Breaches aren’t about breaking in anymore — they’re about buying in. In this Saturday Security Story, we look at the return of Scattered LAPSUS$ Hunters, their new Telegram activity, and an alleged SaaS supply-chain breach tied to Gainsight and Salesforce integrations impacting hundreds of organizations. But the most disturbing change? They’re openly recruiting insiders. For as little as $25,000, this group is offering to buy access to: * Okta * Microsoft SSO * VPNs * GitHub * Internal dashboards and screenshots No zero-days - No malware - Just people. This isn’t hypothetical — a CrowdStrike employee was recently fired for feeding this exact group. Top patterns: Stolen tokens. Trusted apps. Social engineering. Identity abuse. Your biggest security risk isn’t the perimeter anymore. It’s identity, access, and who you trust inside your environment. If you’re responsible for security, IT, or risk — this is a shift you can’t ignore. Like, subscribe, and share to keep this conversation going. https://socradar.io/blog/scattered-lapsus-hunters-gainsight-breach/ https://www.linkedin.com/feed/update/urn:li:activity:7404905350488932352/
No comments:
Post a Comment