Skip to main content
Lapsus$ breached Okta and Microsoft | cybernews.com
If you like what I do in hacking and want to support, I invite you to visit our store to buy cheap and exclusive nfts: https://mintable.app/u/cha0smagick
❗Lapsus$ claims to have breached authentication firm Okta and Microsoft❗ READ HERE 👉 https://ift.tt/fJ7okgj 🦾 Welcome our first AI-generated spokesperson, let us know your thoughts down in the comments! About us: our dedicated team of security researchers and investigative journalists regularly delves into previously unexplored depths of online security and privacy in order to shed light on stories that often have an unseen influence on the online world at large. A number of our investigations and reports have been featured by industry-related publications and global news leaders like Forbes, PC mag, Techradar. -------------------------------------------------------------------------------- Okta, a San Francisco-based identity and access management company, is investigating a report of a breach. Okta acknowledged that it detected a potential intrusion in January, and told Cybernews that 'there is no evidence of ongoing malicious activity beyond the activity detected in January.' -------------------------------------------------------------------------------- Lapsus threat actor shared screenshots of what appears to be Okta's internal environment. Ransomware group claims to have accessed Okta.com superuser/admin and various other systems. One of the screenshots demonstrates that they now allegedly can reset the user's password. Another screenshot shows that Lapsus might have access to Okta's Slack workplace. Lapsus emphasized that they did not access any databases, focusing only on Okta customers. Okta has over 15,000 customers on its platform. Okta official Chris Hollis said in a brief statement - "Okta is aware of the reports of a potential breach and is investigating them. "We will provide updates as more information becomes available," Some screenshots date back to 21 January, suggesting that Lapsus might have had access to Okta's internal environment for almost two months. Okta told Cybernews via email - “In late January 2022, Okta detected an attempt to compromise the account of a third party customer support engineer working for one of our subprocessors. The matter was investigated and contained by the subprocessor. We believe the screenshots shared online are connected to this January event. Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January” Before announcing the Okta breach, Lapsus had threatened to breach Microsoft. The same day that it released screenshots supporting the Okta hack claim, Lapsus also dropped what it claims to be an incomplete Bing, Bing Maps, and Microsoft virtual assistant Cortana source code. The company has acknowledged that there was a compromise. It said - “Our investigation has found a single account had been compromised, granting limited access. Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity” Microsoft highlights that it does not rely on code secrecy as a security measure, and viewing source code does not lead to elevation of risk. “The tactics DEV-0537 used in this intrusion reflect the tactics and techniques discussed in this blog. Our team was already investigating the compromised account based on threat intelligence when the actor publicly disclosed their intrusion. This public disclosure escalated our action allowing our team to intervene and interrupt the actor mid-operation, limiting broader impact.” Keep up to date with the latest news: ➡️ Visit our site https://cybernews.com/ ➡️ Facebook https://ift.tt/b6On0lE ➡️ Twitter https://twitter.com/cybernews ➡️ #cybernews #TechNewsByAI #cybernewsByAI
For more hacking info and tutorials visit: https://sectemple.blogspot.com/
Hello and welcome to the temple of cybersecurity. If you are looking for tutorials and all the news about the world of hacking and computer security, you have come to the right place. We invite you to subscribe to our newsletter in the box at the top and to follow us on our social networks:
Twitter: https://twitter.com/freakbizarro
Facebook: https://web.facebook.com/sectempleblogspotcom/
Discord: https://discord.gg/5SmaP39rdM
We also invite you to visit the other blogs in our network, where you can find something for every taste.
https://elantroposofista.blogspot.com/
https://gamingspeedrun.blogspot.com/
https://skatemutante.blogspot.com/
https://budoyartesmarciales.blogspot.com/
https://elrinconparanormal.blogspot.com/
https://freaktvseries.blogspot.com/
#hacking, #infosec, #tutorial, #bugbounty, #threathunting, #opensource, #pentest, #pentesting, >
Comments
Post a Comment