was accomplished by targeting the DevOps engineer’s home computer and exploiting a vulnerable third-party media software package, which enabled remote code execution capability and allowed the threat actor to implant keylogger malware.
Listen now – Learn more! /0DFb4wALhiĬoinbase’s luckless employee got phished, but LastPass’s luckless developer apparently got keylogged, with the crooks exploiting an unpatched vulnerability to get their foothold:
“As simple as the attack was, it would be a bold company that would claim that not one of their users, ever, would fall for this kind of thing…” LastPass now thinks it has the answer, and though it’s a bad look for the company to get pwned in this way, we’ll repeat what we said in last week’s podcast promo video in respect of the recent Coinbase breach, where source code was also stolen: (The word pivot in this context is just a jargon way of saying, “Where the crooks went next.”) The burning question, it seems, was, “How was that pivoting possible, given that the needed access credentials were locked up in a secure password vault to which only four developers had access?” The threat actor pivoted from the first incident, which ended on, but was actively engaged in a new series of reconnaissance, enumeration, and exfiltration activities aligned to the cloud storage environment spanning from to. In LastPass’s case, the initial breach was immediately followed, as the company now says, by an extended period of attackers poking around elsewhere looking for additional cyberbooty: …well, you simply can’t be sure what they didn’t do with it. You know what you know, because there’s broken glass on the kitchen floor and a console-shaped gap where your beloved PlayBox-5/360 games device used to be.īut you don’t know, and you can’t easily figure out, what you don’t know, such as whether the crooks diligently scanned-but-replaced all the personal documents in your desk drawer, or took good-quality photos of the educational certificates on the wall, or found copies of your front door key that you’d forgotten you had, or went into your bathroom and used your toothbrush to… As we’ve previously described, LastPass spotted, in August 2022, that someone had broken into their DevOps (development operations) network and run off with proprietary information, including source code.īut that’s a bit like coming back from vacation to find a side window smashed and your favourite games console missing, with nothing else obviously amiss.
0 kommentar(er)
