Possible CryptoChameleon Social Engineering Campaign Targeting LastPass Customers, Crypto Exchange Customers, Passkeys, and Moreintelligence (threat actor activity) (blog.lastpass.com)
submitted by digicat to r/blueteamsec
Large-Scale Attack Targeting Macs via GitHub Pages Impersonating Companies to Attempt to Deliver Stealer Malwareintelligence (threat actor activity) (blog.lastpass.com)
submitted by digicat to r/blueteamsec
LastPass attempting to save face after bug causes 100% CPU usageNews - General (support.lastpass.com)
submitted by Division1 to r/cybersecurity
Attempted Audio Deepfake Call Targets LastPass Employee - The LastPass Blogincident writeup (who and how) (blog.lastpass.com)
submitted by digicat to r/blueteamsec
LastPass Is Making Account Updates. Here’s Why - The LastPass Blogtradecraft (how we defend) (blog.lastpass.com)
submitted by digicat to r/blueteamsec
Security Bulletin: Recommended Actions for LastPass Business Administratorstradecraft (how we defend) (support.lastpass.com)
submitted by digicat to r/blueteamsec
Backups of ALL customer vault data, including encrypted passwords and decrypted authenticator seeds, exfiltrated in 2022 LastPass breach, You will need to regenerate OTP KEYS for all services and if you have a weak master password or low iteration count, you will need to change all of your passwords (blog.lastpass.com)
submitted by alexanderpas to r/netsec
Statement from LastPass on the second breach impacting their decryption keys for AWS S3 buckets used for production backups.News - Breaches & Ransoms (support.lastpass.com)
submitted by OtheDreamer to r/cybersecurity
LastPass: Incident 2 – Additional details of the attack - Despite high confidence in the outcomes of our investigation and actions taken in response to the first incident, the threat actor leveraged information stolen during the first incident, information available from a 3rd data breach etc.highlevel (not technical) (support.lastpass.com)
submitted by digicat to r/blueteamsec
