The LAPSUS$ hacking group has claimed to have hacked both Microsoft and Okta, details about a novel phishing technique called a browser-in-the-browser (BitB) attack, and how a popular software package that has 1.1 million weekly downloads released a new tampered version to condemn Russia’s invasion of Ukraine by wiping arbitrary file contents.
** Links mentioned on the show **
LAPSUS$ Hackers Claim to Have Breached Microsoft and Authentication Firm Okta
New Browser-in-the Browser (BITB) Attack Makes Phishing Nearly Undetectable
Popular NPM Package Updated to Wipe Russia, Belarus Systems to Protest Ukraine Invasion
** Watch this episode on YouTube **
** Thank you to our sponsors! **
Sign up for a free trial of Keeper Password Management for your organization today, and get a free 3-year personal plan. Get started by visiting Keepersecurity.com/SharedSecurity
Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”.
To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity
** Subscribe and follow the show **
Join the Shared Security Community on Reddit: https://www.reddit.com/r/SharedSecurityShow/
Sign-up for our email newsletter to receive updates about the show, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D
Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe
Contact us: https://sharedsecurity.net/contact
*** This is a Security Bloggers Network syndicated blog from The Shared Security Show authored by Tom Eston. Read the original post at: https://sharedsecurity.net/2022/03/28/lapsus-hacks-okta-browser-in-the-browser-phishing-attack-popular-software-package-updated-to-wipe-russian-systems/