Password manager LastPass had an exploit that could be abused to reveal a user’s credentials. The company has fixed the issue in its latest update, according to a blog post Monday. The problem was first found in late August by Tavis Ormandy, a security researcher from Google’s Project Zero, a team dedicated to finding exploits that can be abused by hackers.

For a hacker to take advantage of the bug, victims would have to be using the Chrome or Opera browser with the LastPass extension and then enter their password multiple times on a fake website. After several attempts, the fake site would allow a hacker to see the user’s LastPass credentials used on a previous site. Once the exploit was discovered, Ormandy informed LastPass of the issue.

Källa: LastPass fixes a major exploit


Anmäl dig till Mackens Nyhetsbrev


Du får förhandsinformation om Macken, våra planer och du får informationen, först och direkt till din mail. Vi lovar att inte skicka din information vidare och vi lovar att inte skicka ut mer än max ett nyhetsbrev per månad. Anmäl dig här