LastPass

In LastPass for Android found seven built-in trackers

German cybersecurity expert Mike Kuketz noticed that the LastPass Android app has seven trackers that monitor users. The researcher builds his findings on the report of the non-profit organization Exodus, which is described as an initiative “led by hacktivists, the goal of which is to help people understand the problems of tracking in Android applications.” even trackers were found in the password manager, including four from Google that collect data for analytics and crash reporting, as well as AppsFlyer, MixPanel and Segment. For example, the latter collects information for marketing teams, and its developers write that the tool offers to create a “single view of the customer” by profiling users and linking together their actions on different platforms (presumably to …

In LastPass for Android found seven built-in trackers Read More »

Trackers in LastPass for Android

HIBP (Have I Been Pwned?) leak aggregator opens the source code

Founder of Have I Been Pwned? (HIBP) Troy Hunt announced that after a series of unsuccessful attempts to sell the project, about which he talked this spring, he decided to open the source code. et I remind you that HIBP, founded in 2013, is a service for verifying credentials for compromise. Collecting information about various data breaches, Troy Hunt created a unique database, the services and API of which are currently used by many sites and software (including Firefox and LastPass) to promptly notify their customers of a possible compromise. Hunt writes that over the years, he has invested a lot of effort, time, and resources into the project, but he can no longer continue to develop HIBP on his …

HIBP (Have I Been Pwned?) leak aggregator opens the source code Read More »

HIBP opens source code

Experts have discovered vulnerabilities in popular password managers

Experts from York University explained how they managed to detect vulnerabilities in popular password managers. Bugs allowed malware stealing user credentials. turned out that back in 2017, researchers analyzed five popular password managers: LastPass, Dashlane, Keeper, 1Password and RoboForm. The analysis helped identify four previously unknown vulnerabilities, including one that led to the disclosure of credentials. Therefore, the most serious of the detected problems allowed the malicious application to impersonate a legitimate program and trick the password manager into revealing the stored credentials. Experts did not risk talking about their research before, as they considered it too dangerous. “The main problem affected the Android applications 1Password and LastPass, which were recognized as vulnerable to phishing attacks, as it was very …

Experts have discovered vulnerabilities in popular password managers Read More »

Vulnerabilities in popular password managers
Scroll to Top