<p>You might have seen <a href="https://www.gartner.com/en/newsroom/press-releases/2023-03-28-gartner-unveils-top-8-cybersecurity-predictions-for-2023-2024">this shocking prediction from Gartner</a>: <em>by 2027, 75% of employees will acquire, modify or create technology outside IT's visibility &ndash; up
from 41% in 2022.</em></p>
<p>Last year, LastPass launched the beginning of our evolution beyond password management to a secure access solution. Now, we've sharpened our focus to deliver
what lean teams truly need to operate securely.</p>
<p>We know that these teams only want the essentials when it comes to protecting their teams and their business. While other security tools present expensive,
cumbersome solutions built for orgs with dedicated security teams and large budgets, LastPass Secure Access Essentials is built for you.</p>
<p>It's <em>the</em> solution for resource-strapped IT organizations and businesses who don't have the budget, time, or technical resources to deploy those complex
tools.</p>
<div class="button-container"><a href="https://www.lastpass.com/solutions/secure-access"><button class="lp-button lp-button--primary">Try for free</button></a></div>
<h2>The Modern Access Challenge</h2>
<p>Your employees rely on more SaaS tools than ever, and not all of them are on your radar.<br />
From cloud apps and browser extensions to AI tools, today's workplaces move fast. And when anyone can implement a new app with little more than a credit card and
a dream, you can be sure that very few of them are thinking about secure access or credential management. Consider this:</p>
<ul>
    <li><strong>Risk is rising</strong>: <a href="https://cloudsecurityalliance.org/artifacts/state-of-saas-security-report-2025">CSA reports</a> 55% of organizations say employees adopt SaaS tools without Security's involvement, and 56% report sensitive data being
    uploaded to unauthorized apps &mdash; blind spots that lead to real security incidents.</li>
    <li><strong>Productivity is slipping</strong>: <a href="https://deepstrike.io/blog/password-statistics-2025?utm_source=chatgpt.com">Up to 50%</a> of IT help desk tickets are for password resets, and employees spend roughly 11 hours per year dealing with access
    issues instead of doing their jobs.</li>
    <li><strong>Costs are compounding</strong>: The average company now uses <a href="https://deepstrike.io/blog/password-statistics-2025">~106 SaaS applications</a>, each adding overhead &mdash; and every password reset can cost around $70 in support
    time.</li>
</ul>
<p>Single sign-on (SSO) can help with your core apps &mdash; the ones that you know about &mdash; but it doesn't cover everything, especially those smaller, hidden apps. And
for small and mid-sized businesses, controlling those can get expensive and time-consuming, fast.</p>
<p>That's where the security gaps start. Without a simple, customizable way to manage access, secure credentials, and monitor app usage, it's easy to lose
control. And that opens the door to risk from old accounts that still have access to sensitive info, to apps no one remembers signing up for.</p>
<p>It's no longer enough to secure passwords alone. Businesses need an approach to secure access management that's as flexible, efficient, and user-friendly as
the tools their employees actually use.</p>
<h2>What is Secure Access Essentials?</h2>
<p>Secure Access Essentials is the LastPass answer to the growing access management crisis, delivering core capabilities that work together to secure your
organization. These capabilities scale across the LastPass product, so you can start where you are and expand as your security needs grow.</p>
<p>With Secure Access Essentials, you can:</p>
<ul>
    <li><strong>Discover SaaS and AI tools</strong>: Gain visibility into which apps and AI tools your team is using, including unseen or unapproved apps. Spot risks early and
    maintain control across your SaaS landscape.</li>
    <li><strong>Control Access for Everyone</strong>: Ensure the right people have access to the right apps, systems, and data based on your policies. Easy to configure and adjust
    as your business evolves.</li>
    <li><strong>Simplify Secure Access</strong>: Securely manage how your team stores and uses passwords, with support for passkeys for faster and safer authentication.</li>
</ul>
<h2>Why does Secure Access Essentials matter?</h2>
<p>Enterprise solutions require dedicated IT teams, months of deployment, and ongoing maintenance that lean teams simply can't sustain. The cost and complexity
put security out of reach when you need it most.</p>
<p>And the stakes are high. <a href="https://deepstrike.io/blog/data-breach-statistics-2025">The average cost of a data breach</a> is $4.4 million, which can devastate small businesses. Unapproved tools lead to wasted spend and
duplicate or unused applications, while compliance violations can result in fines that put a serious dent in already constrained budgets.</p>
<p>LastPass brings together the essentials that cut complexity, strengthen protection, and make secure access effortless. Our capabilities are:</p>
<ul>
    <li><strong>Easy to manage, easier on your budget</strong>: Manage all access from a single place and skip the cost and chaos of multiple systems.</li>
    <li><strong>Designed for stronger protection with fewer roadblocks</strong>: Get strong, straightforward security that keeps your business safe and makes compliance
    easier.</li>
    <li><strong>Simple for your team + build stronger habits</strong>: When security fits naturally into the day, people actually follow it &mdash; reducing risk and boosting
    productivity.</li>
</ul>
<h2>Building on a Strong Foundation</h2>
<p>Password management is the foundation of LastPass, and it remains essential to secure access. But as security challenges mount, those challenges demand more.
That's why we've evolved beyond credentials to deliver the visibility and control modern businesses need.</p>
<p>Now organizations can also use LastPass to uncover risky SaaS and AI tools and enforce safe‑usage policies with SaaS Monitoring and SaaS Protect. And this is
just the beginning.</p>
<p>As secure access challenges expand, so will we, delivering the essentials you need to protect your business at every stage of your journey. Thanks for coming
along with us so far, and we're excited to build the future together.</p>
<p><a href="https://www.lastpass.com/solutions/secure-access"><button class="lp-button lp-button--primary">Try for free</button></a></p>

