Uber attack methodology: simplified with infographic ;
Uber attack methodology: simplified with infographic ; 1. The hacker socially engineered an Uber employee to steal their credentials. 2. They then accessed Uber's VPN with the stolen credentials to connect to Uber's internal network. 3. While scanning Uber's internal network, the hacker discovered a shared network folder that contained PowerShell scripts. 4. The hacker identified a PowerShell script that included the username and password for an administrative user of a Privileged Access Management (PAM) tool, which stores secrets (e.g. credentials, keys, etc.). For Uber, this contained secrets for many internal systems and applications. 5. The hacker used secrets stored in PAM tools to access Uber's systems and applications. With control of this account, the attacker claimed, they were able to gain access tokens for Uber's cloud infrastructure, including Amazon Web Services, Google's GSuite, VMware's vSphere dashboard, the authentication manager Duo, and