A new cybercrime outfit that calls itself RansomHouse is attempting to carve out a niche of the cyber extortion market for itself by hitting organizations, stealing their data, and offering to delete it and provide a full report on how and what vulnera… Continue reading RansomHouse: Bug bounty hunters gone rogue?
Cybercriminals often specialize. An extortion effort usually begins with a person or a team selecting targets in one of two ways: either they get a request from an extortionist or they just find their own victim to sell access to. Attackers pick victim… Continue reading Taking the right approach to data extortion
Brian Krebs has a detailed post about hackers using fake police data requests to trick companies into handing over data.
Virtually all major technology companies serving large numbers of users online have departments that routinely review and process such requests, which are typically granted as long as the proper documents are provided and the request appears to come from an email address connected to an actual police department domain name.
But in certain circumstances – such as a case involving imminent harm or death – an investigating authority may make what’s known as an Emergency Data Request (EDR), which largely bypasses any official review and does not require the requestor to supply any court-approved documents…
Even after the arrests, the group has released more stolen data.
International IT and software development firm Globant has confirmed that an increasingly-notorious cybercrime gang breached its network and stole intellectual property and passwords.
Read more in my article on the Hot for Security blog. Continue reading LAPSUS$ hacks Globant. 70GB of data leaked from IT firm
The FBI is calling on members of the public to help it uncover members of an increasingly-notorious cybercrime gang. Continue reading FBI adds LAPSUS$ data extortion gang to its “Most Wanted” list
British police arrested seven people earlier this week in relation to a wave of attacks launched by the LAPSUS$ hacking group, against firms such as Microsoft, NVIDIA, Ubisoft, Samsung, and Okta.
The hacking group’s alleged mastermind? A 16-year-ol… Continue reading Optimistic father of LAPSUS$ hacking suspect says he’s going to try to stop him using computers
Recent claims by the cyber extortion gang have been validated by Okta and Microsoft: Lapsus$ have managed to get their hands on some of Microsoft’s source code and have gained access to the laptop of a support engineer working for a third-party c… Continue reading Microsoft and Okta comfirm, detail impact of Lapsus$ gang’s attacks
After breaching NVIDIA and Samsung and stealing and leaking those companies’ propertary data, the Lapsus$ cyber extortion gang has announced that they have popped Microsoft and Okta. Lapsus$ gang’s claims If Lapsus$’s assertions prove… Continue reading Lapsus$ gang says it has breached Okta and Microsoft
Cybercrime organization Lapsus$ posted suspicious screenshots. Microsoft officials said they are “aware of the claims and are investigating.”
The post Microsoft investigating hacking group’s claims of successful breach appeared first on CyberScoop.