deneme bonusu
LastPass says employee's home computer was hacked to steal a decrypted vault | Insider Feeds %

LastPass says employee’s home computer was hacked to steal a decrypted vault




In brief: Password manager LastPass has revealed details of a breach last year that resulted in partially encrypted user login data being stolen. The company confirmed that the incident stemmed from a previous hack in August that enabled the hacker to steal credentials from a DevOps engineer’s home computer and obtain a decrypted vault.

In December, LastPass said it had detected unusual activity within an AWS cloud storage service that the organization and GoTo, the company formerly known as LogMeIn that acquired LastPass in 2021, share. It was determined that the hacker was able to gain access to “certain elements” of customers’ data. This was achieved using information acquired from the previous hack on LastPass in August.

LastPass revealed more details of the second incident yesterday. It writes that although the initial breach ended on August 12, the hacker “was actively engaged in a new series of reconnaissance, enumeration, and exfiltration activity” from August 12 to August 26. The threat actor was able to steal credentials from a senior DevOps engineer during this period and access the company’s shared cloud storage, which contained the encryption keys for customer vault backups stored in Amazon S3 buckets.

Part of the attack involved the home computer of the engineer, one of only four with access to the decryption keys, being infected with a keylogger. This was achieved by exploiting a remote code execution vulnerability in a third-party media software package. Ars Technica writes that the software in question was the streaming media service/media player Plex.

“The threat actor was able to capture the employee’s master password as it was entered, after the employee authenticated with MFA, and gain access to the DevOps engineer’s LastPass corporate vault,” writes LastPass.

Back in August, just 12 days after the second LastPass incident began, Plex announced the discovery of suspicious activity in one of its databases and found that a third party had accessed a subset of data that included emails, usernames, and encrypted passwords. Whether this was linked to the LastPass breach is unclear.

LastPass has revealed a detailed list of everything accessed during the breaches. If you’re a user, changing the master password and all passwords in your vault would be a wise move.


Source link

Subscribe to our magazine

━ more like this

Understanding and Excelling in the HSC Short Syllabus in Bangladesh

Introduction: The Higher Secondary Certificate (HSC) Short Syllabus in Bangladesh has been introduced to overcome academic challenges and ensure effective learning. This comprehensive guide explores...

A Detailed Exploration of SSC Exam Routine 2024 in Bangladesh

Introduction: Embarking on the academic journey, the Secondary School Certificate (SSC) exam holds paramount significance for students in Bangladesh. This comprehensive guide navigates the intricacies...

A Comprehensive Guide to PESP Finance Gov BD

Introduction: In the intricate world of financial management, PESP Finance Gov BD emerges as a key player. This comprehensive guide explores the various aspects of...

Innovative Uses for Coffee Burlap Bags in Your Garden

Demystifying Coffee Burlap Bags Before we dive into their myriad uses, let's acquaint ourselves with coffee burlap bags. Made from robust natural burlap fibers, they're...

Unlocking the Benefits of Online Shopping with Credit Cards: Why OneCard Might Be Your Best Bet?

Indians are increasingly opting for online shopping over in-store purchases, with credit card transactions online outpacing those at physical Point of Sale (PoS) locations...