https://www.heise.de/news/Passwortmanager-LastPass-Hacker-scheinen-Kennworttresore-zu-knacken-9300583.html
#hack #Lastpass #sicherheit #datenschutz
Total gute Idee, seine Passwörter irgendeiner Firma in die Cloud zu laden.

Wow I’m so glad I’m not into crypto. The password manager stuff is also worrying, but less scary.

https://mstdn.social/@hkrn/111015398505280809

#Security #LastPass #Crypto

#LastPass appears to be forcefully upgrading members to 600,000 iterations. (Hoorah!)
#security #password

(I still need to get off LP though..)

@protectprivacy

Why is #Lastpass recommended? A company who should probably get an award for the number of #databreaches they have had.

#Lastpass
How to completely remove your data from LastPass's servers (eventually)
https://artifact.news/s/loqajH1t4Ew=

@skullvalanche

This was literally the first lesson in my #cryptography class. Determine K1 given this database.

The same thing happened to #Sony and #Playstation a few years ago, when they did the same thing and didn't alternate the master K value.

Does #Lastpass just code without #stackoverlow and #plex updates?

After years of loyal service, I finally said goodbye to #LastPass and said hello to the new and improved #BitWarden! It was a tough decision, but I'm confident I made the right call - the security threats were just too great to ignore. Here's to better, more secure things ahead!

#InfoSec #Privacy #OpSec

Don't think I need to say it but..

DO NOT USE #LastPass

They've screwed up more times then one can say sorry

UEFI Bootkit Successfully Hits Windows 11

Gmail Now Gets Client Side Encryption (for some folks), a UEFI bootkit targets Windows 11, and the LastPass just got even worse!

#ThreatWire #Hak5 #UEFI #Windows #LastPass

https://www.youtube.com/watch?v=t2RB6K1GcC0

#LastPass Employee Could've Prevented #Hack With a Software Update
The hacker exploited a vulnerability in the #Plex Media Server software that was patched in May 2020. 'The version that addressed this exploit was roughly 75 versions ago,' Plex says. https://www.pcmag.com/news/lastpass-employee-couldve-prevented-hack-with-a-software-update

A word to the wise when migrating away from #LastPass. Make sure ALL your passwords are included when you export your data.

I just migrated my mum’s account and the CSV export cut itself off after the first 22 passwords!

@alrowell

People don't realize the importance of simple updates that are made to the #apps they use.

We often delay updates, because there are no real "new features" or "functionality", but often these updates are only for #security reasons and zero-day exploits!

#Security #Infosec #Lastpass #Lastpassbreach

Single Employee Caused Recent LastPass Data Breach. 🔑🔓 #Lastpass #DataBreach #Android #iOS
It starts with One Person not Doing Software Updates on his Home PC. https://www.androidinfotech.com/cause-lastpass-data-breach/?utm_source=dlvr.it&utm_medium=mastodon

Er komen steeds meer details naar buiten over de tweede cyberaanval op #LastPass. Wat kunnen we leren van dit incident en de maatregelen die LastPass nu pas neemt?
https://www.agconnect.nl/artikel/lessen-van-lastpass-tweede-hack-1-jaar-tijd-door-dezelfde-dader

So, to summarise https://blog.lastpass.com/2023/03/security-incident-update-recommended-actions/, what was stolen was limited to really only low-impact stuff. You know, just...encrypted vaults for all customers, customers' billing information, source code, internal documentation, devops secrets, digital certificates, API secrets for external services, MFA seeds, and the partridge in the fucking pear tree.

Y'know, #LastPass, you could have just said "omg they stole everything". Would have taken a lot less words.

Er komen steeds meer details naar buiten over de tweede cyberaanval op #LastPass vorig jaar. Deze lessen kunnen we daarvan leren.
https://www.agconnect.nl/artikel/lessen-van-lastpass-tweede-hack-1-jaar-tijd-door-dezelfde-dader

https://therecord.media/plex-unaware-of-vulnerabilities-lastpass-hacked/
#Lastpass

With the latest #Lastpass news, I just thought I would post this here.

If you need to switch #passwordmanagers, why not use one that respects your #privacy as well?

Check out this link by @privacytools

https://www.privacytools.io/secure-password-manager

#privacytools #hack #hacking #infosec #security #opensource #foss

#lastpass have released more info about their Decemeber breach, and recommended actions.
https://blog.lastpass.com/2023/03/security-incident-update-recommended-actions/

Honestly, my recommended action is to move to #1Password - while it isn't free (£36 a year), it's more user friendly and more secure (it's audited externally, which you can read here https://support.1password.com/security-assessments/)

#Security #Technology #InfoSec #Tech #News

Nå da da!
Det kunne åbenbart godt blive værre!
#Lastpass https://gizmodo.com/lastpass-data-breach-cybercriminal-cybersecurity-hacker-1850169784