Beyond Password Management: Secure Access Essentials from LastPass

LastPass Secure Access Essentials gives resource-strapped IT teams the tools to discover SaaS apps, control access, and simplify security without the complexity.

Introducing Secure Access Essentials: Beyond Passwords to the New Reality of Work

Get LastPass Free

Create and store secure passwords for yourself, your team or business.

Why LastPass?

Remember fewer passwords and log in faster with our browser extension.

How LastPass works

LastPass zero-knowledge security model keeps your data private even from us.

Security Architecture

Compare LastPass competitors, plans, and features in one place

Compare LastPass

Overview

Password management

Save and autofill

Password generator

Password sharing

Passkeys

Dark web monitoring

Security dashboard

Key Features

Free LastPass Premium trial, no credit card required.

Free LastPass Business trial, no credit card required.

Let our experts help you find the right plan and successfully deploy LastPass.

Sync passwords across all devices, monitor password health, data breaches and much more.

Personal

Premium password management for family or group of 6 people.

Families

Personal Plans

Password vault

Save & autofill

Mobile Smart Scanner

Automatic device sync

Emergency access

Personal password sharing

FOR INDIVIDUALS

30-day free LastPass Premium trial, no credit card required.

30-day free LastPass Families trial, no credit card required.

Limited to 1 device type and basic password management features.

Designed for businesses of all sizes, from small startups to enterprises.

Business

Simplify secure access straight from the browser with more admin control.

Business Max

For single teams just getting started with password management.

Teams

Designed to keep your clients' credentials protected and private.

Business Plans

User management

SaaS Monitoring

SaaS Protect

Secure Access Essentials

Business sharing

Multifactor Authentication

Integrations

Single Sign-on

Identity management

For admins

Marketing teams

Legal teams

HR teams

Business leaders

IT admins

Solutions by role

Case studies

Webinars

Product demos

Events

Trust Center

Compliance Center

Security architecture

LastPass University

Resource Center

Pricing

Join the LastPass Partner Program to provide even more value to your customers.

Partner program overview

Managed Service Providers

Resellers

Cloud marketplaces

Technology Alliance Partners

LastPass Partner Program

Grow new revenue streams by meeting customer's security needs.

Looking for help or interested in becoming a LastPass partner? Get in touch with our partner team.

Connect with trusted LastPass Partners to support your security needs.

