lapsus – Page 2 – PossibleThreat Articles

The Original APT: Advanced Persistent Teenagers

April 6, 2022 0 Comments A Little Sunshine, advanced persistent teenagers, amit yoran, APT, cisa, FBI, lapsus, Microsoft, Ne'er-Do-Well News, NVIDIA, okta, Samsung, tenable, The Coming Storm, twitter hack, vishing, voice phishing, wired

Credit to Author: BrianKrebs| Date: Wed, 06 Apr 2022 17:55:38 +0000

Many organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks to pivot from an opportunistic malware infection to a full blown data breach. But few organizations have a playbook for responding to the kinds of virtual “smash and grab” attacks we’ve seen recently from LAPSUS$, a juvenile data extortion group whose short-lived, low-tech and remarkably effective tactics are putting some of the world’s biggest corporations on edge.

Security Sophos

LAPSUS$ hacks continue despite two hacker suspects in court

April 4, 2022 0 Comments bust, cyberextortion, data loss, Hacking, lapsus, Law & order, Privacy, Ransomware

Credit to Author: Paul Ducklin| Date: Mon, 04 Apr 2022 21:36:27 +0000

Do you know where in your company to report security anomalies? If you receive such reports, do you have an efficient way to process them?

Security Sophos

LAPSUS$ hacks continue despite two UK hacker suspects in court

April 4, 2022 0 Comments bust, cyberextortion, data loss, Hacking, lapsus, Law & order, Privacy, Ransomware

Credit to Author: Paul Ducklin| Date: Mon, 04 Apr 2022 21:36:27 +0000

Do you know where in your company to report security anomalies? If you receive such reports, do you have an efficient way to process them?

MalwareBytes Security

A week in security (March 28 – April 3)

April 4, 2022 0 Comments a little gift for you, A week in security, Apple, chrome 100, chrome zero-day, globant, go elephant, hive ransomware, imessage, Instagram, lapsus, LinkedIn, lock and code, mitre att&ck, pornhub, runa sandvik, russia, signal, tech support fraud, uac-0056, ukraine, whatsapp

Credit to Author: Malwarebytes Labs| Date: Mon, 04 Apr 2022 10:08:24 +0000

The most important and interesting security stories from the last seven days.

The post A week in security (March 28 – April 3) appeared first on Malwarebytes Labs.

MalwareBytes Security

Globant suffers network breach due to LAPSUS$ compromise

April 1, 2022 0 Comments Cybercrime, globant, lapsus, lg, Microsoft, NVIDIA, okta, Ransomware, ransomware gang, Samsung, teen hackers

Credit to Author: Jovi Umawing| Date: Fri, 01 Apr 2022 18:56:37 +0000

LAPSUS$ is a young group believed to be ran by teenagers. In their latest heist, they leaked data from Globant, a software firm.

The post Globant suffers network breach due to LAPSUS$ compromise appeared first on Malwarebytes Labs.

Independent Krebs Security

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

March 31, 2022 0 Comments A Little Sunshine, Apple, bloomberg, Bug, discord, facebook, Instagram, lapsus, meta, Ne'er-Do-Well News, sen. ron wyden, snapchat, twitter, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Thu, 31 Mar 2022 22:54:45 +0000

On Tuesday, KrebsOnSecurity warned that hackers increasingly are using compromised government and police department email accounts to obtain sensitive customer data from mobile providers, ISPs and social media companies. Today, one of the U.S. Senate’s most tech-savvy lawmakers said he was troubled by the report and is now asking technology companies and federal agencies for information about the frequency of such schemes.

Independent Krebs Security

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

March 29, 2022 0 Comments anitsu, data extortion, discord, doxbin, emergency data request, everlynn, fake edr, FBI, kt, lapsus, mark rasch, Microsoft, miku, Ne'er-Do-Well News, oklaqq, palo alto networks, pompompurin, recursion team, The Coming Storm, unit 221b, Web Fraud 2.0, white, whitedoxbin

Credit to Author: BrianKrebs| Date: Tue, 29 Mar 2022 14:07:27 +0000

There is a terrifying and highly effective “method” that criminal hackers are now using to harvest sensitive customer data from Internet service providers, phone companies and social media firms. It involves compromising email accounts and websites tied to police departments and government agencies, and then sending unauthorized demands for subscriber data while claiming the information being requested can’t wait for a court order because it relates to an urgent matter of life and death.

MalwareBytes Security