Last Pass breach
In this episode of the Security Squawk podcast, the hosts analyze the latest cybersecurity incident with LastPass. LastPass, a popular password manager, suffered a data breach in August 2021. The company initially reported that the attackers had gained access to the backup server, but not the encrypted vaults containing user passwords. However, a recent update reveals that the attackers were able to obtain valid credentials for a senior DevOps engineer, giving them access to LastPass' data vault, among other things. The vault contained encryption keys for customer vault backups stored in Amazon S3 buckets. It is unclear whose vaults have been compromised, but the incident highlights the risks associated with remote work and the need for stronger security measures.
Ransomware attack on US Marshal Service
In this episode, the speakers also discuss the ransomware attack which hit the US Marshal Service. The attack targeted systems that contain sensitive law enforcement information, administrative information, and personally identifiable information. It is not known if it was a targeted attack, but it is believed that the attacker exfiltrated data before the attack. It is unlikely that they will turn over the keys for the ransom, especially after the FBI's recent successful takedown of Hive. Additionally, News Corp was breached over a year ago, and employees are only now being notified. It is believed that the Chinese government was behind the attack, and some personal information was compromised. The affected parties are being offered two years of free identity protection and credit monitoring.
GoDaddy Security breach
Further, the hosts discuss a series of security breaches that have recently occurred at GoDaddy, including spear phishing attacks and compromised passwords that have resulted in the theft of sensitive information belonging to thousands of customers. Despite being labeled as the work of "sophisticated threat actors," the author argues that most hacking attacks rely on con artistry and psychological tactics, rather than technical know-how. The article also highlights the importance of domain privacy and the risks associated with transferring domain names to unverified individuals.