Advanced Persistent Teenagers: Understanding the Lapsus$ Playbook
Benjamin Hering
BSidesSF 2024 · Day 1
This talk, "Advanced Persistent Teenagers: Understanding the Lapsus$ Playbook," delivered by Benjamin Hering, delves into the tactics, techniques, and procedures (TTPs) employed by the notorious Lapsus$ hacking group. Hering, who works for Saildrone, a company specializing in uncrewed marine vessels, uses the analogy of aviation safety's evolution to highlight the critical need for understanding root causes in cybersecurity incidents. The presentation is largely based on the Cyber Safety Review Board (CSRB) report, a comprehensive analysis of Lapsus$'s activities.
AI review
This talk dissects the Lapsus$ playbook with brutal clarity, demonstrating how a group of 'advanced persistent teenagers' leveraged basic social engineering and common misconfigurations to breach major enterprises. The speaker provides concrete examples from Uber, Okta, and Cisco, detailing the initial access vectors, privilege escalation paths, and data exfiltration techniques. Crucially, it moves beyond just describing the attacks to offering actionable, technically sound defensive strategies that cut through the marketing fluff.