How did the crooks get in given that the needed access credentials of 4 developers at LastPass were locked up in a secure password vault to which only four developers had access?” Access to the vault password] was accomplished by targeting the DevOps engineer’s home computer and exploiting a vulnerable third-party media software package, which enabled remote code execution capability and allowed the threat actor to implant keylogger malware. The threat actor was able to capture the employee’s master password as it was entered, after the employee authenticated with MFA, and gain access to the DevOps engineer’s LastPass corporate vault. Why there was apparently no requirement for 2FA for opening up the corporate vault, in addition to the 2FA used when the employee first authenticated? Why was the 3rd party software not updated?
Related Posts
British law firms called on to arm themselves against ransomware
The UK’s National Cyber Security Center (NCSC) has called on law firms in the country to arm themselves…
June 26, 2023
Cybersecurity of AI and standardization
The European Union Agency for Cybersecurity (ENISA) believed that commonly used standards (such as ISO 27001/27002 and ISO…
March 16, 2023
Nearly half of websites vulnerable to cyber attack
Cyber security given low priority by businesses Almost half of websites are vulnerable to attacks, yet this is…
March 7, 2023