1. Uber claims ‘No sensitive data exposed’ in latest breach, but…
“‘No evidence’ could mean the attacker did have access, Uber just hasn’t found evidence that the attacker used that access for ‘sensitive’ user data,” Demirkapi said. “Explicitly saying ‘sensitive’ user data rather than user data overall is also weird.” Read more »
2. Real estate phish swallows 1,000s of Microsoft 365 credentials
The attacks showcase broader security concerns as phishing grows in volume and sophistication, especially given that Windows Defender’s Safe Links feature for identifying malicious links in emails completely failed in the campaign. Read more »
3. New EvilProxy phishing service allowing cybercriminals to bypass two-factor security
Researchers have identified a new phishing-as-a-service (PhaaS) called EvilProxy that is being promoted in the dark web as a way for cybercriminals. Read more »
4. New attack can unlock and start a Tesla Model Y in seconds, say researchers
Car thieves have found a new way to steal Tesla’s using a sophisticated relay attack, and it won’t be easy to fix. Read more »
5. Passengers exposed to hacking via vulnerabilities in airplane Wi-Fi devices
Vulnerabilities found in Flexlan wireless LAN devices used for airplane Wi-Fi can be exploited by a passenger to hack other passengers. Read more »
