Security News

The Lapsus$ extortion crew has turned its attention to identity platform Okta and published screenshots purportedly showing the group gaining access to the company's internals. Oliver Pinson-Roxburgh, CEO of security outfit Bulletproof, warned: "As the gatekeeper to the networks and data of thousands of organizations, a breach at Okta would have significant consequences."

Cloud security: How your public cloud environment may be vulnerable to data breach. A report released Tuesday by cloud security provider Laminar examines how a lack of visibility, poor controls and shadow data can leave your cloud environment open to security threats.

Okta, a leading provider of authentication services and Identity and access management solutions says it is investigating claims of data breach.On Tuesday, data extortion group Lapsus$ posted screenshots in their Telegram channel of what it alleges to be Okta's customer data.

Microsoft is investigating claims that an extortion-focused hacking group that has previously compromised massive companies such as Ubisoft and Nvidia has gained access to internal Microsoft systems, according to a statement from the company.The hacking group, which goes by the self-designated name LAPSUS$, has successfully breached a wave of corporations recently. The group has so far not made any public demands against Microsoft. On Sunday, LAPSUS$ posted a screenshot of what appeared to be an internal Microsoft developer account to their Telegram channel. Shortly after posting the screenshot, an administrator of LAPSUS$’s Telegram channel deleted the image.

TransUnion South Africa has disclosed that hackers breached one of their servers using stolen credentials and demanded a ransom payment not to release stolen data. TransUnion South Africa says they have engaged with cybersecurity experts and digital forensic experts to investigate the incident.

The US Cybersecurity and Infrastructure Security Agency and FBI issued a joint alert on March 15 warning organizations that state-backed criminals could use the MFA defaults and flaw to access networks. In this case, the unnamed cybercriminal gang took advantage of a misconfigured account to set default MFA protocols at the NGO. The bad actors enrolled a new device for MFA and accessed the NGO's network and then exploited the PrintNightmare flaw - tracked as CVE-2021-34527 - to run malicious code and gain system privileges, giving them access to email accounts and enabling them to move laterally to the organization's cloud environment and to steal documents.

The U.S. Federal Trade Commission wants to slap the former owner of the CafePress custom t-shirt and merchandise site with a $500,000 fine for failing to secure its users' data and attempting to cover up a significant data breach impacting millions. As the consumer protection watchdog explained, CafePress' former owner, Residual Pumpkin Entity, stored its customers' Social Security numbers and password reset answers in plain text, and their data longer than necessary.

This is all too common-74% of breached organizations have admitted the attack involved access to a privileged account-and organizations need a better way to combat privileged access attacks. Thus, removing the standing privileged access that attackers require to maintain a presence and gain lateral movement is a quick way to contain a breach.

Argentinian e-commerce giant Mercado Libre has confirmed "Unauthorized access" to a part of its source code this week. Mercado additionally says data of around 300,000 of its users was accessed by threat actors.

Samsung on Monday confirmed a security breach that resulted in the exposure of internal company data, including the source code related to its Galaxy smartphones. "According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees," the electronics giant told Bloomberg.