Jump to content

LastPass Vulnerability May Allow Malicious Code Execution


DrGravitas
 Share

Recommended Posts

Ars Technica reports a serious architectural flaw has been discovered in the browser extension password manager LastPass. It may allow malicious websites to steal passwords or even execute malicious code. As the vulnerability was discovered by Google's Project Zero, little has been released about the exploit but the team has been given 3 months before details are released.

Personally, I prefer application-based management tools that exist without directly tying to the browser.

Link to comment
Share on other sites

if you're a fucking nerd waraboo like me and have NATO phonetic memorized you can just take easy to remember things and convert them to NATO phonetic :V

DeltaRomeoGolfRomeoAlphaVictorIndiaTangoAlphaSierra

GolfEchoOscarRomeoGolfEcho99Golf

  • Like 1
Link to comment
Share on other sites

1 hour ago, Victor-933 said:

if you're a fucking nerd waraboo like me and have NATO phonetic memorized you can just take easy to remember things and convert them to NATO phonetic :V

FoxtrotUniformCharlieKiloYankeeOscarUniformRomeoCharlieUniformNovemberTangoYankeeOscarUniformSierraHotelIndiaTangoEchoAlphaTangoIndiaNovemberGolfCharlieOscarCharlieKiloSierraUniformCharlieKiloEchoRomeoMikeAlphaNovemberEchoAlphaTangoAlphaDeltaOscarNovemberGolfFoxtrotUniformCharlieKiloIndiaNovemberGolfMikeAlphaSierraSierraEchoNovemberDeltaIndiaNovemberGolfSierraHotelIndiaTangoFoxtrotUniformCharlieKiloEchoAlphaTangoPapaEchoNovemberIndiaSierraEchoSierraIndiaNovemberYankeeOscarUniformRomeoFoxtrotUniformCharlieKiloFoxtrotAlphaCharlieEchoAlphaNovemberDeltaSierraHotelIndiaTangoOscarUniformTangoAlphaBravoOscarRomeoTangoIndiaOscarNovemberSierraOscarFoxtrotFoxtrotUniformCharlieKiloAlphaNovemberDeltaDeltaOscarSierraHotelIndiaTangoIndiaNovemberYankeeOscarUniformRomeoAlphaSierraSierraYankeeOscarUniformCharlieOscarCharlieKiloFoxtrotUniformCharlieKiloSierraHotelIndiaTangoMikeOscarNovemberKiloEchoYankeeFoxtrotUniformCharlieKiloAlphaSierraSierraWhiskeyAlphaNovemberKiloEchoRomeoFoxtrotRomeoOscarMikeTangoHotelEchoDeltaEchoPapaTangoHotelSierraOscarFoxtrotSierraHotelIndiaTango

 

Best password. :v

  • Like 2
Link to comment
Share on other sites

4 hours ago, george99g said:

Obviously, the best way to store your passwords is to write them on a sticky note and stick it to your monitor.

Neither Chinese hackers nor exploits can get those off of your sticky notes.

That was literally my first response that I went to type.

  • Like 4
Link to comment
Share on other sites

20 hours ago, Victor-933 said:

if you're a fucking nerd waraboo like me and have NATO phonetic memorized you can just take easy to remember things and convert them to NATO phonetic :V

DeltaRomeoGolfRomeoAlphaVictorIndiaTangoAlphaSierra

GolfEchoOscarRomeoGolfEcho99Golf

Do you play CMANO by any chance?

Link to comment
Share on other sites

On 3/29/2017 at 11:56 AM, george99g said:

Obviously, the best way to store your passwords is to write them on a sticky note and stick it to your monitor.

Neither Chinese hackers nor exploits can get those off of your sticky notes.

 

:v

good thing you said Chinese...nothing stopping russians...

  • Like 1
Link to comment
Share on other sites

  • 2 months later...
On 2017-03-29 at 9:56 AM, fennecbyte said:

Obviously, the best way to store your passwords is to write them on a sticky note and stick it to your monitor.

Neither Chinese hackers nor exploits can get those off of your sticky notes.

 

:v

As a Chinese hacker, can confirm.

We tried flying a camera drone up to a window to take pictures of the sticky notes and we quickly found out we were duped by a knockoff camera that had shit resolution but a great price. We couldn't make out shit about those passwords, Hyun So figures there's a Q and T in there, but I don't know, they look more like an elephant and an R to me... Anyways, we sourced out a decent camera for round two, got the drone up in the air and wouldn't you know it, the cheap plastic we made the rotor blades out of flew apart which sent our drone crashing 60ft to the ground. We blew our budget on that good camera, and now everything is broken...

We figured we'd just send an agent claiming to be a "Home Quality Inspector" to physically enter your home later on and get those passwords in person, or wait, fuck, the backspace key on my cheap knockoff keyboard just broke. Disregard that.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...