The Uber Hack’s Devastation Is Just Starting to Reveal Itself | WIRED
The phrase “zero trust” has become a sometimes meaningless buzzword in the security industry, but the Uber breach seems to at least show an example of what zero trust is not. Once the attacker had initial access inside the company, they claim they were able to access resources shared on the network that included scripts for Microsoft’s automation and management program PowerShell. The attackers said that one of the scripts contained hard-coded credentials for an administrator account of the access management system Thycotic. With control of this account, the attacker claimed, they were able to gain access tokens for Uber’s cloud infrastructure, including Amazon Web Services, Google’s GSuite, VMware’s vSphere dashboard, the authentication manager Duo, and the critical identity and access management service OneLogin.
Source: The Uber Hack’s Devastation Is Just Starting to Reveal Itself | WIRED