Summary

Top Articles:

  • LastPass: Keylogger on home PC led to cracked corporate password vault
  • LastPass: hackers breached the computer of a DevOps engineer in a second attack
  • LastPass was undone by an attack on a remote employee
  • LastPass attackers steal source code, no evidence users’ passwords compromised
  • CISA adds Plex Media Server bug, exploited in LastPass attack, to Known Exploited Vulnerabilities Catalog

CISA adds Plex Media Server bug, exploited in LastPass attack, to Known Exploited Vulnerabilities Catalog

US CISA added remote code execution vulnerability in Plex Media Server to its Known Exploited Vulnerabilities Catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a remote code execution (RCE) vulnerability in the Plex Media Server, tracked as CVE-2020-5741 (CVSS score: 7.2), to its Known Exploited Vulnerabilities Catalog. The three-year-old high-severity flaw is a deserialization of […] The post CISA adds Plex Media Server bug, exploited in LastPass attack, to Known Exploited Vulnerabilities Catalog appeared first on Security Affairs.

...more

LastPass was undone by an attack on a remote employee

Published: 2023-03-01 01:45:00

Popularity: 70

Author: None

Keywords:

  • News
  • LastPass
  • remote
  • work
  • worker
  • VPN
  • media player
  • compromise
  • breach
  • AWS
  • cloud
  • storage
  • Categories: News Tags: LastPass Tags: remote Tags: work Tags: worker Tags: VPN Tags: media player Tags: compromise Tags: breach Tags: AWS Tags: cloud Tags: storage The attackers responsible for the LastPass breach compromised a remote worker's computer. (Read more...) The post LastPass was undone by an attack on a remote employee appeared first on Malwarebytes Labs.

    ...more

    LastPass: Keylogger on home PC led to cracked corporate password vault

    Published: 2023-02-28 02:23:16

    Popularity: 140

    Author: Paul Ducklin

    Keywords:

  • Data loss
  • breach
  • keylogger
  • LastPass
  • malware
  • Seems the crooks implanted a keylogger via a vulnerable media app (LastPass politely didn't say which one!) on a developer's home computer.

    ...more

    LastPass: hackers breached the computer of a DevOps engineer in a second attack

    Threat actors hacked the home computer of a DevOp engineer, they installed a keylogger as part of a sophisticated cyber attack. Password management software firm LastPass disclosed a “second attack,” a threat actor used data stolen from the August security breach and combined it with information available from a third-party data breach. Then the attackers […] The post LastPass: hackers breached the computer of a DevOps engineer in a second attack appeared first on Security Affairs.

    ...more

    LastPass attackers steal source code, no evidence users’ passwords compromised

    Published: 2022-08-26 14:03:07

    Popularity: 28

    Author: Graham Cluley

    Keywords:

  • Featured Articles
  • IT Security and Data Protection
  • cyberattack
  • data breach
  • LastPass
  • password
  • password manager
  • LastPass, the popular password manager used by millions of people around the world, has announced that it suffered a security breach two weeks ago that saw attackers break into its systems and steal information. But don’t panic just yet – that doesn’t mean that all of your passwords are now in the hands of internet […]… Read More The post LastPass attackers steal source code, no evidence users’ passwords compromised appeared first on The State of Security.

    ...more

    end