TeamPCP Explores Ways to Exploit Stolen Supply Chain Secrets
TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ and Vect ransomware gangs
Coverage of incidents reported as linked to Lapsus, including attribution analysis, infrastructure, disruption efforts, and defensive guidance.
Search across headline titles and summaries.
Background for this topic.
Lapsus$ is a threat actor or intrusion set associated in public reporting with high-profile compromises, theft of corporate data and source code, and extortion through threats to disclose stolen information. Attribution can be difficult because the name may encompass activity by multiple individuals, so reporting should distinguish confirmed facts from claims made by the group or by investigators.
The material security concern is the exposure of identity and support processes: reported incidents have involved social engineering, compromised employee accounts, and access to cloud or development environments. Defenders should enforce phishing-resistant multifactor authentication where possible, tightly control help-desk account recovery, monitor unusual sign-ins and session use, and limit access to repositories and sensitive stores. If an intrusion is suspected, promptly preserve authentication and cloud logs, revoke sessions, rotate credentials and tokens, determine what data was accessed or removed, and assess privacy and notification obligations.
Weekly headline count for the current query.
TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ and Vect ransomware gangs
New phishing domains point to a campaign from the notorious Scattered Lapsus$ Hunters collective
Scattered Spider, ShinyHunters and LAPSUS$ have formed an enhanced coordinated threat network for extortion efforts
Scattered Lapsus$ Hunters may be preparing to launch an extortion-as-a-service model, according to Palo Alto Networks
The infamous BreachForums site has been taken offline again to disrupt Scattered Lapsus$ Hunters
JLR said it is investigating following claims by the actor “Scattered Lapsus$ Hunters” that it had stolen data from the firm and had issued an extortion demand
Arion Kurtaj was deemed not fit to stand trial
The CSRB proposed ten concrete recommendations for both governmental bodies and industries
Noose tightens around notorious cybercrime group
Individual may be linked to Lapsus$ group
The threat actor ‘teapotuberhacker’ could be linked to the Lapsus$ hacking group
Threat actor bombarded Uber contractor with 2FA requests
Authentication vendor completes investigation into incident
Duo are 16 and 17-years-old
Seven youngsters held in coordinated police operation
Firm confirms hackers accessed internal systems via RDP
Microsoft also admits it was hit by ransom group
Concerns rise that ransomware group used access to target customers
Lapsus group appears to have compromised new targets