![]() ![]() We have now resolved this bug no user action is required and your LastPass browser extension will update automatically,” the company added in a blog post. “We quickly worked to develop a fix and verified the solution was comprehensive with Tavis. Once the person clicked the link, the hack required no user interaction and immediately executed an automated script which extracted your last used password. ![]() In order to exploit the bug - which possibly only existed on Google Chrome and Opera - attackers simply had to create a fraudulent link masquerading as a URL from websites someone would trust, such as Google Translate. LastPass says it rolled out an update for the browser add-on on September 13th, two weeks after the vulnerability was first reported by Ormandy. Originally discovered in August by Tavis Ormandy, a researcher from Google’s Project Zero, the security flaw allowed malicious websites to trick the browser extension into giving away credentials you entered on a previous site. ![]() The developers behind popular password manager LastPass have patched a loophole that exposed your last used password. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |