February 28, 2023

LastPass says employee’s home computer was hacked and corporate vault taken

“This was accomplished by targeting the DevOps engineer’s home computer and exploiting a vulnerable third-party media software package, which enabled remote code execution capability and allowed the threat actor to implant keylogger malware,” LastPass officials wrote. “The threat actor was able to capture the employee’s master password as it was entered, after the employee authenticated with MFA, and gain access to the DevOps engineer’s LastPass corporate vault.”

The hacked DevOps engineer was one of only four LastPass employees with access to the corporate vault. Once in possession of the decrypted vault, the threat actor exported the entries, including the “decryption keys needed to access the AWS S3 LastPass production backups, other cloud-based storage resources, and some related critical database backups.”

Plex Media Server -> DevOps engineer’s laptop -> cloud credentials -> LastPass database

Nice! That’s a really cool supply chain exploit chain. This sort of attack vector has been discussed for decades. It’s exciting to see it finally discovered in the wild.

I’m very curious how they located the engineer to hit his Plex. As it opportunistic? They were hacking Plex servers and happen to get into this one, and when they dug deeper they got lucky? Was the engineer discovered via some extreme reconnaissance OSINT-fu? I’m so curious!

https://arstechnica.com/information-technology/2023/02/lastpass-hackers-infected-employees-home-computer-and-stole-corporate-vault/

The camera shy hoodie

Use strobing IR LEDs embedded in a hoodie to stop CCTVs from capturing your face.

https://www.macpierce.com/the-camera-shy-hoodie

Similar concept, but using a baseball cap

https://beccaricks.space/Unidentified-Halo

Chinese defence boffins ponder microwaving Starlink satellites to stop surveillance

The thrust of the paper is simple: Starlink's already huge constellation of satellites means it has occupied plenty of orbital and spectrum resources without detailing the disposition of its fleet, and China needs to get its own satellites up there ASAP if it wants to enjoy the same strategic advantages the USA derives from having SpaceX based on its soil.

https://www.theregister.com/2023/02/27/china_defence_research_starlink_countermeasures/?td=rt-3a

Using HDMI radio interference for high-speed data transfer

https://www.windytan.com/2023/02/gusing-hdmi-radio-interference-for-high.html

Reply

or to participate.