Action1 Corporation, provider of the #1 cloud-native patch management platform designed for work-from-anywhere organizations, today announced that it arms IT teams with a free tool to help them identify their organization’s exposure to compromise after the LastPass breach and proactively mitigate the risk. The company empowers IT teams with automated scripting capabilities to identify all LastPass installations installed as browser extensions, and eliminate threat actors’ chances to leverage potentially weak or reused master passwords to break into organization’s critical systems by working directly with vulnerable users.
Action1 offering includes the following:
- Automated scripting capabilities, free for the first 100 endpoints.
- Free script to identify all LastPass installations installed as Chrome extensions, suitable for use through any endpoint management system.
People most often use LastPass as a browser extension; however, most RMM tools by default can identify LastPass only as an installed application, which gives IT teams a false sense of a low LastPass adoption within their users. Bearing in mind the susceptibility of most people to poor password practices, IT teams should explore their organization’s exposure to risk more thoroughly by identifying all installed LastPass browser extensions and working with vulnerable users to enforce multi-factor authentication (MFA) on their accounts and resetting their master passwords if needed.
Mike Walters, VP of Vulnerability and Threat Research at Action1.
To learn more, please visit: www.action1.com/find-lastpass-google-chrome-extensions/.