[MART] - Daily Diary #481 - Lapsus$ Claims A New Attack On Globant
CTAS-MAT
ctas-mat at appgate.com
Wed Mar 30 20:36:15 UTC 2022
Hello,
I hope everyone is doing well!
Below is the entry for today.
03/30/2022 - Diary entry #481:
Covered recently by multiple of our Daily Diaries, Lapsus$ is a cybercrime gang responsible for leaking source codes and sensitive data from Samsung, Nvidia, Okta, and other high-profile targets. Last week, on March 24th, London police arrested seven members accused of having connections to Lapsus$.
After the London police operation, we were expecting Lapsus$ remaining members to retire or to go dark. However, as Lapsus$ posts suggest they are a group of people from multiple countries, they resumed their activities on their Telegram channel. Although nothing about the arrests was addressed, Lapsus$ instead announced yesterday, on March 29th, their return after a "vacation" and posted a new leak exposing the software services company Globant.
In this new breach, Lapsus$ exposed admin's weak-password credentials being re-used among Globant's platforms such as Github and Atlassian's Crucible, Jira, and Confluence. Then, they shared a torrent file containing around 70 GB of customers' source code. Today, one day after the leak, Globant confirmed in a press release that some of the company source code has been exposed to an unauthorized party.
This new breach shows that the Lapsus$ group remains fully operational, meaning that organizations worldwide should reinforce their security practices by adopting a Zero Trust approach to contain and minimize the damage of this kind of attack.
Kind Regards,
[https://d3aafpijpsak2t.cloudfront.net/images/Signature/logo@2x.png]<https://www.appgate.com/>
[https://d3aafpijpsak2t.cloudfront.net/images/Signature/likedin@2x.png]<https://www.linkedin.com/company/appgate-security/> [https://d3aafpijpsak2t.cloudfront.net/images/Signature/twitter@2x.png] <https://twitter.com/AppgateSecurity> [https://d3aafpijpsak2t.cloudfront.net/images/Signature/youtube@2x.png] <https://www.youtube.com/channel/UC-8GvxcZbm-R3EJNl8jYjiQ>
Felipe Tarijon de Almeida
Malware Analyst
Appgate
E: felipe.tarijon at appgate.com<mailto:felipe.tarijon at appgate.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/mart/attachments/20220330/95456988/attachment.htm>
More information about the MART
mailing list