The post shows that the hacker against LastPass was resourceful and persistent, but also that LastPass was not treating its own crown jewels with the serious security practices it should have. In there, the hacker stole the keys needed to access “LastPass production backups, other cloud-based storage resources, and some related critical database backups,” the blog reads. From here, the hacker installed a keylogger, captured the engineer’s master password, bypassed the company’s multi-factor authentication protections, and accessed the corporate vault. The hackers did this by exploiting a vulnerability in a third-party media software package, which Ars Technica later reported to be Plex. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, or hackers managed to access LastPass’ corporate vault by targeting the home computer of one of four engineers who had access to decryption keys needed to access cloud data storage where sensitive information was kept. “Our investigation has revealed that the threat actor pivoted from the first incident, which ended on August 12, 2022, but was actively engaged in a new series of reconnaissance, enumeration, and exfiltration activities,” LastPass wrote.ĭo you know anything else about the LastPass breach? We'd love to hear from you. On Monday, LastPass published a blog post which provided more information on that breach, which it is now calling “Incident 2,” because the hacker leveraged its initial access to then steal data.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |