• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Okta Investigates Possible Lapsus Breach

You are here: Home / General Cyber Security News / Okta Investigates Possible Lapsus Breach
March 22, 2022

Authentication security seller Okta is investigating promises by a prolific ransomware group that it had admin entry to its again-conclusion programs for months, most likely enabling it to target a vary of huge-name providers.

The Lapsus team has in latest weeks exposed breaches of huge brand tech corporations including Nvidia, Samsung, Ubisoft and Vodafone. This week, the most current emerged as Microsoft following the group claimed to have leaked 37GB of the tech giant’s resource code on line.

Fears are now emerging that it was the group’s compromise of multi-factor authentication professional Okta that enabled it to obtain so numerous tech firms more than these kinds of a brief period of time.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper take secure and enxrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized seller: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Lapsus screenshots reshared on Twitter indicate that the team experienced “superuser” or admin entry to Okta.com.

“For a services that powers authentication units to lots of of the greatest corporations (and FedRAMP accredited) I think these security actions are quite bad,” it wrote. “Before persons commence asking: we did not obtain/steal any databases from Okta – our concentration was only on Okta customers.”

Alongside superuser rights, the group’s screenshots purportedly demonstrate that they experienced access to Okta’s AWS, Jira, Confluence, Zoom, Salesforce, Splunk, Google Workspace and other inside enterprise accounts.

One particular of them is dated 21 January 2022, indicating that Lapsus had been energetic within the firm for at least two months. It could be that it is publicizing the reality now because its accessibility rights have ultimately been revoked.

The intel also implies that it was a contractor’s account that was initially compromised, enabling the ransomware actors to infiltrate Okta’s network and finally focus on its buyers.

Lapsus posted the Microsoft leak to its Telegram channel on Sunday, demonstrating that it managed to compromise an Azure DevOps server that contains resource code for Bing, Cortana and other projects.


Some sections of this report are sourced from:
www.infosecurity-magazine.com

Previous Post: «western digital flaw allows hackers to access restricted files Western Digital flaw allows hackers to access restricted files

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Okta Investigates Possible Lapsus Breach
  • Western Digital flaw allows hackers to access restricted files
  • New Dell BIOS Bugs Affect Millions of Inspiron, Vostro, XPS, Alienware Systems
  • Browser-in-the-Browser Attack Makes Phishing Nearly Invisible
  • Brower-in-the-Browser Attack Makes Phishing Nearly Invisible
  • Facestealer Trojan Hidden in Google Play Plunders Facebook Accounts
  • New Mexico Appoints Cybersecurity Advisor
  • Conti Ransomware V. 3, Including Decryptor, Leaked
  • FTC Accuses CafePress of Data Breach “Cover-Up”
  • Dental Care Data Breach May Impact 1 Million Texans

Copyright © TheCyberSecurity.News, All Rights Reserved.