“Specifically, LastPass’s source code handles all users’ master passwords by necessity, so we really don’t want this to happen through the backdoor.”īassi said the hacks highlight growing threats to system security around the world, a common scenario for hackers stealing source code to understand how protecting massive secrets - in this case passwords - actually work.
That said, users are undoubtedly upset by the incident and professionals still have some questions about the software supply chain security of LastPass’s source code.
“Despite this breach, users’ master passwords are not at risk of being compromised. $100 bonus offer for new checking account customers. Well done.īonus Offer: Find a checking account that fits your lifestyle. Steve Bassi - co-founder and CEO of Polyswarm, a decentralized, crowdsourced threat-intelligence-security provider - told GOBankingRates that LastPass has developed a solution to quickly address the breach and impact users (and professionals). “While our investigation continues, we have achieved a state of control, implemented additional security measures, and saw no further evidence of unauthorized activity,” Tubba said. In response to the incident, LastPass said it has deployed “prevention and mitigation measures” and engaged a cybersecurity and forensics firm. Our products and services in general Running from there,” Taubba wrote in the post. “We have determined that an unauthorized party accessed portions of the LastPass development environment through a compromised developer account and took portions of the source code and certain proprietary LastPass technical information. CEO Karim Tubba elaborated in the post that the company detected unusual activity in parts of the LastPass development environment two weeks ago.
0 kommentar(er)
