In the first incident, reported in August 2022, a threat actor was able to steal credentials from a software engineer’s corporate laptop and gain access to a cloud-based development environment and steal source code, technical information, and certain LastPass internal system secrets. LastPass recently released an update on two security breaches that occurred from August through October 2022. LastPass, Security Incident Update and Recommended Actions, MaAttack Overview “ Our investigation has revealed that the threat actor pivoted from the first incident, which ended on August 12, 2022, but was actively engaged in a new series of reconnaissance, enumeration, and exfiltration activities aligned to the cloud storage environment spanning from Augto October 26, 2022.” LastPass Security Incident Update and Recommended Actions LastPass Security Bulletin: Recommended Actions for LastPass Business Administrators LastPass contained and eradicated threat actor activity LastPass Notice of Recent Security Incident The first incident occurred and was detected.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |