![]() ![]() ![]() “Several weeks ago, our monitoring tools detected a bad actor using stolen credentials to access internal systems that house operational tools software,” said T-Mobile. ![]() In response to the incidents, T-Mobile shared the following statement with KrebsOnSecurity: As some of the gang members argued over whether to focus on the SIM swapping tactic, one person used the access to run an automated script that downloaded more than 30,000 source code repositories from T-Mobile. Using T-Mobile VPN credentials purchased on the dark web, the Lapsus$ members were able to gain access to Atlas, a T-Mobile tool for managing customer accounts, according to KrebsOnSecurity. New Malware Targets 97 Browser Variants, 76 Crypto Wallets & 19 Password Managers How Generative AI is a Game Changer for Cloud Security SEE: Mobile device security policy (TechRepublic Premium) Must-read security coverageĨ Best Penetration Testing Tools and Software for 2023Ħ Best Cybersecurity Certifications of 2023 Known as SIM swapping, this tactic reassigns a phone number to a device owned by the attackers, allowing them to intercept text messages and phone calls for password resets and multi-factor authentication codes. In a post from Friday, security site KrebsOnSecurity revealed leaked chat messages between members of the Lapsus$ gang in which they discussed targeting T-Mobile employees with social engineering tactics designed to give them access to a victim’s mobile phone number. T-Mobile was the victim of a series of data breaches carried out by the Lapsus$ cybercrime group in March. Through multiple breaches, the Lapsus$ cybercriminal group was able to steal source code from T-Mobile, says KrebsOnSecurity. T-Mobile hit by data breaches from Lapsus$ extortion group ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |