Posts

GoDaddy - A Multiyear Breach...

Can you believe we are at it again? Initially, I assumed that I would only post articles when I have the time (and that appeared to be a "once-a-month" gap), however looking at the number of breaches we are seeing, I'd say that we would be great at a monthly blog post, since it appears there is always a major story every month 🙈 So whats the deal with GoDaddy? Well... In short, threat actors ran and played long enough "inside" GoDaddy for nearly three years . At first, we assumed that it was just the same group that was responsible for an intrusion detected in March 2020, November 2021, and December 2022.  Although it sounds like different things went wrong each time, it was, in fact, the same group!! In the most recent breach, they found malware installed and parts of their code stolen. It's hard to say from the outside, but it would seem that GoDaddy attempted to remediate the breach, but clearly, they left something behind that allowed the attackers to m

LassPass Breach

Image
Looking at the LastPass breach... Trust us when we say it is way worse than they want you to believe... So why are we coming back to it again, what's new? There are a few things that are going on here and we do want to mention that it's not the users fault that this occurred. LastPass needs to be accountable for what happened and the quick summary if you've enjoyed too much on the Festive Season (heck we all did!) and don't know what's going on with LastPass….   Back in July/August of 2022, LastPass had a breach, and an attacker managed to construct a well-crafted phishing campaign and managed to gain access to a Dev environment in LastPass, and steal the LastPass source code. Among other things, at the time LastPass informed us all that no customer vaults were affected, that the attacker got access to some source code but it wasn't useful by itself, and that they had already taken measures to contain the breach and stop the access. Well…. 😐 Just