• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Okta Investigates Possible Lapsus Breach

You are here: Home / General Cyber Security News / Okta Investigates Possible Lapsus Breach
March 22, 2022

Authentication security seller Okta is investigating promises by a prolific ransomware group that it had admin entry to its again-conclusion programs for months, most likely enabling it to target a vary of huge-name providers.

The Lapsus team has in latest weeks exposed breaches of huge brand tech corporations including Nvidia, Samsung, Ubisoft and Vodafone. This week, the most current emerged as Microsoft following the group claimed to have leaked 37GB of the tech giant’s resource code on line.

Fears are now emerging that it was the group’s compromise of multi-factor authentication professional Okta that enabled it to obtain so numerous tech firms more than these kinds of a brief period of time.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


Lapsus screenshots reshared on Twitter indicate that the team experienced “superuser” or admin entry to Okta.com.

“For a services that powers authentication units to lots of of the greatest corporations (and FedRAMP accredited) I think these security actions are quite bad,” it wrote. “Before persons commence asking: we did not obtain/steal any databases from Okta – our concentration was only on Okta customers.”

Alongside superuser rights, the group’s screenshots purportedly demonstrate that they experienced access to Okta’s AWS, Jira, Confluence, Zoom, Salesforce, Splunk, Google Workspace and other inside enterprise accounts.

One particular of them is dated 21 January 2022, indicating that Lapsus had been energetic within the firm for at least two months. It could be that it is publicizing the reality now because its accessibility rights have ultimately been revoked.

The intel also implies that it was a contractor’s account that was initially compromised, enabling the ransomware actors to infiltrate Okta’s network and finally focus on its buyers.

Lapsus posted the Microsoft leak to its Telegram channel on Sunday, demonstrating that it managed to compromise an Azure DevOps server that contains resource code for Bing, Cortana and other projects.


Some sections of this report are sourced from:
www.infosecurity-magazine.com

Previous Post: «western digital flaw allows hackers to access restricted files Western Digital flaw allows hackers to access restricted files
Next Post: Dark Web Drug Peddler Gets Nine Years Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • New Study Uncovers Text-to-SQL Model Vulnerabilities Allowing Data Theft and DoS Attacks
  • UK insurer announces ‘world-first’ cyber catastrophe bond
  • Why Do User Permissions Matter for SaaS Security?
  • FCC plans strict overhaul of 15-year-old US data breach regulations
  • Security updates for Windows 7 finally end, users urged to upgrade
  • Global Cyber-Attack Volume Surges 38% in 2022
  • Millions of Vehicles at Risk: API Vulnerabilities Uncovered in 16 Major Car Brands
  • Threat Actors Spread RAT Via Pokemon NFT Card Site
  • FCC Wants to Accelerate Breach Reporting for Telcos
  • Why is cyber security’s sexual harassment problem so rampant?

Copyright © TheCyberSecurity.News, All Rights Reserved.