![]() I'd suggest keeping an eye on this one for any PoCs that become available to get a better idea of how this is exploited in the real world and, in the mean time, patch as soon as you can. Frequently Asked Questions Students - Signing up for LastPass through the Ulster University grants you Premium Account access while you study at the University. What isn't clear is if this is a specific application or just any application - if it's any application then InfoSec teams might want to take a close look at any standard-deploy software (like EDR products) to see if they listen on raw sockets. According to Microsoft this is exploitable by sending a fragmented IP packet inside another ICMP packet, however to actually trigger the vulnerability "an application" on the target must be bound to a raw socket. Translations in context of 'comptes LastPass' in French-English from Reverso Context: Même les comptes LastPass peuvent être la cible de tentatives dhameçonnage. ![]() Hands up who remembers the Ping of Death (circa the late 90s) or it's 2013 counterpart for IPv6? Well this time we have Remote Code Execution via ICMP, but despite the base CVSS score of 9.8 it seems like this might not be as straightforward to exploit as the details suggest. Could a breach like this have occurred even without Plex being installed? Absolutely! But could it have at least raised the bar a little if it weren't? Also yes. There was a more naieve time, perhaps, when BYOD seemed like a good idea - a way to cut capital expenditure, make life easier for employees, enabled road warriors etc, but with the modern threat landscape I'm dubious, at best, that the benefits outweigh the potential costs. but, should a personal workstation even have been allowed access to LastPass' production network? BYOD has always made me nervous for precisely this reason - corporate workstations can be tightly controlled (admittedly frustratingly so, sometimes, as the end user!) while end user devices can have all manner of unapproved, potentially buggy or even outright malicious software installed on them and then connected to your corporate network. There was more than adequate time for even the most lackadasical user to update their media server software and head this whole problem off at the pass. One last thing to point out regarding this chain of events - the Plex vulnerability was disclosed in 2020, two years before this all unfolded.
0 Comments
Leave a Reply. |