May 20, 2022

Westside People

Complete News World

Microsoft confirms it was hacked by hacker group Lapsus $

Microsoft confirms it was hacked by hacker group Lapsus $
at Blog post Late Tuesday, Microsoft said that $Lapsus had breached one of its accounts, resulting in “limited access” to the company’s systems but not the data of any Microsoft customers.

“Our cybersecurity response teams were quickly engaged in addressing the compromised account and preventing further activity,” Microsoft said in the post.

The revelation comes after Lapsus $claimed its credit for the settlement of Okta, the widely used digital identity management company. On Tuesday evening, following an investigation into those allegations, Octa I acknowledge that hundreds of its customers may have been affected by breach in january Associated with one of Okta’s outside contractors.
Lapsus$ previously claimed to have hacked chip giant Nvidia. nvidia Confirm a breach to CNN earlier this month following the $Lapsus claim.

Addressing allegations by $Lapsus that the group stole Microsoft’s source code, the tech giant said Tuesday that Microsoft’s approach to risk management means that owning the code won’t benefit hackers even if they gain access to it.

“Microsoft does not rely on code secrecy as a security measure, and displaying source code does not increase risk,” Microsoft said.

Microsoft added that the $Lapsus techniques it used in the attack on the company’s systems were consistent with those that Microsoft noted the group was using against other targets.

In the past, Microsoft has said, Lapsus$ has sought to steal individual user credentials to gain access to an organization or corporate network. Then, the group will comb through office collaboration tools like SharePoint, Teams, and Slack to discover other users on the network whose accounts can be targeted to deepen the hack.

See also  Elden Ring: New Zealand and the World Countdown

According to Microsoft, $Lapsus has been known to listen to conference calls from victims to discuss responding to the breach.

Microsoft described $Lapsus as having a sophisticated understanding of technological supply chains, the understanding of how to use the relationships of one organization or rely on another to its advantage. In addition to technology, communications and information technology support companies, Microsoft said, “$Lapsus targeting of government agencies, manufacturing, higher education, energy, retailers and healthcare was also noted.”