“The threat actor was able to capture the employee’s master password as it was entered after the employee authenticated with MFA and gained access to the DevOps engineer’s LastPass corporate vault,” detailed the company´s recent security incident report. New Malware Targets 97 Browser Variants, 76 Crypto Wallets & 19 Password Managers How Generative AI is a Game Changer for Cloud Security Must-read security coverageĨ Best Penetration Testing Tools and Software for 2023Ħ Best Cybersecurity Certifications of 2023 The second attack targeted a DevOps engineer’s home computer. Exploiting a third-party media software package vulnerability, the bad actor then launched the second coordinated attack. The first attack was critical, as the hacker was able to leverage information the threat actor stole during the initial security incident. How the LastPass attacks happened and what was compromisedĪs reported by LastPass, the hacker initially breached a software engineer’s corporate laptop in August.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |