all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Uber & Thycotic: Are Password Vaults a Huge Security Vulnerability?

Add to bookmarks
Oct. 3, 2022, 3:07 a.m. | James Bore

Hacker Noon - cybersecurity hackernoon.com

Security is complicated and managing credentials is tough. A 17 year old hacker, TeaPot, got hold of the credentials of an Uber contractor and began sending multi factor authentication requests to them repeatedly. Once the contractor got annoyed and hit accept, their account was used to access a script with admin credentials to Uber's password vault, Thycotic, giving them access to almost everything else.

Read All

blogging-fellowship cybersecurity hack hackernoon-top-story password password manager password security security security vulnerability thycotic uber vulnerability

Visit resource

More from hackernoon.com / Hacker Noon - cybersecurity

Chaotic Links Theory: Exploring the Intersection of Classical Cryptography and Quantum Potentiality 1 day, 7 hours ago | hackernoon.com
age can challenges chaotic-links-theory +28
The Noonification: Leetcode: Two-sum an Intuitive Approach (4/23/2024) 3 days, 7 hours ago | hackernoon.com
computing cybersecurity fastapi hackernoon +8
Enhancing Password Security and Recovery with Next.js 14 and NextAuth.js 3 days, 11 hours ago | hackernoon.com
authentication cybersecurity email front-end-development +16
Game of Threats: Winning Strategies for Proactive Cyber Defense 3 days, 15 hours ago | hackernoon.com
amp anomaly-based-hunting arsenal att +34
6 GitHub Repos for DevSecOps in 2024 4 days, 7 hours ago | hackernoon.com
build building can cybersecurity +16
The Journey into Digital Forensics: Exploring Career Opportunities (Revealing Insights) 1 week, 1 day ago | hackernoon.com
applications breaches career career advice +34
Xiid SealedTunnel: Unfazed By Yet Another Critical Firewall Vulnerability (CVE-2024-3400) 1 week, 2 days ago | hackernoon.com
access access rights common vulnerability scoring system critical +29
Waiting for Your Tax Refund? Don't Fall for These Scams 1 week, 2 days ago | hackernoon.com
account cybersecurity debt don +19
GenAI - Soon to Be Great for Automating Dumb Attacks 1 week, 2 days ago | hackernoon.com
ai-cyber-attack ai risks attacks cyber +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Consultant

@ Auckland Council | Central Auckland, NZ, 1010
View on infosec-jobs.com

Security Engineer, Threat Detection

@ Stripe | Remote, US
View on infosec-jobs.com

DevSecOps Engineer (Remote in Europe)

@ CloudTalk | Prague, Prague, Czechia - Remote
View on infosec-jobs.com

Security Architect

@ Valeo Foods | Dublin, Ireland
View on infosec-jobs.com

Security Specialist - IoT & OT

@ Wallbox | Barcelona, Catalonia, Spain
View on infosec-jobs.com
View more jobs