LastPass Users Report Mysterious Blocked Logins That Use Master Login Passwords
Users of QNAP NAS devices report eCh0raix ransomware attacks, Garrett walk-through metal detectors vulnerable to flaws, Supply chain company D.W. Morgan leaked data on shipments, customers, more
At least thirteen password storage company LastPass users report receiving notices of mysteriously blocked logins that use their accounts’ master login passwords despite storing those master logins in local encrypted KeePassX files. The blocked login reports are coming from various places worldwide.
Possible explanations for the activity include hackers using clipboard scrapers to obtain the master password when users cut and paste the password into LastPass, errant messages due to VPN usage, hackers gaining access to users’ unprotected files that store the password, credential stuffing attacks that use stolen passwords, or some problem stemming from a 2017 LastPass breach. (News.ycombinator.com)
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.