"6 Ways to Protect Your Organization Against LAPSUS$"

Researchers at Microsoft are urging businesses to educate employees on the type of social engineering attacks used by hacking group DEV-0537 (LAPSUS$) and strengthen their security posture.  The hacking group DEV-0537, also known as LAPSUS$, operates globally using a pure extortion and destruction model without deploying ransomware payloads.  The researchers noted that, unlike other social engineering attackers, DEV-0537 publicly announces its attacks on social media and pays employees for login credentials and multifactor authentication (MFA) approval.  In the past, the group has also used SIM-swapping to facilitate account takeovers, targeted personal employee email accounts, and intruded on crisis-communication calls once their targets have been hacked.  The researchers noted that with some education on DEV-0537’s known tactics and strong cyber hygiene, businesses can guard themselves against future social engineering attacks.  The researchers pointed out six ways to help protect against becoming a victim of LAPSUS$: require healthy and trusted endpoints, leverage modern authentication options for VPNs, strengthen and monitor your cloud security posture, improve awareness of social engineering attacks, and establish operational security processes in response.  

Dark Reading reports: "6 Ways to Protect Your Organization Against LAPSUS$"