/
Navigation
C
Chronicles
Browse all articles
C
E
Explore
Semantic exploration
E
R
Research
Entity momentum
R
N
Nexus
Correlations & relationships
N
~
Story Arc
Topic evolution
S
Drift Map
Semantic trajectory animation
D
P
Posts
Analysis & commentary
P
Browse
@
Entities
Companies, people, products, technologies
Domains
Browse by publication source
Handles
Browse by social media handle
Detection
?
Concept Search
Semantic similarity search
!
High Impact Stories
Top coverage by position
+
Sentiment Analysis
Positive/negative coverage
*
Anomaly Detection
Unusual coverage patterns
Analysis
vs
Rivalry Report
Compare two entities head-to-head
/\
Semantic Pivots
Narrative discontinuities
!!
Crisis Response
Event recovery patterns
Connected
Nav: C E R N
Search: /
Command: ⌘K
Embeddings: large
VOICE ARCHIVE

Sam Curry

@samwcyo
13 posts
2025-02-12
After Googling Kyle Schutt's name, we found a (now deleted) GitHub account which referenced him as the CTO of a company called Outburst Data. There were still more Google results for the Cloudflare account ID, so we went back to Google and continued down the list. [image]
2025-02-12 View on X
Foreign Policy

DOGE accessing Treasury systems and classified data breaks a fundamental security principle and could help the US' adversaries steal data and install backdoors

The U.S. government has experienced what may be the most consequential security breach in its history.

View original
After digging into Outburst Data, we found a number of different subdomains related to AMERICA PAC, DOGE, and WinRed hosted on the same Outburst Data API domain. - doge-25f.outburstapi[.]com = DOGE - ampac.outburstapi[.]com = AMERICA PAC And a few more in the screenshot. [image]
2025-02-12 View on X
Foreign Policy

DOGE accessing Treasury systems and classified data breaks a fundamental security principle and could help the US' adversaries steal data and install backdoors

The U.S. government has experienced what may be the most consequential security breach in its history.

View original
We saw the same Cloudflare ID on the AMERICA PAC website, showing that the account was being used to a host a number of different Elon Musk related websites. [image]
2025-02-12 View on X
Foreign Policy

DOGE accessing Treasury systems and classified data breaks a fundamental security principle and could help the US' adversaries steal data and install backdoors

The U.S. government has experienced what may be the most consequential security breach in its history.

View original
2025-01-23
New blog post with @infosec_au: We found a vulnerability in Subaru where an attacker, with just a license plate, could retrieve the full location history, unlock, and start vehicles remotely. The issue was reported and patched. Full post here: https://samcurry.net/...
2025-01-23 View on X
Wired

Researchers detail Subaru's now-fixed web vulnerabilities that would've let them unlock and start millions of Subarus via Starlink in the US, Canada, and Japan

Now-fixed web bugs allowed hackers to remotely unlock and start millions of Subarus.  More disturbingly, they could also access …

View original
2022-09-17
Someone hacked an Uber employees HackerOne account and is commenting on all of the tickets. They likely have access to all of the Uber HackerOne reports. https://twitter.com/...
2022-09-17 View on X
The Verge

Uber says there is “no evidence” the hacker accessed sensitive user info, like trip histories, during the breach and that all its products are now “operational”

Uber says there is “no evidence” that any of its users' private information was compromised in a breach of its internal computer systems.

View original
Someone hacked an Uber employees HackerOne account and is commenting on all of the tickets. They likely have access to all of the Uber HackerOne reports. https://twitter.com/...
2022-09-17 View on X
New York Times

Uber takes some internal systems offline to investigate a network breach; Yuga Labs' Sam Curry says it appears the hacker pretty much has “full access to Uber”

what you need to know Msmash / Slashdot : Uber Investigating Breach of Its Computer Systems Prajeet Nair / BankInfoSecurity.com : Uber Probes Breach After Hacker Boasts About Intru...

View original
From another Uber employee: Instead of doing anything, a good portion of the staff was interacting and mocking the hacker thinking someone was playing a joke. After being told to stop going on slack, people kept going on for the jokes. lmao
2022-09-17 View on X
New York Times

Uber takes some internal systems offline to investigate a network breach; Yuga Labs' Sam Curry says it appears the hacker pretty much has “full access to Uber”

what you need to know Msmash / Slashdot : Uber Investigating Breach of Its Computer Systems Prajeet Nair / BankInfoSecurity.com : Uber Probes Breach After Hacker Boasts About Intru...

View original
From another Uber employee: Instead of doing anything, a good portion of the staff was interacting and mocking the hacker thinking someone was playing a joke. After being told to stop going on slack, people kept going on for the jokes. lmao
2022-09-17 View on X
The Verge

Uber says there is “no evidence” the hacker accessed sensitive user info, like trip histories, during the breach and that all its products are now “operational”

Uber says there is “no evidence” that any of its users' private information was compromised in a breach of its internal computer systems.

View original
2022-09-16
From another Uber employee: Instead of doing anything, a good portion of the staff was interacting and mocking the hacker thinking someone was playing a joke. After being told to stop going on slack, people kept going on for the jokes. lmao
2022-09-16 View on X
Washington Post

Uber hacker, who claims to be 18 years old, says he hacked Uber for fun, using social engineering, might leak source code, and has access to Uber's AWS account

The company said in a tweet it was “responding to a cybersecurity incident”  —  SAN FRANCISCO — Uber's computer systems …

View original
Someone hacked an Uber employees HackerOne account and is commenting on all of the tickets. They likely have access to all of the Uber HackerOne reports. https://twitter.com/...
2022-09-16 View on X
New York Times

Uber takes some internal systems offline to investigate a network breach; Yuga Labs' Sam Curry says it appears the hacker pretty much has “full access to Uber”

The company said on Thursday that it was looking into the scope of the apparent hack.

View original
From another Uber employee: Instead of doing anything, a good portion of the staff was interacting and mocking the hacker thinking someone was playing a joke. After being told to stop going on slack, people kept going on for the jokes. lmao
2022-09-16 View on X
New York Times

Uber takes some internal systems offline to investigate a network breach; Yuga Labs' Sam Curry says it appears the hacker pretty much has “full access to Uber”

The company said on Thursday that it was looking into the scope of the apparent hack.

View original
2022-06-01
Really great topic from @lorenzofb with work from @joshfraser and @gf_256, the Discord bot ecosystem really isn't where it needs to be in terms of security. We've put a lot of time into this and found a number of critical issues with then most popular bots. https://twitter.com/...
2022-06-01 View on X
VICE

A look at Discord's outsized role in crypto and Web3 communities, as the platform struggles with rampant spam, phishing attacks, scammers, and malware

Rampant spam, phishing attacks, scammers, and malware—Discord has a lot of challenges securing crypto projects.  —  Lorenzo Franceschi-Bicchierai

View original
2021-11-23
Not saying this was expected, but I haven't exactly heard anything positive about working with their security team... https://twitter.com/...
2021-11-23 View on X
Engadget

SEC filing: a third party had access to GoDaddy's Managed WordPress hosting from September 6 to November 17, including 1.2M customer numbers and admin passwords

Daniel Cooper / Engadget :

View original