back to article Lapsus$ back? Researchers claim extortion gang attacked software consultancy Globant

Extortion gang Lapsus$ may to be back at work, despite the arrest of seven alleged operatives. VX-Underground – an organization that analyzes malware samples and trends – has shared evidence it states was sourced from security researcher Dominic Alvieri, detailing an intrusion of Luxembourg-based software development …

  1. sanmigueelbeer

    Anonymous successfully deletes 65 Tb of data from Rosaviatsia

    In other news, Anonymous successfully deletes 65 Tb of data from Russian Civil Aviation Authority (Rosaviatsia) sending their system back to basic, pen and paper.

    And no, there are no backups: No backup of these data exists due to lack of funds allocated by Russia's Ministry of Finance.

    1. Clausewitz 4.0
      Devil

      Re: Anonymous successfully deletes 65 Tb of data from Rosaviatsia

      Cyberwar, anyone? Remember aeroplanes have a lot of computer code.. Just saying..

  2. Doctor Syntax Silver badge

    It ought to be clear that by outsourcing you're increasing your attack surface. What might not be quite as clear is that if the outsourcer also outsources some aspect of its operations it's increasing your attack surface still further. What's entirely unclear is why a corporation in the business of managing clients' security doesn't recognise the significance of a security issue when it's pushed under their nose.

  3. Plest Silver badge
    Facepalm

    Bunch of "skiddies"!

    Lapdance or whatever they're called this week are nothing more than a bunch of skiddies. I hold no love for any of these dirtbags but at least some groups, nasty as they are, actually research and code their own malware using very clever ideas.

    1. Shepard

      Re: Bunch of "skiddies"!

      If even "skiddies" as you mockingly call them can hack NVIDIA, and some other major players in the IT industry, what can the state-sponsored entities do?

      They should be thanking Lapsus$ for exposing their piss poor security practices.

      That said, guessable admin passwords, admin password reuse, domain admin passwords in LastPass? WTF?!?

      Where is MFA? Hardware tokens? Smart cards?

      Oh I know, IT is just a cost center for beancounters, a go-to OU for budget cuts and outsourcing, at least until shit like this hits the fan.

      1. yetanotheraoc Silver badge

        Re: Bunch of "skiddies"!

        "domain admin passwords in LastPass?"

        Even better, in LastPass.xlsx. Totally not passwords, though.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like