Articles about Lapsus$

More and more organizations are enrolling users in Multi-Factor Authentication (henceforth referred to as MFA) wherein a secondary form of authentication takes place following a user inputting their credentials into a service to ensure a user is who they say they are. It’s an added layer of security and authentication that can help prevent compromise. But this isn’t bulletproof.

Recently a few blog posts and papers have begun to come out detailing a bypass technique known as "MFA bombing", "MFA Fatigue", "Push Notification Spamming", and many other terms, detailing high-profile threat actors such as LAPSUS$ who have abused the technique to gain access to otherwise protected areas. The technique was one we at Lares (and other red teams!) have used with overwhelming success in the past. We know it as Push Fatigue.

Continue reading →

Microsoft has confirmed reports that it was hacked by the Lapsus$ extortion group, also known as DEV-0537. While admitting that the hackers managed to steal source code, the company is simultaneously trying to downplay the incident.

Lapsus$ shared a 37GB archive online containing partial source code for Cortana and Bing, but Microsoft insists that no customer data was compromised. The company says that "our investigation has found a single account had been compromised, granting limited access."

Continue reading →

Microsoft is conducting an investigation after data extortion group Lapsus$ claimed to have hacked the company and stolen data.

In a leaked screenshot, the hackers brag about gaining access to an Azure DevOps repository which is home to source code for all manner of Microsoft projects including Bing and Cortana. Having already hacked the likes of Samsung, NVIDIA and Vodafone, the claims made by Lapsus$ are entirely feasible, but for now Microsoft is saying nothing about what -- if anything -- has been stolen.

Continue reading →

Samsung appears to have fallen victim to a serious security breach if the leaks from data extortion group Lapsus$ are anything to go by.

Amounting to a colossal 190GB of data, the group says it has in its possession Samsung source code and other confidential company data. It is just days since the Lapsus$ claimed responsibility for a hack that resulted in data being stolen and leaked from data stolen from GPU chipmaker NVIDIA.

Continue reading →