LastPass Problems
Scott writes:
"It seems that LastPass is claiming a possible breach and has taken extraordinary measures that may be causing a bigger issue.
http://blog.lastpass.com/2011/05/lastpass-security-notification.html
Users are reporting the inability to get access to their data, and when I finally completed the REQUIRED migration process, my data appears corrupted and unusable. A second has already reported the same coruption. So this is not an isolated case.
http://forums.lastpass.com/viewtopic.php?f=12&t=24329&start=50
There is no followup from support yet, so who knows, but I strongly suspect my data is irrevocobaly lost, as that was a one time data reencrytion process (with no option to perform a backup!)
Recommendation for other LastPass users - wait until support comes back with an update."
John sent us a link to a Brian Krebs article on the topic
http://krebsonsecurity.com/2011/05/lastpass-forces-users-to-pick-another-password/
Leave a diary comment and let us know what you think about password managers and how you (hopefully) manage unique usernames and passwords for every site you visit. Personally, I have an algorithm I've developed that allows me to determine a unique username and password for every online account I have, that I can figure out when arriving at the site.
Christopher Carboni - Handler On Duty
New Incident Response Methodology Cheat Sheet
CERT Societe Generale has released a nice cheat sheet for Windows incidents. You can find this cheat sheet and other information on CERT Societe Generale at: http://cert.societegenerale.com/en/publications.html
Take a look at it and let us know if you find it useful.
Christopher Carboni - Handler On Duty
Comments