Welcome Stranger to OCC!Login | Register

Google Finds New Bug in Last Pass

Category: General News
Posted: 03:57PM
Author:

Researcher Tavis Ormandy of Google's Project Zero has found his third Last Pass vulnerability this month, and described it as "a major architectural problem." A proof-of-concept exploit was created and sent to Last Pass by Ormandy, who was thanked by the company in a blog post. The exploit "makes it possible for malicious websites to steal user passcodes and in some cases execute malicious code on computers running the program," but Last Pass has declined to "disclose anything specific about the vulnerability or our fix that could reveal anything to less sophisticated but nefarious parties." While password managers are able to help increase security for users by generating different, complex passwords for all of the sites a user visits, they seem to be an increasing target for malicious users.

Source: Ars Technica



Register as a member to subscribe comments.
WhenKittensATK on April 02, 2017 19:36

I stopped using 3rd party password managers, once Chrome integrated it. Lastpass shouldn't be on any recommended list.

 

nzbGodsm.jpg


This news has comment postings disabled because it is now archived.

© 2001-2017 Overclockers Club ® Privacy Policy
Elapsed: 0.0275599957   (xlweb1)