Unlike most activity groups that stay under the radar, DEV-0537 (LAPSUS$) doesn’t seem to cover its tracks. They go as far as announcing their attacks on social media or advertising their intent to buy credentials from employees of target organizations. DEV-0537 also uses several tactics that are less frequently used by other threat actors tracked by Microsoft. Their tactics include phone-based social engineering and SIM-swapping. #lapsus #cyber #windows #threats #microsoft #databreach #informatique

https://www.microsoft.com/security/blog/2022/03/22/dev-0537-criminal-actor-targeting-organizations-for-data-exfiltration-and-destruction