Partners

Self-service library of resources and guides for all LastPass products.

Support Center

Community forum

System status

Help

Personal support for all LastPass’ subscribed customers.

Support

Get LastPass free

Submit sales inquiry

Chat with sales

Request a demo

Find a partner

Contact sales

Log in

Identity-first security in the Mythos era

<ul class="ul1" style="color: #000000;">
    <li class="li1" style="margin: 0px;"><strong>If your identity tool only sees apps behind your SSO,&nbsp;it's&nbsp;missing your fastest-growing attack surface.&nbsp;</strong>The free&nbsp;SaaS and AI&nbsp;tools&nbsp;your employees&nbsp;are&nbsp;signing&nbsp;up&nbsp;for with&nbsp;corporate or&nbsp;personal emails&nbsp;are invisible&nbsp;to SSO&nbsp;and increasingly where breaches start.&nbsp;</li>
    <li class="li1" style="margin: 0px;"><strong>For lean IT teams, deployment complexity is a security risk in itself.</strong>&nbsp;An identity security tool that requires dedicated engineers to&nbsp;deploy&nbsp;and&nbsp;maintain&nbsp;means&nbsp;SaaS visibility never gets turned on.&nbsp;&nbsp;</li>
    <li class="li1" style="margin: 0px;"><strong>Your organization has days to close the gaps an AI exploit might reach.</strong>&nbsp;The right tool is the one your team&nbsp;can&nbsp;easily&nbsp;deploy&nbsp;and run&nbsp;this week, not next quarter.&nbsp;</li>
    <li class="li1" style="margin: 0px;"><strong>Shadow&nbsp;SaaS&nbsp;and&nbsp;AI visibility&nbsp;is&nbsp;now a critical part&nbsp;of identity security.</strong>&nbsp;The&nbsp;April 2026&nbsp;Vercel&nbsp;breach&nbsp;traced back&nbsp;to&nbsp;a third-party AI tool that IT&nbsp;didn't&nbsp;know existed.&nbsp;Shadow SaaS and AI are being actively exploited&nbsp;right&nbsp;now.&nbsp;</li>
    <li class="li1" style="margin: 0px;"><strong>Identity security&nbsp;without&nbsp;SaaS visibility&nbsp;leaves half the attack chain open.&nbsp;</strong>Both controls are needed to limit blast radius after an exploit succeeds.&nbsp;</li>
    <li class="li1" style="margin: 0px;"><strong>Speed matters when the attack surface is growing daily</strong>.&nbsp;LastPass SaaS Monitoring delivers immediate SaaS visibility, and SaaS Protect turns it into enforceable controls.&nbsp;</li>
</ul>

Key takeaways: Identity security in the Mythos era

FAQS: Mythos and enterprise credential security

The Mythos leak shrank the patch window to hours. See how identity-first security limits blast radius for IT teams of 50–500.

Mike Kosak

Senior Principal Intelligence Analyst

When AI Finds Every Vulnerability: Why Identity-First Security Matters in the Mythos Era (2026)

Browser‑Based Credential Attacks in 2026: What Identity Security Misses

<ul class="ul1" style="color: #000000;">
    <li class="li1" style="margin: 0px;">In 2026, the&nbsp;corporate browser is&nbsp;the new battlefield, and the prime target is workforce identities.&nbsp;</li>
    <li class="li1" style="margin: 0px;">Over 90% of incidents originate from credential reuse or incomplete identity controls.&nbsp;</li>
    <li class="li1" style="margin: 0px;">Basic&nbsp;MFA&nbsp;is no&nbsp;longer enough. Modern phishing techniques such as&nbsp;BitB&nbsp;(browser-in-the-browser),&nbsp;AiTM&nbsp;(adversary-in-the-middle),&nbsp;and&nbsp;ClickFix&nbsp;capture credentials&nbsp;and&nbsp;tokens&nbsp;inside browser sessions.&nbsp;</li>
    <li class="li1" style="margin: 0px;">Small&nbsp;and&nbsp;midmarket&nbsp;firms&nbsp;are at&nbsp;the highest&nbsp;risk&nbsp;because they often lack dedicated security&nbsp;expertise.&nbsp;So, just one&nbsp;compromised credential can lead to&nbsp;severe&nbsp;operational, financial, and reputational impact.&nbsp;</li>
    <li class="li1" style="margin: 0px;">Effective identity security now requires control at the credential layer. </li>
    <li class="li1" style="margin: 0px;">LastPass provides&nbsp;identity security&nbsp;aligned to this&nbsp;browser-first&nbsp;reality.&nbsp;&nbsp;</li>
</ul>

