.

Sesión 3: Cómo implementar elementos de cierre de manera efectiva en tu proyecto de seguridad

Muestra de nuevas tecnologías de los elementos de cierre para los recintos penitenciarios Victor H, Manzanilla R, Director de Ventas - ABLOY Critical Infrastructure México

Sesión 4: Tendencias de soluciones de control de acceso en centros penitenciarios.

En alianza CDVI e ISTC, hablaremos sobre el porqué gracias a las necesidades que van surgiendo día a día por un efectivo control de acceso, dentro de los centros penitenciarios, surgen las tendencias de implementación de nuevas tecnologías para hacer más eficiente la seguridad y el control dentro de estos centros. Jorge Gomez, Director of Global Business Development Americas ISTC Nicolás Gallo, Gerente de Ventas Centro América| Región Andina | Cono Sur - CDVI
Load more...

Latest Newsletter