Hot News and Guides for Hunger Games

Tag: Data

Samsung and MS drilled hacker group Labs, attacking techniques

Microsoft has recently been chasing a hacker group ‘Lapsus (Lapsus $), which has been hacking several Global IT companies in recent months. Microsoft is also drilling to the rapist, search engine bing, artificial intelligence secretar Cotana, and the shawnest, which is a good reimbursement, as long as it is devoted to the Cotana Source Code.

When Microsoft gathered information so far, WrapRes showed a pattern of data effluent and greater accounting of data effluent and greater accounting of higher authority after internal reconnaissance.

In this process, we copied the social engineering to expose the attack destination to expose sensitive information, copying the cell phone with the target of the subject, and took the right of the target, the SIM swapping, such as the personal email hacking of the personal email hacking. In addition, it also shows that the company has achieved the process of recognizing the accident and discussing the countermeasures, and it also seemed to have a dense tactics that set up intimidation for victims.

■ MS “Recently, During Labors Tracking… Social Engineering Focusing Using”

Microsoft has released a “strategy” strategy and procedure (TTP) ‘of a lapus’ strategy (TTP) of Labors, which is grasped by its threat intelligence center (MSTic) through blogs on the 22nd (local time).

Lapters is a new hacker group that has a global large IT enterprise, such as NVIDIA, Samsung Electronics, LG Electronics, Microsoft, and Octa. Samsung Electronics hacked Galaxy source code from 190GB, and LG Electronics took about 90,000 employees email accounts and passwords. In addition, it invades the NVIDIA system to steal confidential data 1TB, including GPU circuitry, and has been holding the CONNATA SOWCO code from Microsoft.

There are not many known facts about lap states. The fact that you do not deploy the Ransomware, deodorizes the data purely, and initially started attacking the United Kingdom and South America, but now it has expanded its global target, but the other hacker group It is a feature that it is known that the effort to hide is not much, but it is not much to utilize social media.

The release of the TTP of Wraprisus is the first time Microsoft’s posting is the first time. According to the blog, the Microsoft Security Team has been actively tracking the “large-scale social engineering hacking and evil” acts in recent weekly WrapSs.

Tracking Social Engineering Using Mobile Phones ▲ SIM Swap for Account Deodoration ▲ Corporate Email Accounts for Attack Target Enterprise Email Accounts ▲ Credentials and Partnerships and Partners I have confirmed that it was used as a tactical tactics.

Especially, it is Microsoft’s analysis that LapSswes are making social engineering intensive efforts. “To collect operational information of a targeted company, we used employee, team structure, helpdesk, crisis response workflow, supply chain relationship, and so on.

For example, they also used a corporate helpdesk to reset their accounts, which showed that English is a native sender called caller, and a dense to obtain confidence in reciting the profile information that is collected in advance.

Microsoft said, “They have gained high access through the stolen account, took high access, deodorize the data, and evolve the data.” It shows that it is a crime. “

Lapsus$ Hacker Group Targets Samsung, Steals 190GB of Data
■ Step 1 Securing the initial approach

Microsoft said, “The attacker’s TTP and the infrastructure are constantly evolving,”, “and the TTP set observed to date.

These are the first attempt to corrupt the user ID to secure the authority to access the target company first.

Wraplites ▲ Malicious code for stealing passwords and session tokens ‘Red Line Stiller’ Deployment ▲ Distributed Creek in the underground Crime Forum ▲ Credentials or suppliers, and business partner employees, and Credential acquisition and MFA Approval ▲ A compromised account has secured a damaged account through a method such as leaked credential search.

When MFA security is used, the user was encouraged to agree to the MFA request through spam messages.

In some cases, I found additional credentials that can be used to hack personal email accounts for users (not related to work) and access corporate systems. Generally, it used that personal email was used for secondary authentication or password recovery.

In addition, a SIM swapping attack was also performed to access the user’s mobile. SIM swapping was able to pass through the certification that was done by mobile.

After obtaining the access right, the attacker’s system was connected to the corporate virtual company (VPN). In some cases, the system was registered or subscribed to the AD to meet the conditional access requirements.

■ 2-step reconnaissance and permissions rising

They use damaged accounts to obtain access to corporate networks, and after using multiple tactics to find additional credentials or intrusion points to expand access permissions.

They used ‘AD Explorer’ to look at all users and groups on the network, and verify that some accounts have higher rights.

Then, convulance, Zira, and the vulnerability of the flares for the right to rise.

