Here are this week’s highlights in cybersecurity:
- Lapsus returned from their “vacation” with a new leak. This time they published 70GB of data from software service company Globant. More
- Ronin Network which runs Axie Infinity suffered a hack. A hacker stole over $600m in cryptocurrency. More
- A security researcher released parts of the Mandiant report investigating the Okta breach. Apparently the attacker found an Excel document with Domain admin passwords (a sticky note on the monitor would have been better). Before exfiltrating that document, attackers performed Bing searches from the compromised machine and downloaded offensive security tools from GitHub, including a pre-built exploit to escalate privileges (CVE-2021-34484) and the well known credential dumping tool, mimikatz. More
- Purple Fox threat actor delivers upgraded malware via trojanized software packages. More
- Chinese hackers try to obtain PII & credit card data using phishing and copies of popular online brands. More
- Okta acknowledged they made a mistake handling the Lapsus$ incident and released a detailed timeline. More
- Kaspersky was added to the Security Risk List by the FCC. Companies on the list are banned from purchasing components from US companies without government approval. More
Don’t have time to check this page? You can get the news summary every week in your email inbox by subscribing to my newsletter.
