• Send Us A Tip
  • Calling all Tech Writers
  • Advertise
Wednesday, June 18, 2025
  • Login
  • Register
TechStory
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
TechStory
No Result
View All Result
Home News

New: LastPass cyberattack could have blocked with a 3-year old Plex update

by Prity Khanal
March 6, 2023
in News
Reading Time: 2 mins read
0
New: LastPass cyberattack could have blocked with a 3-year old Plex update
TwitterWhatsappLinkedin

After not one, but two significant security breaches last year, LastPass lost its great name and went from being one of the best security tools available to losing its status.

You might also like

Google Pixel 10 Series to Debut Tele-Macro Camera and Tensor G5 SoC

Adobe’s Firefly Expands to iOS and Android, Bringing Powerful AI Tools to Mobile Devices

Kids Stage Virtual Protests Against ICE on Roblox as National Unrest Grows

Last week, more information about the second incident came to light. Through an exploit in Plex, a cloud storage service for movie storage and streaming, a malicious party was able to install a keylogger on a senior engineer’s home computer and access corporate-level caches as a result. However, it appears that the engineer also contributed significantly to this tragic catastrophe.

Plex has disclosed that the abovementioned attack made use of a fault that was first publicly revealed on May 7, 2020. According to the firm, the LastPass worker never upgraded their client to deploy the fix for whatever reason, according to PCMag.

By overlapping the locations of the server data directory and a library that permitted Camera Uploads, the flaw allowed people who have access to a server administrator’s Plex account to upload a malicious program through the Camera Upload functionality and have the media server run it.

That next day, the company published Plex Media Server v1.19.3 to close the vulnerability. “For reference, the version that addressed this exploit was roughly 75 versions ago,” a LastPass spokesperson said. LastPass chose not to respond to the fresh information.

Source: LastPass

What’s obvious to us is that the series of events that resulted in this breach began at the pinnacle: LastPass allowed this senior staff member to connect restricted work areas through their personal computer, creating a vulnerability that could have permitted someone to access this employee’s Plex account, run a long-patched loophole that was successful because of the aforementioned’s negligence, and then gain complete access to those restricted work areas.

Each step in this process was initiated by a choice, which may have been acceptable at the time for one reason or another. But, given the current state of affairs, LastPass will require a larger shovel to dig itself out of this grave.

 

LastPass:

LastPass is a password manager that is available as a paid subscription as well as a free version with fewer features. LastPass’ standard edition provides a web interface in addition to extensions for numerous web browsers and apps for numerous devices.

Support for bookmarklets is also available. In October 2015, LogMeIn, Inc. (now GoTo) purchased LastPass. On December 14, 2021, LogMeIn revealed that LastPass would become a separate entity and advance the delivery of its software.

 

Tags: #Cyber_attacks#Cyber_Security#ransomwareattack#Security_issues#securitybreachLastPassUpdate
Tweet54SendShare15
Previous Post

Brazilian Authority crypto numbers indicate an uptick in market

Next Post

The Play gang disclose data stolen from the City of Oakland

Prity Khanal

Prity is a content writer whose passion lies in writing to inspire others. She specialises in the field of law. With a curious mind and love for research and proficiency in creating informative narratives, she has specialised in tech, crypto, and is up-to-date with current market changes and flexible in various other fields.

Recommended For You

Google Pixel 10 Series to Debut Tele-Macro Camera and Tensor G5 SoC

by Anochie Esther
June 18, 2025
0
Pixel 10 series

Google is set to unveil its Pixel 10 series on August 20, and early leaks have already started shedding light on some exciting new features. One of the...

Read more

Adobe’s Firefly Expands to iOS and Android, Bringing Powerful AI Tools to Mobile Devices

by Anochie Esther
June 18, 2025
0
Firefly

Adobe has officially extended its Firefly platform to mobile users with the launch of dedicated apps for iOS and Android. The move signals a significant evolution in Adobe’s...

Read more

Kids Stage Virtual Protests Against ICE on Roblox as National Unrest Grows

by Harikrishnan A
June 18, 2025
0
Kids Stage Virtual Protests Against ICE on Roblox as National Unrest Grows

As political tensions over immigration enforcement continue to boil across the United States, an unexpected group has taken a stand—kids. But rather than taking to the streets, they’re...

Read more
Next Post
The Play gang disclose data stolen from the City of Oakland

The Play gang disclose data stolen from the City of Oakland

Please login to join discussion

Techstory

Tech and Business News from around the world. Follow along for latest in the world of Tech, AI, Crypto, EVs, Business Personalities and more.
reach us at [email protected]

Advertise With Us

Reach out at - [email protected]

BROWSE BY TAG

#Crypto #howto 2024 acquisition AI amazon Apple bitcoin Business China cryptocurrency e-commerce electric vehicles Elon Musk Ethereum facebook flipkart funding Gaming Google India Instagram Investment ios iPhone IPO Market Markets Meta Microsoft News NFT samsung Social Media SpaceX startup startups tech technology Tesla TikTok trend trending twitter US

© 2024 Techstory.in

No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to

© 2024 Techstory.in

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?