![]() ![]() It also admitted that the hackers made off with a bunch of sensitive information, including its Amazon S3 buckets. When the company announced the second security breach in December, it said the bad actors used information obtained from the first incident to get into its cloud service. While the first incident ended on August 12th, the company said in its new announcement that the threat actors were "actively engaged in a new series of reconnaissance, enumeration, and exfiltration activities aligned to the cloud storage environment spanning from August 12th, 2022 to October 26th, 2022." ![]() If you'll recall, LastPass revealed in August 2022 that an "unauthorized party" gained entry into its system. This latest update in LastPass' investigation gives us a clearer picture of how the two security breach incidents it went through last year were connected. After they got in, they exported the vault's entries and shared folders that contained decryption keys needed to unlock cloud-based Amazon S3 buckets with customer vault backups. They implanted a keylogger into the software, which they then used to capture the engineer's master password for an account with access to the LastPass corporate vault. Apparently, the bad actors involved in those incidents also infiltrated a company DevOps engineer's home computer by exploiting a third-party media software package. LastPass has posted an update on its investigation regarding a couple of security incidents that took place last year, and they're sounding graver than previously thought.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |