Researcher Seif Elsallamy recently discovered a vulnerability in Uber’s emailing system, which allows anyone to send an email on behalf of the company. If exploited, threat actors would be able to email the 57 million Uber users and drivers whose data was leaked in the 2016 data breach. Uber has been made aware of the flaw, although a fix has yet to be issued.
Any emails sent using this flaw would appear as legitimate to an email provider, and would therefore surpass the spam filters. In some cases, Uber customers could be urged to provide credit card information. However, the vulnerability report was rejected by Uber for being “out-of-scope”.
 
 
The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY
Follow Us
© 2015 – 2019 IT Security Guru – Website Managed by Calm Logic
© 2015 – 2019 IT Security Guru – Website Managed by Calm Logic
This site uses functional cookies and external scripts to improve your experience.
Privacy settings
Privacy Settings / PENDING
This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.
NOTE: These settings will only apply to the browser and device you are currently using.
GDPR Compliance

source

You May Also Like

Disability service provider suffers cyber-attack

The Rehab Group, one of the State’s largest disability services provider, been hit…

French Dad tries to block his kids internet, wipes out town WiFi

A French father attempting to use a signal jammer to prevent his…

Dozens of malicious APT15 sites seized by Microsoft 

Microsoft has seized a number of malicious sites which were targeting organisations…