Kwirk
Full time employment: Posting here.
- Joined
- Mar 11, 2006
- Messages
- 524
The media software package has been identified as Plex. I've not found details about the remote code execution vulnerability or whether it has been fixed.
“This was accomplished by targeting the DevOps engineer’s home computer and exploiting a vulnerable third-party media software package, which enabled remote code execution capability and allowed the threat actor to implant keylogger malware,” LastPass officials wrote. “The threat actor was able to capture the employee’s master password as it was entered, after the employee authenticated with MFA, and gain access to the Dfor his devOps engineer’s LastPass corporate vault.”
That's amazing. I wonder if Plex really needed to be on his home pc. BTW the Security Now #904 transcript previously mentioned is available. https://www.grc.com/sn/sn-904.pdf