![]() Inherently Flawed and Targetedīoth social media websites and password management applications are treasure troves of sensitive data, ripe for the taking-as such, they make for exceptional cyber attack targets. This was painfully evident for the world's most popular business social network: LinkedIn's 167 million lost/stolen account credentials include powerful business leaders, executives, corporate strategists, and more. Alternatively, LastPass has provided an update link for manually applying the fix. ![]() The issue has since been resolved: Firefox users on LastPass 4.0. have automatically been pushed an update with the fix in version 4.1.21a. Fortunately, users must visit a specially-designed website with Firefox and the LastPass browser extension installed first in order to be exploited. Ormandy revealed that a message-hijacking bug impacting LastPass' Firefox addon could allow remote attackers to take over users' LastPass accounts and gain access to their entire password database. The latest LastPass vulnerability was reported on July 26th, 2016 by Google Security Team researcher Tavis Ormandy, perhaps most famously known for his discovery of vulnerabilities in Sophos, Symantec, and FireEye products. ![]() And-as the latest LastPass vulnerability serves to illustrate-password management solutions may no longer be a safe alternative for memorizing passwords. To be fair, these breaches occurred indirectly as a result of triggering events-for example, a massive Linkedin data breach led to Zuckerberg's Twitter account getting hijacked, but one thing is for certain: the executive leadership of the world's leading tech companies are as prone to password management mishaps as the rest of us. Facebook's Mark Zuckerberg, Google's Sundar Pichai, Twitter's Jack Dorsey, what do these three high-flying CEOs have in common? Their social media accounts were all hijacked recently due to bad password habits.
0 Comments
Leave a Reply. |