I think Steve's point is that if you have all of your stuff stored in one place, if somebody gets access to that place, they have all your stuff. Whether that place is Lastpass, a TXT file or a forehead isn't particularly important.
On Tue, Mar 30, 2021 at 2:23 PM Mike Hammett <af...@ics-il.net> wrote: > Right, I read that. That doesn't mean anything. It could have just as well > said that they were previously stored in a TXT file on the desktop or > written backwards on the SysAdmin's forehead. > > > > ----- > Mike Hammett > Intelligent Computing Solutions <http://www.ics-il.com/> > <https://www.facebook.com/ICSIL> > <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> > <https://www.linkedin.com/company/intelligent-computing-solutions> > <https://twitter.com/ICSIL> > Midwest Internet Exchange <http://www.midwest-ix.com/> > <https://www.facebook.com/mdwestix> > <https://www.linkedin.com/company/midwest-internet-exchange> > <https://twitter.com/mdwestix> > The Brothers WISP <http://www.thebrotherswisp.com/> > <https://www.facebook.com/thebrotherswisp> > > > <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> > ------------------------------ > *From: *"Steve Jones" <thatoneguyst...@gmail.com> > *To: *"AnimalFarm Microwave Users Group" <af@af.afmug.com> > *Sent: *Tuesday, March 30, 2021 2:18:41 PM > *Subject: *Re: [AFMUG] Ubiquiti played fast and loose with the truth? > > from the sounds of it thats how they gained the access > > Adam says the attacker(s) had access to privileged credentials that were > previously stored in the LastPass <https://en.wikipedia.org/wiki/LastPass> > account > of a Ubiquiti IT employee, and gained root administrator access to all > Ubiquiti AWS accounts, including all S3 data buckets, all application logs, > all databases, all user database credentials, and secrets required to forge > single sign-on (SSO) cookies. > > On Tue, Mar 30, 2021 at 2:10 PM Mike Hammett <af...@ics-il.net> wrote: > >> I don't know that LastPass really had anything to do with it, other than >> that's where someone stored a password. >> >> >> >> ----- >> Mike Hammett >> Intelligent Computing Solutions <http://www.ics-il.com/> >> <https://www.facebook.com/ICSIL> >> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >> <https://www.linkedin.com/company/intelligent-computing-solutions> >> <https://twitter.com/ICSIL> >> Midwest Internet Exchange <http://www.midwest-ix.com/> >> <https://www.facebook.com/mdwestix> >> <https://www.linkedin.com/company/midwest-internet-exchange> >> <https://twitter.com/mdwestix> >> The Brothers WISP <http://www.thebrotherswisp.com/> >> <https://www.facebook.com/thebrotherswisp> >> >> >> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >> ------------------------------ >> *From: *"Steve Jones" <thatoneguyst...@gmail.com> >> *To: *"AnimalFarm Microwave Users Group" <af@af.afmug.com> >> *Sent: *Tuesday, March 30, 2021 2:06:13 PM >> *Subject: *Re: [AFMUG] Ubiquiti played fast and loose with the truth? >> >> hahaha, lastpass. I like to keep all eggs in a single basket, that way >> when i have both hands in the cookie jar, all a guy need to do is walk off >> with the basket and make an omelette >> >> On Tue, Mar 30, 2021 at 1:59 PM Cameron Crum <cc...@murcevilo.com> wrote: >> >>> We are shocked. SHOCKED I say! >>> >>> On Tue, Mar 30, 2021 at 1:18 PM Robert Andrews <i...@avantwireless.com> >>> wrote: >>> >>>> I guess I should have not just put in a link without commenting... >>>> >>>> So: >>>> >>>> Why am I surprised? >>>> >>>> On 03/30/2021 11:15 AM, Robert Andrews wrote: >>>> > >>>> https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/ >>>> > >>>> > >>>> >>>> -- >>>> AF mailing list >>>> AF@af.afmug.com >>>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>>> >>> -- >>> AF mailing list >>> AF@af.afmug.com >>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>> >> >> -- >> AF mailing list >> AF@af.afmug.com >> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >> >> -- >> AF mailing list >> AF@af.afmug.com >> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >> > > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com >
-- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
