[PLUG] Krebs: Whistleblower: Ubiquiti Breach “Catastrophic”

JP Vossen via plug on 30 Mar 2021 16:35:31 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] Krebs: Whistleblower: Ubiquiti Breach “Catastrophic”

From: JP Vossen via plug <plug@lists.phillylinux.org>
To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Subject: [PLUG] Krebs: Whistleblower: Ubiquiti Breach “Catastrophic”
Date: Tue, 30 Mar 2021 19:35:26 -0400
Reply-to: JP Vossen <jp@jpsdomain.org>
Sender: "plug" <plug-bounces@lists.phillylinux.org>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0

https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/

Very interesting article.  If it's all true, "Catastrophic" is too mild.

I love this part:
	"Adam says the attacker(s) had access to privileged credentials that were previously stored in the LastPass account of a Ubiquiti IT employee, and gained root administrator access to all Ubiquiti AWS accounts, including all S3 data buckets, all application logs, all databases, all user database credentials, and secrets required to forge single sign-on (SSO) cookies."

Later,
JP
--  -------------------------------------------------------------------
JP Vossen, CISSP | http://www.jpsdomain.org/ | http://bashcookbook.com/
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

Prev by Date: Re: [PLUG] sec stuff
Next by Date: [PLUG] Yipes! Those Web Ads are KILLING Me!
Previous by thread: Re: [PLUG] sec stuff
Next by thread: [PLUG] Yipes! Those Web Ads are KILLING Me!
Index(es):
- Date
- Thread