News Week Ending June 12, 2022


How Lapsus$ Gains Access
by Artie Kaye

Even with the arrests made in the UK, Lapsus$ compromised the databases at Globant.  The current understanding of how the group gains access to companies is through their technological supply chain.  If a large company is doing business with a smaller one, Lapsus$ targets the smaller one to attempt to get credentials with the intent to gain access to the larger one.  A takeaway from this is to have security measures in place for your staff.  Social engineering is the number one method that hackers use to gain access to companies.

https://www.computerweekly.com/news/252515369/Lapsus-cyber-crime-spree-continues-despite-arrests

Browser-in-Browser Phising
bby Artie Kaye

Here’s some good news regarding a browser-in-browser phishing problem that has recently come to light.  For those who don’t know, someone devised a way of mimicking the login popups that you can find on pages like Facebook or Google.  The popup looks legitimate and even displays the proper web address.  It is devious in that it evades all the traditional methods for determining if it is authentic or not.  The good news is that two methods can help someone determine whether it is a real or fake request. The first is to right-click on the login window and try to inspect it in the browser.  If it is real, you should be able to have the website code come up when doing this.  If it’s fake, it may give a normal Windows program menu or no menu at all.  Also, if the login box can be dragged outside the browser window, it is fake. Testing these two things will help keep you secure.

https://www.bitdefender.com/blog/hotforsecurity/browser-in-the-browser-attacks-mimicking-authentication-pop-ups-are-now-possible-research-shows/