Lapsus$ Attacks: Microsoft Says Group Pays Employees For Initial Access; Okta Provides Attack Timeline
Microsoft acknowledges Lapsus$ accessed source code, downplays risk to customers and risk of elevation Lapsus$ uses extensive social engineering, including paying victims’ employees for initial access and convincing help desks to reset credentials Group uses VPNs, RDP, VDI and identity providers such as Azure AD, Okta in attacks Okta says 2.5% of customers potentially impacted […]