Hot Topics
Data Security SBN News Security Bloggers Network Social Engineering Threats & Breaches 
SBN

LAPSUS$ Hacks Okta, Browser-in-the Browser Phishing Attack, Popular Software Package Updated to Wipe Russian Systems

by Tom Eston on March 28, 2022

The LAPSUS$ hacking group has claimed to have hacked both Microsoft and Okta, details about a novel phishing technique called a browser-in-the-browser (BitB) attack, and how a popular software package that has 1.1 million weekly downloads released a new tampered version to condemn Russia’s invasion of Ukraine by wiping arbitrary file contents.

** Links mentioned on the show **

LAPSUS$ Hackers Claim to Have Breached Microsoft and Authentication Firm Okta
https://thehackernews.com/2022/03/lapsus-hackers-claim-to-have-breached.html
https://blog.cloudflare.com/cloudflare-investigation-of-the-january-2022-okta-compromise/
https://www.okta.com/blog/2022/03/updated-okta-statement-on-lapsus/

New Browser-in-the Browser (BITB) Attack Makes Phishing Nearly Undetectable
https://thehackernews.com/2022/03/new-browser-in-browser-bitb-attack.html
https://mrd0x.com/browser-in-the-browser-phishing-attack/

Popular NPM Package Updated to Wipe Russia, Belarus Systems to Protest Ukraine Invasion
https://thehackernews.com/2022/03/popular-npm-package-updated-to-wipe.html

** Watch this episode on YouTube **

** Thank you to our sponsors! **

Keeper Security

Sign up for a free trial of Keeper Password Management for your organization today, and get a free 3-year personal plan. Get started by visiting Keepersecurity.com/SharedSecurity

SLNT

Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”.

Click Armor

To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity

** Subscribe and follow the show **

Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/

Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D

Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe

Contact us: https://sharedsecurity.net/contact

Website: https://sharedsecurity.net

YouTube: https://www.youtube.com/c/SharedSecurityPodcast

The post LAPSUS$ Hacks Okta, Browser-in-the Browser Phishing Attack, Popular Software Package Updated to Wipe Russian Systems appeared first on The Shared Security Show.

*** This is a Security Bloggers Network syndicated blog from The Shared Security Show authored by Tom Eston. Read the original post at: https://sharedsecurity.net/2022/03/28/lapsus-hacks-okta-browser-in-the-browser-phishing-attack-popular-software-package-updated-to-wipe-russian-systems/

Tom Eston , , , , , , , , , , , , , , , , , , , , , ,