In some cases, a help desk was used to reset accounts. “The first street that you lived is the first street” I have a lot of information on the Mother’s Marriage “account recovery, and took a lot of information on the recovery, and took a call to the helpdesk, and earn credibility and raise account rights. This tactic is that it is especially the explanation of Microsoft if the organization has given the ability to enhance authority to Help Desk staff.

■ Three-step leaks and rings

According to Microsoft, Wraplins operates a dedicated infrastructure in a virtual private server (VPS) vendor and utilizes node VPN as an ignore (traffic external to the server) points. In addition, it also conscious of detections such as ‘impossible travel’ that AD performs ‘impossible travel’, and also confirmed that geographically selected VPN exit points similar to attack targets. After this stomach, the sensitive data was downloaded to a VPN or a system connected to an AD.

In the outflow and evaluation stage, the noticeable act is that the business is watching the accident and watching the accident. Wraplospers saw the company’s crisis communication calls, internal bulletin boards (slack, teams, conference calls, etc.).

“To understand the workflow of the company ‘s accident response workflow, the attackers have grasped the location of the company for the infringement of the covenant ▲ ▲ ▲ the company’s perception of the accident ▲ to the accident ▲,” Microsoft said, “Microsoft explained.

Lapris has also demanded the stolen data to the hostage, and it also released stolen data publicly without money.

What is the corresponding method? “Simple MFA or phone certification is avoided”

Microsoft has also presented a way to prevent damage to the attack tactics of the lapus.

First, we recommended that “apply MFA for all infrastructure, including a trusted environment,” all infrastructure. “We have to use a FIDO token or a MS anxcentic cater, such as a more secure implementation, and have a SIM swapping risk, so the phone-based MFA method should be avoided.”

“Using an AD password protection, use a password that can be easily guessed, and use the password-free authentication method, such as Windows HEWELO, MS ancestry cater, and FIDO tokens, I had to reduce it. “

In addition, do not use a weak MFA element, such as a “text message (vulnerable to SIM swapping), simple voice approval, simple push, and subsidiary email addresses, but do not allow credentials or MFA elements sharing.”

Rumor: GTA V for PS5 and Series X

Grand Theft Auto, usually abbreviated GTA, is a series of video clip games produced by David Jones and Mike Daily, after that by the Brothers Dan as well as Sam Hostler, Leslie Menzies and also Aaron Gar but. Shown up in 1997, the series is primarily developed by the Scottish business Superstar North (previously MA Design), as well as released by Rock star Gaming. The name of the series is derived from the excellent Automobile Theft expression, which suggests automobile trip as well as is sometimes made use of in the cops’ jargon.
Many of the games of the series takes location in a fictitious city like Liberty City, Vice City, San Andreas or Los Santos, respectively designed from American cities as well as regions of New York, Miami, South The Golden State and Los Angeles. The series is usually the subject of polemics by its adult web content and its terrible themes.
The series is introduced by MA Layout in 1997; In 2015, it has an overall of sixteen games, including 4 extensions and online mode that can be comparable to video games in its very own right. Many stars and also artists offer their voice to the personalities of the series including Ray Gotta, Burt Reynolds, Dennis Receptacle, Samuel L. Jackson, Debbie Harry, Phil Collins, Pink AXL, and Peter Fonda.
In 2021, the franchise has greater than 350 million copies marketed all over the world, placing it in the fourth location of one of the most offered computer game series of perpetuity.

After a couple of delays, it is expected that GTA V is available at PS5 and Xbox Series X | S next March. However, a new report by a Data Miner has indicated that This title could move its release date once again.

OMG!..

According to information from Matheusbr9895, GTA V In the new consoles you are suffering from a series of problems . Thus, the Data Miner has pointed out that this improved version would arrive between April and May 2022, a couple of months after the expected. This was what he said:

Recently I recently received information about the game: Grand Theft Auto V: expanded and improved. The development was complicated. At the moment, it is still in March, but there are great possibilities that it is postponed for April / May, he commented.

As always, this is just a rumor, and At the moment there is no official information on the part of Rock star or Take-Two . However, we have already seen how this version of the game has been delayed on multiple occasions, so the chances that this happens again are not null.

If nothing changes, GTA v will reach PS5 and Xbox Series X | S in March 2022 . On related topics, GTA VI would arrive until 2024. In the same way, we already know what happened to Michael after the events of the game.

Editor’s note:

A delay would not be a surprise. However, it would be quite rare for a game that came to the market in 2013 is not yet available in the new consoles, especially considering that its launch in PS4 and Xbox One was almost immediate.

Powered by WordPress & Theme by Anders Norén