What's stopping the attacker? An antivirus? An EDR? as if that same scenario could not be replayed on a corporate laptop. This vault contained hard-coded AWS IAM access keys to download and decrypt backups on S3 (databases with customer data and more).įollowing this disclosure-kudos to LastPass, by the way-almost every pundit jumped to the same conclusion: " Damn it, we should forbid personal devices from accessing corporate assets ", " Companies need a strong Bring Your Own Device (BYOD) policy "…īYOD this, BYOD that. This engineer was one of the four people to have access to this vault. They installed a keylogger to sniff the master password, which gave them access to the Corporate Vault. The attacker compromised media software on a DevOps engineer's home computer. Ī quick recap for those not familiar with the incident: I specifically want to focus on the second incident. Now that everyone's heads have cooled down regarding the LastPass breach reports, I'd like to circle back to the incident and explore a few threads that were promptly ignored during the outrage that ensued.
0 Comments
Leave a Reply. |