However, the exploited vulnerability was almost three years old and had already been patched, per Plex. While LastPass said that hackers exploited a vulnerability on a “third-party media software package” on the engineer’s computer to plant the keylogger, PCMag recently learned that the target was Plex Media Server software. The popular password manager said that threat actors used information obtained from an earlier hack in August, in combination with access credentials gleaned from a keylogger that was installed on the DevOps engineer’s computer, to break into LastPass’s cloud-based storage and steal customer data.Īccording to a report from PCMag, however, the whole thing could have been avoided entirely - or at least delayed - if the employee in question had simply installed a software update. ![]() Earlier this week, LastPass disclosed that a major security breach last year that saw hackers steal customers’ encrypted password vaults, personal information, and more was orchestrated by installing malware on one employee’s home computer.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |