Tech giant Microsoft and secure identity platform Okta have both joined the ranks of high-profile organizations that have recently fallen victim to the Lapsus$ extortion gang.
Microsoft says that the group gained only limited access to their systems, while Okta has confirmed that nearly 375 (about 2.5%) of their customers may have had their data compromised in the attack.
Lapsus$ has been observed using the RedLine infostealer to obtain session tokens and user credentials, as well other methods like dark web marketplaces and code repositories. Once they've gained a foothold in a network, they will attempt to elevate privileges and exfiltrate data.
The AI-powered and behavioral detection engines in Acronis Cyber Protect reliably identify and block RedLine and other malicious tools popular amongst cybercriminals, keeping your systems and data safe from attackers.