Key takeaways: browser based credential attacks

FAQs: Browser based credential attacks

Browser-based attacks like ClickFix and BitB now dominate initial access. See why MFA fails and what modern identity security must do in 2026.

Browser Based Credential Attacks: How Modern Identity Security Stops the Newest Variants (2026)

AI-Powered Infostealers: How Credential Theft Works in 2026

<ul class="ul1" style="color: #000000;">
    <li class="li1" style="margin: 0px;"><strong>Credential theft is&nbsp;an immediate&nbsp;business risk.</strong>&nbsp;AI‑powered&nbsp;infostealers can move from&nbsp;initial&nbsp;compromise to full credential exfiltration in as little as 72 minutes.&nbsp;</li>
    <li class="li1" style="margin: 0px;"><strong>These attacks bypass perimeter defenses by abusing trusted identities.</strong>&nbsp;Stolen credentials blend into normal activity, making breaches difficult to detect until damage is already done.&nbsp;</li>
    <li class="li1" style="margin: 0px;"><strong>The credential risk surface has expanded&nbsp;to SaaS.</strong>&nbsp;In the browser, attackers now target SaaS and AI credentials used in everyday workflows.&nbsp;</li>
    <li class="li1" style="margin: 0px;"><strong>One&nbsp;compromised account can&nbsp;lead to organization-wide exposure.</strong>&nbsp;Modern attackers routinely target endpoints and SaaS,&nbsp;leveraging&nbsp;one compromised credential to compromise an entire system.&nbsp;</li>
    <li class="li1" style="margin: 0px;"><strong>Endpoint security alone is&nbsp;not&nbsp;sufficient.</strong>&nbsp;Once credentials are stolen, prevention must happen at the identity and access layer, not after attackers authenticate as legitimate users.&nbsp;</li>
    <li class="li1" style="margin: 0px;"><strong>LastPass reduces exposure where these attacks succeed.</strong>&nbsp;By centralizing credentials, enforcing FIDO2 MFA,&nbsp;monitoring for&nbsp;compromised credentials, and&nbsp;identifying&nbsp;Shadow SaaS&nbsp;and AI usage,&nbsp;LastPass&nbsp;limits blast radius and reduces breach impact.&nbsp;</li>
</ul>

Key takeaways: AI-powered infostealers

FAQs: AI powered infostealers

AI-powered infostealers compress credential theft to 72 minutes. Learn how they work, why they're harder to detect, and how LastPass protects your business from this emerging threat.

How AI-powered Infostealers are Rewriting the Playbook on Credential Theft (2026)

Best 1Password Alternatives for Small to Midsize Businesses

Compare the top 5 1Password alternatives for small to midsize businesses. Find the best secure access tool with credential management, SaaS visibility, and admin controls. Start your free trial today.

The 5 Best 1Password Alternatives for Small to Midsize Businesses: 2026 Comparison Guide

