The LastPass Hack Somehow Gets Worse

Chinese hackers proved themselves to be as prolific and invasive as ever this week with new findings revealing that in February 2022, Beijing-backed hackers breached the email server of the Association of Southeast Asian Nations, an intergovernmental body of 10 countries in Southeast Asia. The security alert, first reported by WIRED, comes as China has stepped up its penetration in the region amid heightened tensions.

Meanwhile, with Russia facing economic sanctions over its invasion of Ukraine, the Kremlin has been trying to address loopholes in the technology sector. Now, we’ve learned, it’s hard to get a homemade Android phone off the ground this year. The National Computer Corporation, a Russian IT giant, says that it will somehow produce and sell 100,000 smartphones and tablets by the end of 2023. Although Android is an open source platform, there are steps that Google can take To restrict the license of the new device to the Russian phone which may eventually force the project to search for a different mobile operating system.

At the Distributed System and Network Security Symposium in San Diego this week, researchers from Ruhr-University Bochum and the CISPA Helmholtz Center for Information Security presented findings that DJI’s popular quadcopters communicate using unencrypted radio signals that can be intercepted to determine the location of drones, as well as the GPS coordinates of their operators. The researchers discovered the exposed communications by reverse engineering DJI’s radio protocol, DroneID.

In the United States, the long-awaited National Cybersecurity Plan finally emerged from the White House on Thursday. It focuses in part on familiar priorities such as strengthening defenses for critical infrastructure and expanding efforts to disrupt cybercriminals. But the plan also includes a proposal to shift legal responsibility for security vulnerabilities and failures onto companies that cause them, such as software makers or organizations that don’t make a reasonable effort to protect sensitive data.

If you want to do something good for your internet’s cleanliness this weekend, we’ve got a roundup of the most pressing software patches for you to download ASAP. Seriously, install it now, we’ll be waiting here.

And there are more. Each week, we round up security news we wouldn’t have covered in depth. Click on the headlines to read the full stories, and be safe there.

In December, password maker LastPass revealed that the August breach it disclosed at the end of November was worse than the company originally thought, breaching encrypted versions of some users’ password vaults, as well as other personal information. Now, the company has revealed a second incident that began in mid-August and allowed attackers to infiltrate the company’s cloud storage and infiltrate sensitive data. Attackers gained such extraordinary access by targeting a specific LastPass employee with deep system privileges

“This was achieved through targeting [a] The DevOps engineer’s home computer and exploited a compromised third-party media software package, which enabled remote code execution capability and allowed the threat actor to plant a Keylogger malware,” LastPass wrote in a situation report. “The threat actor managed to obtain the password. The employee key as entered, after employee authentication with MFA, and access to the company’s LastPass vault for the DevOps engineer.”


Leave a Reply

Your email address will not be published. Required fields are marked *