undefined | Better HN

0 pointsdewey1y ago0 comments

What do you mean with “last pass got hacked through plex”?

0 comments

The LastPass breach was indeed linked to a vulnerability in Plex Media Server. Attackers exploited an unpatched version of Plex on a LastPass DevOps engineer’s personal computer, enabling them to install keylogger malware. This allowed them to capture the engineer’s master password after multi-factor authentication, granting access to sensitive corporate vaults.

Notably, the Plex vulnerability had been patched in May 2020—approximately 75 versions prior to the breach. The compromise occurred because the engineer hadn’t updated their Plex software. While the flaw was in Plex, the breach underscores the critical importance of timely software updates and robust security practices. https://www.wired.com/story/lastpass-engineer-breach-securit...

deweyOP1y ago

Please don't post AI replies.

tough1y ago

it's a factual thing I learned after following the comment threads and asking the AI about it, it does link to the source article.

Why is this bad?

I will, im just wondering, would only the link to the source article been better/acceptable here?

I dont' get the hate for AI replies if they're on topic and generated by a human tbh, but ill respect it since its not first time seeing this i guess

2 more replies

j / k navigate · click thread line to collapse

0 comments

tough1y ago

deweyOP1y ago

Please don't post AI replies.

tough1y ago

it's a factual thing I learned after following the comment threads and asking the AI about it, it does link to the source article.

Why is this bad?

I will, im just wondering, would only the link to the source article been better/acceptable here?

I dont' get the hate for AI replies if they're on topic and generated by a human tbh, but ill respect it since its not first time seeing this i guess

2 more replies

j / k navigate · click thread line to collapse