Security News

Fake LastPass lookalike made it into Apple App Store
2024-02-08 21:59

A screenshot of the fake LastPass app in the Apple App store. "Upon seeing the fake 'LassPass' app in the Apple App store, LastPass immediately began a coordinated and multi-faceted approach across our threat intelligence, legal and engineering teams to get the fraudulent app removed," Christofer Hoff, chief secure technology officer for LastPass, told The Register Thursday.

LastPass Free vs. Premium: Which Plan Is Right for You?
2024-02-08 20:02

Read on to compare LastPass Free and Premium plan features. Both the LastPass Free and Premium plans allow you to generate, save and autofill an unlimited number of passwords across websites and online applications in the LastPass Vault.

Fake LastPass password manager spotted on Apple’s App Store
2024-02-08 17:02

LastPass is warning that a fake copy of its app is being distributed on the Apple App Store, likely used as a phishing app to steal users' credentials. As LastPass is used to store very sensitive information, such as authentication secrets and credentials, the app was likely created to act as a phishing app and steal credentials.

LassPass is not LastPass: Fraudulent app on Apple App Store
2024-02-08 14:53

A fraudulent app named "LassPass Password Manager" that mimics the legitimate LastPass mobile app can currently be found on Apple's App Store, the password manager maker is warning. "The app in question is called 'LassPass Password Manager' and lists Parvati Patel as the developer. The app attempts to copy our branding and user interface, though close examination of the posted screenshots reveal misspellings and other indicators the app is fraudulent," says Mike Kosak, Senior Principal Intelligence Analyst at LastPass.

LastPass now requires 12-character master passwords for better security
2024-01-03 17:11

LastPass notified customers today that they are now required to use complex master passwords with a minimum of 12 characters to increase their accounts' security. "Historically, while a 12-character master password has been LastPass' default setting since 2018, customers still had the ability to forego the recommended default settings and choose to create a master password with fewer characters, if they wished to do so," LastPass said in a new announcement today.

Bitwarden vs LastPass 2023: Which Password Manager Is Best?
2023-12-07 21:11

In this comparison between Bitwarden and LastPass, we explore their features, security, ease of use and pricing. Find out which password manager is best for you.

LastPass breach linked to theft of $4.4 million in crypto
2023-10-30 22:46

Hackers have stolen $4.4 million in cryptocurrency on October 25th using private keys and passphrases stored in stolen LastPass databases, according to research by crypto fraud researchers who have been researching similar incidents. According to a tweet by ZachXBT on X, the threat actors stole $4.4 million from 25+ victims due to a LastPass breach in 2022.

Using Hacked LastPass Keys to Steal Cryptocurrency
2023-09-18 11:02

Remember last November, when hackers broke into the network for LastPass-a password database-and stole password vaults with both encrypted and plaintext data for over 25 million users? Well, they're now using that data break into crypto wallets and drain them: $35 million and counting, all going into a single wallet.

LastPass users furious after being locked out due to MFA resets
2023-06-24 14:15

LastPass password manager users have been experiencing significant login issues starting early May after being prompted to reset their authenticator apps. Since then, numerous users have been locked out of their accounts and unable to access their LastPass vault, even after successfully resetting their MFA applications.

CISA warns of actively exploited Plex bug after LastPass breach
2023-03-11 16:28

CISA has added an almost three-year-old high-severity remote code execution vulnerability in the Plex Media Server to its catalog of security flaws exploited in attacks. Attackers with "Admin access to a Plex Media Server could abuse the Camera Upload feature to make the server execute malicious code," according to an advisory published by the Plex Security Team in May 2020 when it patched the bug with the release of Plex Media Server 1.19.3.