Tel: (+61) 422 933 319

Email: [email protected]


Lapsus$ breach

Lapsus$: Microsoft and Okta “breaches”

Lapsus$: Microsoft and Okta “breaches”:

When our children start being involved in masterminding cyber “breaches”, the methods change……….

Microsoft and Okta were attacked in the same way as my 9 year old daughter uses when she wants more Roblox time……. 30-40 messages in short succession until I relent (or I put imessage into silent mode), imagine ๐Ÿฅน๐Ÿฅน๐Ÿฅน 30 times one after the other flooding your text message inbox ….. An MFA attack with a difference, nothing smart just annoying.

Social engineering now takes a new form, the annoyance factor to compel someone into accepting a request.

A really horrible thought that the small “groups” of children/teens who cause problems in cities around the world now extends to the bedroom and keyboard warriors and the cyber space, but it is a logical one – there is much more money to be made in cyber crime than antagonising and fighting adults on the street.

Is the next hiring trend in cyber security, our children/teens because they are the next generation of cyber criminals and have new ways of causing chaos that we just can not comprehend yet?

https://arstechnica.com/information-technology/2022/03/lapsus-and-solar-winds-hackers-both-use-the-same-old-trick-to-bypass-mfa/

There is much more detail coming to light about this breach and it is great information on incident response, great job to OKTA on that part of this situation. I hope the PR side gets up to speed rapidly as well.

Terminate the EDR agent and you are in

6 responses

  1. kicksec.IO Avatar

    And the final analysis is in… cheap tricks and social engineering win over Microsoft, Okta et al: https://krebsonsecurity.com/2022/04/the-original-apt-advanced-persistent-teenagers/

Leave a Reply

Your email address will not be published. Required fields are marked *

Registration

Forgotten Password?