Using AWS with LastPass... A major catastrophe! 30 million encrypted consumer vaults compromised

Currently reading
Using AWS with LastPass... A major catastrophe! 30 million encrypted consumer vaults compromised

Telos

Telos

Subscriber
Mentor Media Trophy Resource
4,078
1,398
NAS
DS4l8play, DS202j, DS3623xs+, DSM 7.3.3-25847
Although an initial intrusion into LastPass ended on August 12, officials with the leading password manager said the threat actor “was actively engaged in a new series of reconnaissance, enumeration, and exfiltration activity” from August 12 to August 26. In the process, the unknown threat actor was able to steal valid credentials from a senior DevOps engineer and access the contents of a LastPass data vault. Among other things, the vault gave access to a shared cloud-storage environment that contained the encryption keys for customer vault backups stored in Amazon S3 buckets.
Click to expand...
Read on...
 
Ouch. A cardinal rule of thumb where I work is not to use my business computer for anything personal, and not to use my personal computer for anything work related.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Register

Log in

Already have an account? Log in here.

Similar threads

J
Is it safe to transfer files using Chrome remote desktop
Hello! Chrome Remote Desktop is generally safe, but there are always potential risks. To enhance...
Replies
1
Views
890
Laura
Laura
M
Remote access to DS218play's shared folders using QuickConnect timing out
Welcome to the forum. While testing this over your phone is that over GSM or WIFI?
Replies
1
Views
681
Rusty
Rusty
SynoMan
LastPass users targeted in phishing attacks good enough to trick even the savvy
Like C2 Password 🤣
Replies
3
Views
467
Telos
Telos

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Register

Trending threads

Back
Top