What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-03-28 09:49:56 | LastPass is scrambling to fix another serious vulnerability (lien direct) | For the second time in two weeks developers of the popular LastPass password manager are working to fix a serious vulnerability that could allow malicious websites to steal user passwords or infect computers with malware.Like the LastPass flaws patched last week, the new issue was discovered and reported to LastPass by Tavis Ormandy, a researcher with Google's Project Zero team. The researcher revealed the vulnerability's existence in a message on Twitter, but didn't publish any technical details about it that could allow attackers to exploit it.To read this article in full or to leave a comment, please click here | LastPass | ||
|
2017-03-22 14:21:49 | LastPass fixes serious password leak vulnerabilities (lien direct) | Developers of the popular LastPass password manager rushed to push out a fix to solve a serious vulnerability that could have allowed attackers to steal users' passwords or execute malicious code on their computers.The vulnerability was discovered by Google security researcher Tavis Ormandy and was reported to LastPass on Monday. It affected the browser extensions installed by the service's users for Google Chrome, Mozilla Firefox and Microsoft Edge.According to a description in the Google Project Zero bug tracker, the vulnerability could have given attackers access to internal commands inside the LastPass extension. Those are the commands used by the extension to copy passwords or fill in web forms using information stored in the user's secure vault.To read this article in full or to leave a comment, please click here | LastPass | ||
|
2017-03-22 07:15:00 | Stop using password manager browser extensions (lien direct) | It's been over a year since I presented on LostPass at ShmooCon, and in that time, many more bugs have been found in password managers. The most severe of which are in browser-based password managers extensions such as LastPass. Tavis Ormandy yesterday demonstrated a remote code execution on the latest LastPass version. This isn't the first extremely severe bug he's found in LastPass, either; there've been so many extremely severe bugs in LastPass it would be tedious to list them out. But LastPass isn't alone: Keeper, Dashlane and even 1Password have had severe vulnerabilities that allowed attackers to steal all of the passwords in a user's account without their knowledge.To read this article in full or to leave a comment, please click here | LastPass |
1
We have: 3 articles.
We have: 3 articles.
To see everything:
Our RSS (filtrered)
