PLEX streaming service reported that its software is currently completely safe and does not contain well -known vulnerabilities. Speaking on the reliability of its software forced the company to force Lastpass.
Recall, on February 28, Lastpass representatives reported that in August 2022, attackers used a vulnerability in a third-party multimedia software package, to get access to a home computer of one of the company’s Devops Engineers. Under the multimedia package, apparently, it was PLEX. This is confirmed by the internal sources of Lastpass, close to the incident. In addition, PLEX was also hacked in August last year.
According to Lastpass, having penetrated the engineer’s home computer, attackers were able to access corporate backups of confidential information of customers stored in an encrypted format.
One of the foreign media asked representatives of PLEX what they think about this situation. The answer was as follows: “We do not know about any incorrect vulnerabilities. We are always open to discussion, and pay attention to any messages related to safety problems.”
PLEX also added that they always quickly eliminate any vulnerabilities after the receipt of information about them. Thus, we can conclude that even if there was a vulnerability in PLEX in August last year, now it is already irrelevant, and the company is vouching for the safety of its product.