Skip to Main Content
October 25, 2022

LastPass Security Vulnerability: How Credentials are Accessed in Memory

Written by Scott Nusbaum and Carlos Perez
Penetration Testing Research Security Testing & Analysis

In this video, our Principal Research Analyst Scott Nusbaum goes over his research on LastPass Password Manager. He discusses how the credentials are exposed in memory to an attacker that is present on the host and is able to access the browser process. He also goes over on how LastPass could modify their extension to further protect the credentials in memory.