Here are this week’s highlights in cybersecurity:
- Enterprises are on high alert as Lapsus$ group seems to have hacked Okta. The group posted screenshots on their Telegram channel showing admin access to a variety of tools. According to the same channel, the group focused on Okta’s customers. Okta confirmed a cybersecurity incident which happened in January. Apparently 2.5% of their customers might be affected. Today the group leaked domain hashes for LGE.com. And 37GB of Bing & Cortana source code belonging to Microsoft. Other recent victims of the hacker group are: Nvidia, Samsung, Vodafone & Ubisoft. More
- CISA released a list of recommendation to protect against potential cyberattacks. More
- Another Conti ransomware source code leak. Code last updated in January 2021 and it compiles easily. Other hacker groups will probably adopt it similar to previous leaks. More
- An older phishing technique is getting popular. It’s called “Browser in the Browser” and it’s basically a pop-up the spoofs a browser window. Templates are free to download and can be incorporated in your red-teaming campaigns. More
- Time to update your printer. HP published an advisory about a Buffer Overflow vulnerability in some of their printers. Attackers exploiting this obtain Remote Code Execution. More
- Several improvements were made to modernize Linux’s Random Number Generator. More
- A tutorial on escalating privileges to Domain Admin using Unconstrained Delegation. More
- Are NFTs really non-fungible? Per ERC-721 they usually aren’t. Read about NFT security. More
- US charges Russian hackers over industrial attacks in the energy sector. More
Don’t have time to check this page? You can get the news summary every week in your email inbox by subscribing to my newsletter.