Action1 Corporation, a provider of cloud-native patch management, remote access and remote monitoring and management (RMM) platform designed for work-from-anywhere organizations, announced it arms IT teams with a free tool to help them identify their organization’s exposure to compromise after the LastPass breach and proactively mitigate the risk.
The company empowers IT teams with automated scripting capabilities to identify all LastPass installations installed as browser extensions and eliminate threat actors’ chances to leverage weak or reused master passwords to break into an organization’s critical systems by working directly with vulnerable users.
Action1 offering includes:
- Automated scripting capabilities, free for the first 100 endpoints.
- Free script to identify all LastPass installations installed as Chrome extensions, suitable for use through any endpoint management system.
“People most often use LastPass as a browser extension; however, most RMM tools by default can identify LastPass only as an installed application, which gives IT teams a false sense of a low LastPass adoption within their users,” said Mike Walters, VP of Vulnerability and Threat Research at Action1. “Bearing in mind the susceptibility of most people to poor password practices, IT teams should explore their organization’s exposure to risk more thoroughly by identifying all installed LastPass browser extensions and working with vulnerable users to enforce multi-factor authentication (MFA) on their accounts and resetting their master passwords if needed.”
To learn more, visit: https://www.action1.com/find-lastpass-google-chrome-extensions/
