This Side of Paradise

Flare-on is a premier windows based reverse engineering CTF that has been running for 10 years now. I’ve attempted the challenge every year and I’ve not been able to go past the first challenge (which is usually a warm-up that takes about 15-20 min to solve). However, that changed this year, when I solved two (yes TWO! 😁) challenges. By the time I reached the third challenge, I had read enough about it from people who had solved it that it was way above my skill levels at this point of time. So, I’m officially throwing the towel for this year. Hopefully, I will be able to get beyond the second challenge next year.

So, LastPass posted a blog post last night with further details on the breach that occurred in Aug 2022. It’s a lot worse than what was thought. To summarise: “Some source code and technical information” was stolen from a development environment. We should assume at this point that the threat actor has access to the entire code base. The above information was used to social engineer a developer to obtain credentials and keys to access their cloud based backup storage (presumably an S3 bucket?) The threat actor was able to use this information to obtain basic customer information and unencrypted metadata. This includes names, billing addresses, mobile numbers and the IP addresses that were used to access the LastPass service. The entire customer data was copied as well - this included unencrypted data like website names and encrypted data (thankfully) like user names and passwords. The blog later on goes on to talk about the encryption used etc, which is probably of no consequence to the end user - rather it gives you a false sense of security that everything might not be as bad as it seems. But I disagree. lets recap the information the attacker has for all customers of LastPass