A new report revealed how the Lapsus$ operators deploy their attacks, including some information about the TTPs of the highly unpredictable attacks of the group and an analysis of how they select and target victims. In the last five months, the Lapsus$ group became notorious after successfully breaching big-time firms such as Samsung, Nvidia, Okta,...Continue Reading
A “data security event” in the Texas Department of Insurance resulted in a data leak impacting approximately 1.8 million people. The Texas Department of Insurance, aka TDI, revealed that the “data security event” happened on March 24. However, security researchers had noticed that Texas’ Attorney General’s office reported the incident on April 4. The leaked...Continue Reading
A statement from Okta’s representative revealed that about 2.5% of their clients’ data might have been impacted by the data breach that transpired last March 22, executed by the Lapsus$ threat group. Even though Okta has not provided further details about the attack’s impact, they added that the affected clients are allowed to analyze the...Continue Reading
Microsoft’s internal Azure DevOps Server projects, including Bing and Cortana, were recently targeted by the threat group Lapsus$, leaking the projects’ source code to the public. Through their Telegram channel, the Lapsus$ threat group shared a screenshot showing the Azure DevOps Server of Microsoft, which contains the source code for many of the giant tech...Continue Reading
According to recent reports, an affiliate of Anonymous has infiltrated a Russian media censoring agency called Roskomnadzor. The discussions lead to the confirmation that the member of the Anonymous hacktivist group shared more than 800GB worth of Roskomnadzor data. Roskomnadzor is a federal service for communication, information technology, and mass media based in Russia. It...Continue Reading
Before Ukraine got attacked by Russia, researchers discovered that a decoy of the GoLang ransomware accompanied the HermeticWiper malware being deployed on the country’s servers. Security experts explained that as the data wiper attacks were executed against Ukraine, the decoy ransomware was also deployed to target Ukrainian organisations using scheduled tasks by the threat actors....Continue Reading
An SEO poisoning malware called Electron Bot has been hacking social media accounts, including SoundCloud, Facebook, and Google, by impersonating games found in the Microsoft Store like Subway Surfer and Temple Run. Researchers noted that the bot also allows the threat actors to control the compromised devices. Based on the analysis, Electron Bot can be...Continue Reading
Threat actors found their new favorite channel, LOLBins, to hide malicious activities from security providers and solutions. The Living Off the Land Binaries, or LOLBins, can be dangerous and challenging for security detections since they are tools that are trusted by security solutions. Since they are charged, they tend to bypass AV solutions and security...Continue Reading
The FritzFrog botnet is back at it again, and this time, it aims to conduct a massive cyberattack with an alarming infection rate. The researchers noted that the hiatus of the FritzFrog botnet is just a preparation stage to execute their campaign against sectors from healthcare, education, and government. Detected in August 2020, recent reports...Continue Reading
The North Korean-based Lazarus APT group has been observed distributing their malware using a spear-phishing attack to acquire other nations’ secret military knowledge. The APT group utilised the same job offer they used before in attacking but slightly modified it. The group disguised themselves as a Lockheed Martin in spear-phishing attempts which consists of two...Continue Reading
