28.02.2023., 11:10
|
#122
|
|
McG
Datum registracije: Feb 2014
Lokacija: Varaždin
Postovi: 8,007
|
Friški nastavak LastPass sage ...
Citiraj:
Citiraj:
|
The company has now disclosed how the threat actors performed this attack, stating that they used information stolen in an August breach, information from another data breach, and a remote code execution vulnerability to install a keylogger on a senior DevOps engineer's computer. As only four LastPass DevOps engineers had access to these decryption keys, the threat actor targeted one of the engineers. Ultimately, the hackers successfully installed a keylogger on the employee's device by exploiting a remote code execution vulnerability in a third-party media software package. As part of today's disclosure, LastPass has released more detailed information on what customer information was stolen in the attack. Depending on the particular customer, this data is wide and varied, ranging from Multifactor Authentication (MFA) seeds, MFA API integration secrets, and to Split knowledge component (“K2”) Key for Federated business customers.
|
|
Ukratko, pokradeno im je sve moguće.  
__________________
AMD Ryzen 9 9950X | Noctua NH-U12A chromax.black | MSI MAG B650 Tomahawk Wi-Fi | 128GB Kingston FURY Beast DDR5-5200 | 256GB AData SX8200 Pro NVMe | 2x4TB WD Red Plus | Fractal Define 7 Compact | Seasonic GX-750
AMD Ryzen 5 7600 | Noctua NH-U12A chromax.black | MSI MAG B650 Tomahawk Wi-Fi | 128GB Kingston FURY Beast DDR5-5200 | 256GB AData SX8200 Pro NVMe | 2x12TB WD Red Plus | Fractal Define 7 Compact | eVGA 650 B5
|
|
|