Submitted by CrankyBear t3_11ehnrr in technology
goatAlmighty t1_jaee73q wrote
Read about that before... I wonder who the moron was that allowed an employee to install a totally unnecessary software on a machine of such importance...
LioydJour t1_jaeeudy wrote
It was their personal computer. Not their work workstation
> The attackers exploited a remote code execution vulnerability in a third-party media software package and planted keylogger malware on the employee’s personal computer. “The threat actor was able to capture the employee’s master password as it was entered, after the employee authenticated with MFA, and gain access to the DevOps engineer’s LastPass corporate vault,” the company said.
Problem here seems to be their personal master password being similar to their work one. Unless their personal vault also includes their work one which seems like a gigantic issue
goatAlmighty t1_jaeg6in wrote
I read that it happened at home, but that doesn't make anything better, imho. For something important like that, there should be a dedicated machine that is used for nothing else.
And if the employee really used the same password twice, given the company they work for, that would be unbelievably stupid.
LioydJour t1_jaekbgg wrote
The key logger was on the employee’s personal non work issued computer. Not their work station. What location it happened in is irrelevant here because you can work remotely and the expectation is your work device is just as secure as it would be on site. Nothing happened on their workstation.
They gained access to the employees master password when the employee was using their personal device and that gave them access to the employees corporate vault. That’s where it’s odd because why would they allow their employees to share their personal and work vaults. Don’t quite yet understand that link. They should be two separate accounts and two different vaults.
Viewing a single comment thread. View all comments