Security News

In a new blog post published tonight, Microsoft has confirmed that one of their employee's accounts was compromised by Lapsus$, providing limited access to source code repositories. "No customer code or data was involved in the observed activities. Our investigation has found a single account had been compromised, granting limited access. Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity," explained Microsoft in an advisory about the Lapsus$ threat actors.

Both Microsoft and Okta are investigating claims by the new, precocious data extortion group Lapsus$ that the gang has breached their systems. The purported Okta screenshots included one that appears to show Okta's Slack channels and another with a Cloudflare interface.

After breaching NVIDIA and Samsung and stealing and leaking those companies' propertary data, the Lapsus$ cyber extortion gang has announced that they have popped Microsoft and Okta. The gang has substantiated their claims by leaking torrents supposedly containing partial source code for Bing, Bing Maps, and Microsoft Cortana, as well as posting - a screenshot of an internal Microsoft Azure DevOps account.

Microsoft and authentication services provider Okta said they are investigating claims of a potential breach alleged by the LAPSUS$ extortionist gang. The leaked 37GB archive shows that the group may have accessed the repositories related to Microsoft's Bing, Bing Maps, and Cortana, with the images highlighting Okta's Atlassian suite and in-house Slack channels.

Monday night, the hacking group posted a torrent for a 9 GB 7zip archive containing the source code of over 250 projects that they say belong to Microsoft. When posting the torrent, Lapsus$ said it contained 90% of the source code for Bing and approximately 45% of the code for Bing Maps and Cortana.

The Lapsus$ extortion gang briefly alleged over the weekend it had compromised Microsoft. "We are aware of the claims and are investigating," a Microsoft spokesperson told The Register on Monday.

Microsoft says they are investigating claims that the Lapsus$ data extortion hacking group breached their internal Azure DevOps source code repositories and stolen data. Early Sunday morning, the Lapsus$ gang indicated that they hacked Microsoft's Azure DevOps server by posting a screenshot on Telegram of alleged internal source code repositories.

Microsoft is investigating claims that an extortion-focused hacking group that has previously compromised massive companies such as Ubisoft and Nvidia has gained access to internal Microsoft systems, according to a statement from the company.The hacking group, which goes by the self-designated name LAPSUS$, has successfully breached a wave of corporations recently. The group has so far not made any public demands against Microsoft. On Sunday, LAPSUS$ posted a screenshot of what appeared to be an internal Microsoft developer account to their Telegram channel. Shortly after posting the screenshot, an administrator of LAPSUS$’s Telegram channel deleted the image.

Microsoft has reminded Windows customers today that they'll finally retire the Internet Explorer 11 web browser from some Windows 10 versions in June and replace it with the new Chromium-based Microsoft Edge. After Internet Explorer is retired, Microsoft will still support legacy Internet Explorer-based websites and applications within Microsoft Edge via the built-in Internet Explorer mode feature.

Microsoft released a scanner that detects MikroTik routers hacked by the TrickBot gang to act as proxies for command and control servers. For years, TrickBot has used IoT devices, such as routers, to act as a proxy between an infected device and command and control servers.