LastPass was compromised twice last year by the same actor, once in late August 2022 and again on November 30, 2022. On Wednesday, the global password manager company released a report with new findings from its security incident investigation as well as recommended actions for affected users and businesses. As per LastPass, the hacker first gained access to a software engineer’s corporate laptop in August.
The first attack was critical because the hacker was able to use information stolen by the threat actor during the initial security incident. The bad actor then launched the second coordinated attack by exploiting a vulnerability in a third-party media software package. The second attack targeted the home computer of a DevOps engineer.
“The threat actor was able to capture the employee’s master password as it was entered after the employee authenticated with MFA and gained access to the DevOps engineer’s LastPass corporate vault,” detailed the company´s recent security incident report.
LastPass has validated that the attacker gained access to the company’s data vault, cloud-based backup storage containing configuration data, API secrets, third-party integration secrets, customer metadata, and all customer vault data backups during the second incident. The LastPass vault also includes access to the shared cloud-storage environment, which houses the encryption keys for customer vault backups stored in Amazon S3 buckets, which users ut
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: