Proprietary Failures: Microsoft and LastPass Breaches
-
Vanuatu ransomware attack claimed by RansomHouse [iophk: Windows TCO]
On December 24, RansomHouse threat actors added the government of Vanuatu to their leak site, claiming to have locked them on October 6 and exfiltrated 3.2 TB of files. A proof pack includes files that do appear to be consistent with government files. The evidence pack did not include particularly personal or sensitive files.
-
Cyber attacks set to become ‘uninsurable’, says Zurich chief [iophk: Windows TCO]
From what this blogger has seen, lack of insurance does not reduce the likelihood of an entity becoming a victim in the k-12 education sector. How many school districts have we seen that were hit and did not have any cyberinsurance to pay any ransom demands or just refused to pay ransom? Vice Society even told this blogger that the absence of cyberinsurance is not a factor for them or deterrent, and when asked about one of their recent attacks on a k-12 district, a Hive spokesperson told this blogger that they had no idea whether the victim had cyberinsurance to pay as they hadn’t checked. So maybe that approach is not likely to be as effective as some might hope.
-
Cyber threats shoot up over 60% through Nov: S.Korea [iophk: Windows TCO]
Nearly 90 per cent of the ransomware victims were small and midsized enterprises, and only 41.8 per cent of them had systems that could defend against ransomware attacks, the data added.
-
Cracking encrypted Lastpass vaults
In this post I will go into technical details on what attackers could do with the stolen encrypted vaults, specifically how they could use tools like Hashcat to crack vault passwords and get access to sensitive log-in credentials.
To simulate the stolen data, I will use my test Lastpass account to extract an encrypted vault from the Chrome Browser extension on macOS. Following this, I will use a wordlist attack to bruteforce the vault which has a weak and guessiable password.
-
[crackers] stole encrypted LastPass password vaults, and we’re just now hearing about it
If you have an account you use to store passwords and login information on LastPass, or you used to have one and hadn’t deleted it before this fall, your password vault may be in hackers’ hands. Still, the company claims you might be safe if you have a strong master password and its most recent default settings. However, if you have a weak master password or less security, the company says that “as an extra security measure, you should consider minimizing risk by changing passwords of websites you have stored.”
That might mean changing the passwords for every website you trusted LastPass to store.