GoTo revealed that threat actors stole customers’ backups and encryption key for some of them

GoTo is notifying customers that its development environment was breached in November 2022, attackers stole customers’ backups and encryption key. GoTo, formerly LogMeIn Inc, is a flexible-work provider of software as a service (SaaS) and cloud-based remote work tools for collaboration and IT management, The company is warning customers that threat actors breached its development environment in November 2022 and stole encrypted […]

Continue Reading

GoTo now says customers’ backups have also been stolen

GoTo (formerly LogMeIn) has confirmed on Monday that attackers have stolen customers’ encrypted backups from a third-party cloud storage service related to its Central, Pro, join.me, Hamachi, and RemotelyAnywhere offerings. However, the attackers have also managed to grab an encryption key for a portion of the encrypted backups. What happened? In early December, LastPass and […]

Continue Reading

ConnectWise Quietly Patches Flaw That Helps Phishers

ConnectWise, a self-hosted, remote desktop software application that is widely used by Managed Service Providers (MSPs), is warning about an unusually sophisticated phishing attack that can let attackers take remote control over user systems when recipients click the included link. The warning comes just weeks after the company quietly patched a vulnerability that makes it […]

Continue Reading

LastPass, GoTo announce security incident

LastPass and its affiliate GoTo (formerly LogMeIn) have announced that they suffered a security incident and, in LastPass’ case, a possible data breach. “Based on the investigation to date, we have detected unusual activity within our development environment and third-party cloud storage service,” GoTo CEO Paddy Srinivasan noted, and explained that the third-party cloud storage […]

Continue Reading