Getty Images/iStockphoto

Risk & Repeat: Lapsus$ highlights poor breach disclosures

Listen to this podcast

This Risk & Repeat podcast episode examines two high-profile breaches by emerging threat group Lapsus$ and how Microsoft and Okta responded to these attacks.

This week's Risk & Repeat podcast discusses the emerging threat group Lapsus$, its hacks against Microsoft and Okta, and the persistence of poor breach disclosures.

Lapsus$ is a relatively new threat group that gained prominence when it publicly took credit for attacks against Nvidia and Samsung earlier this month. This prominence escalated when, this week, the gang claimed to have hacked authentication vendor Okta and tech giant Microsoft. All four companies confirmed breaches had occurred.

Microsoft's and Okta's breaches specifically raised questions and criticisms about how organizations disclose attacks. Microsoft placed its breach disclosure toward the bottom of a technical post about Lapsus$, while Okta released several statements and disclosures two months after an intrusion was initially detected at a third-party partner.

SearchSecurity editors Rob Wright and Alex Culafi discuss the latest news surrounding Lapsus$ in this episode.

Alexander Culafi is a writer, journalist and podcaster based in Boston.

Enterprise Desktop
  • Understanding how GPOs and Intune interact

    Group Policy and Microsoft Intune are both mature device management technologies with enterprise use cases. IT should know how to...

  • Comparing MSI vs. MSIX

    While MSI was the preferred method for distributing enterprise applications for decades, the MSIX format promises to improve upon...

  • How to install MSIX and msixbundle

    IT admins should know that one of the simplest ways to deploy Windows applications across a fleet of managed desktops is with an ...

Cloud Computing