The Analyst Prompt #06: Racoon Stealer Development Hiatus, Updates on LAPSUS$ and North Korean State Backed Operations

Threat Actor Update: LAPSUS$ Compromises Highlight the Effectiveness of Insider Threats

Extortion group LAPSUS$ announced in March it compromised Okta (1), a widely used identity and access management provider, and Microsoft (4). LAPSUS$ claimed to have “superuser/admin” access to Okta and that it had accessed customer data (2). Okta suspects LAPSUS$ gained access to a support engineer’s laptop between 16th and 21st January 2022 (1). The data of approximately 2.5% of Okta’s …

analyst development intelligence research malware north operations racoon state stealer threats and vulnerabilities updates vulnerabilities