Zero-day flaw leaves LastPass vulnerable to attack

A Google Project Zero hacker has discovered a zero-day vulnerability in the password manager LastPass that could lead to accounts being completely compromised. The security flaw can be triggered by visiting a malicious website, and it has been confirmed to be an issue by white hat security researcher Tavis Ormandy. He has filed a full report to LastPass with a view to getting the vulnerability patched. As the security hole is yet to be fixed, full details have not been publicly released. However, Ormandy has gone as far as saying that “it’s a complete remote compromise” — something which will… [Continue Reading]


Original URL: http://feeds.betanews.com/~r/bn/~3/rYioLkBjKo4/

Original article

Comments are closed.

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑

%d bloggers like this: