The LAPSUS$ hacking group has claimed to have hacked both Microsoft and Okta, details about a novel phishing technique called a browser-in-the-browser (BitB) attack, and how a popular software package that has 1.1 million weekly downloads released a new tampered version to condemn Russia’s invasion of Ukraine by wiping arbitrary file contents. ** Links mentioned […] The post LAPSUS$ Hacks Okta, Browser-in-the Browser Phishing Attack, Popular Software Package Updated to Wipe Russian Systems appeared first on The Shared Security Show.
The LAPSUS$ hacking group has claimed to have hacked both Microsoft and Okta, details about a novel phishing technique called a browser-in-the-browser (BitB) attack, and how a popular software package that has 1.1 million weekly downloads released a new tampered version to condemn Russia's invasion of Ukraine by wiping arbitrary file contents.
The LAPSUS$ hacking group has claimed to have hacked both Microsoft and Okta, details about a novel phishing technique called a browser-in-the-browser (BitB) attack, and how a popular software package that has 1.1 million weekly downloads released a new tampered version to condemn Russia’s invasion of Ukraine by wiping arbitrary file contents.
** Links mentioned on the show **
LAPSUS$ Hackers Claim to Have Breached Microsoft and Authentication Firm Okta
https://thehackernews.com/2022/03/lapsus-hackers-claim-to-have-breached.html
https://blog.cloudflare.com/cloudflare-investigation-of-the-january-2022-okta-compromise/
https://www.okta.com/blog/2022/03/updated-okta-statement-on-lapsus/
New Browser-in-the Browser (BITB) Attack Makes Phishing Nearly Undetectable
https://thehackernews.com/2022/03/new-browser-in-browser-bitb-attack.html
https://mrd0x.com/browser-in-the-browser-phishing-attack/
Popular NPM Package Updated to Wipe Russia, Belarus Systems to Protest Ukraine Invasion
https://thehackernews.com/2022/03/popular-npm-package-updated-to-wipe.html
** Watch this episode on YouTube **
https://youtu.be/NViClPl65u0
** Thank you to our sponsors! **
Keeper Security
Sign up for a free trial of Keeper Password Management for your organization today, and get a free 3-year personal plan. Get started by visiting Keepersecurity.com/SharedSecurity
SLNT
Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”.
Click Armor
To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity
** Subscribe and follow the show **
Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/
Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D
Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe
Contact us: https://sharedsecurity.net/contact
Website: https://sharedsecurity.net
YouTube: https://www.youtube.com/c/SharedSecurityPodcast
The post LAPSUS$ Hacks Okta, Browser-in-the Browser Phishing Attack, Popular Software Package Updated to Wipe Russian Systems appeared first on The Shared Security Show.