At a glance.
- Uber attributes the cyberattack it sustained to the Lapsus$ Group.
- Trends in resilience.
- Readiness for quantum security.
- An overview of Russian cyber operations.
- Ukraine's IT Army says it's doxed the Wagner Group.
Uber attributes the cyberattack it sustained to the Lapsus$ Group.
In Monday's forenoon Uber published an update on the breach it discovered last week. They've developed an idea of who was responsible: Lapsus$. "We believe that this attacker (or attackers) are affiliated with a hacking group called Lapsus$, which has been increasingly active over the last year or so. This group typically uses similar techniques to target technology companies, and in 2022 alone has breached Microsoft, Cisco, Samsung, Nvidia and Okta, among others. There are also reports over the weekend that this same actor breached video game maker Rockstar Games. We are in close coordination with the FBI and US Department of Justice on this matter and will continue to support their efforts." Uber thinks the breach began with a password purchased in a criminal-to-criminal souk. This afforded a degree of contact sufficient for the persistent social engineering that followed. Uber is moderately optimistic that the attackers hadn't been able to access either production systems or user information data. For more information, see CyberWire Pro.