We have to confess a grudging admiration for Lapsus$, which seems to able to pull off very high-profile data breaches - Samsung has also been hacked - without using sophisticated malware or spy-movie techniques.
Last month, Lapsus$ attacked graphics-card maker Nvidia and demanded that the company provide driver software to permit easier mining of cryptocurrency. a point-by-point rebuttal yesterday of identity-management firm Okta's analysis of its own Lapsus$ hack. The crew has its own public Telegram channel where it announces hacks and refutes claims by hacked organizations, e.g. The goal "is to gain elevated access through stolen credentials that enable data theft and destructive attacks against a targeted organization." "DEV-0537 is known for using a pure extortion and destruction model without deploying ransomware payloads," the company said. Unlike other criminal groups, Microsoft noted, Lapsus$ likes to make a lot of noise and acts as if media attention matters more than money. But it did provide a long and interesting analysis of Lapsus$'s methods and goals, which are unusual.
Microsoft didn't say exactly how Lapsus$, which Microsoft calls "DEV-0537," got into its systems. Until we learn more, we would urge you to keep all your Microsoft software updated and maintain other security "best practices" such as using one of the best password managers and one of the best antivirus programs. (The source code for Windows, Office and other desktop software does not appear to have been part of the stolen data.) We're inclined to give Microsoft the benefit of the doubt here, but you can bet that security experts will be going over the stolen code that Lapsus$ posted online to see if there's any way that it can be exploited.
0 kommentar(er)
