To get started, open your LastPass vault, and To share work related passwords with LastPass Business, you will create a shared folder, add passwords to the shared folder, then share the folder with your colleagues. 24, though it’s unknown if the Plex incident is related to the LastPass incident.LastPass Business allows SHSU employees to share work related sign in credentials with each other in safe and secure manner.
The December update followed one in November on the August incident that said “certain elements of our customers’ information” was accessed, but added that customers’ passwords remained safely encrypted due to its Zero Knowledge architecture.Īrs Technica reported that the third-party media software was Plex, which reported a network intrusion of its own on Aug. The February update by LastPass follows another significant update to the incident in December, when it shared that an unknown threat actor accessed a cloud-based storage environment leveraging information obtained from the August incident.
The bad actor was able to capture the employee’s master password using the keylogger malware after the employee authenticated with MFA to gain access to the engineer’s LastPass corporate vault. 12 by targeting one of the engineers’ home computers by exploiting a vulnerable third-party media software package and gained remote code execution capability (RCE) to install a keylogger. Eventually, AWS GuardDuty Alerts informed LastPass of “anomalous behavior as the threat actor attempted to use Cloud Identity and Access Management (IAM) roles to perform unauthorized activity.”īecause the cloud-based storage services were encrypted - notably AWS S3 buckets - and only four DevOps engineers had access to the decryption keys, the threat actor made quick use of the stolen credentials after Aug. Since the threat actor used valid credentials to access the cloud-based storage resources, it made it difficult for investigators to differentiate between threat-actor and legitimate activity. 12, 2022, but the threat actor “was actively engaged in a new series of reconnaissance, enumeration, and exfiltration activities aligned to the cloud storage environment spanning from Augto October 26, 2022.” 27 update to the security incident, the password manager firm said it had high confidence the first incident ended Aug. LastPass said an engineer’s home PC was hacked after an August security incident, which allowed the threat actor to later access decryption keys needed to access the DevOps engineer’s corporate vault and exfiltrate data from cloud-storage resources.
0 kommentar(er)