AI Access Security for SOC 2: 2026 Audit Checklist & Controls Guide

<ul class="ul1" style="color: #000000;">
    <li class="li1" style="margin: 0px;">AI-enabled tools are increasingly&nbsp;built into browsers.&nbsp;Auditors want&nbsp;to&nbsp;see&nbsp;how access&nbsp;initiated through&nbsp;them is&nbsp;authorized, reviewed, and documented.</li>
    <li class="li1" style="margin: 0px;">SOC 2 findings related to AI-enabled tools&nbsp;frequently stem from visibility gaps,&nbsp;as&nbsp;AI&nbsp;access often&nbsp;falls&nbsp;outside the scope of legacy IAM&nbsp;coverage.</li>
    <li class="li1" style="margin: 0px;">Shadow&nbsp;AI&nbsp;can&nbsp;expand&nbsp;audit scope when it introduces access to in-scope systems.</li>
    <li class="li1" style="margin: 0px;">AI-enabled tools often have&nbsp;long-lived permissions that auditors&nbsp;may&nbsp;flag as operational&nbsp;risks.</li>
    <li class="li1" style="margin: 0px;">Logging AI activity is insufficient without attribution and tamper-resistant&nbsp;evidence, especially for SOC 2 Type 2 audits.</li>
    <li class="li1" style="margin: 0px;">To help secure AI access,&nbsp;leverage&nbsp;a solution like LastPass, which closes the Shadow AI visibility gap auditors evaluate&nbsp;under CC6.1 and CC9.1.</li>
</ul>

Key takeaways: Ensuring AI access security for your next SOC 2 audit

FAQs: SOC 2 and AI access security

Learn how to ensure AI access security for SOC 2 compliance. Discover Shadow AI risks, implement audit-ready controls, and prepare for your next SOC 2 Type 2 audit with LastPass.

How to Ensure AI Access Security for Your Next SOC 2 Audit

<p>Here's a number worth sitting with: by 2027, <a href="https://www.gartner.com/en/newsroom/press-releases/2023-03-28-gartner-unveils-top-8-cybersecurity-predictions-for-2023-2024">Gartner predicts</a> 75% of employees will acquire, modify, or create technology outside IT's visibility. For distributed teams, that number is probably already a reality. When your workforce is spread across locations, working from different environments, and leaning on a growing stack of virtual tools to stay connected, access management is beyond complicated.</p>
<h2><em>A Q&amp;A with Phillip Walters, Principal, Urban3</em></h2>
<p><a href="https://www.urbanthree.com/">Urban3</a> is a nationally distributed analysis firm that helps clients across the country make sense of complex data. Their team operates virtually, coordinating across locations with a lean structure that demands flexibility, trust, and reliable access to shared resources. We spoke with Phillip Walters, Principal at Urban3, about the access challenges that came with building a remote-first culture, and how LastPass helped them build a more secure foundation without adding overhead their team couldn't sustain.</p>
<div class="button-container"><a rel="noopener noreferrer" href="https://www.lastpass.com/trial/business?max=true" target="_blank"><button class="lp-button lp-button--primary">Try LastPass for free</button></a></div>
<h3>Q: Can you tell us about Urban3 and how your team operates?</h3>
<p><em>A: We're a geographically distributed team that provides analysis for clients all over the nation, which means we spend a lot of time in virtual meetings and rely heavily on shared digital tools. Coordination is everything for us. When your team is spread across different locations, the systems you use to stay connected and keep things running smoothly are critical.</em></p>
<h3>Q: What challenges were you running into before finding a solution?</h3>
<p><em>A: Manual sharing of credentials is slow and cumbersome. When you have multiple principals and logistical staff who need access to the same accounts, the old-fashioned approach just doesn't scale. We wanted ease of sharing and resiliency &mdash; a system that wouldn't break down if someone was unavailable, whether it was a sick day or something more serious.</em></p>
<h3>Q: What made solving this a priority when it did?</h3>
<p><em>A: Our first fully remote employee was the turning point. After that, the COVID era accelerated everything. Suddenly the need was impossible to ignore. When your entire team is working from different places, you need infrastructure that makes that possible without creating security gaps.</em></p>
<h3>Q: What made LastPass the right fit for Urban3?</h3>
<p><em>A: Honestly, it started with word of mouth &mdash; one team member had a positive personal experience, and that moved LastPass to the front of the line. What sealed it was the concept of a secure, controllable digital nerve center. We needed something that could give us functionality and confidence in our newly distributed reality. LastPass delivered that.</em></p>
<h3>Q: What has the impact been since adopting LastPass?</h3>
<p><em>A: The password vault has become our go-to tool. The most immediate impact? Meetings actually start on time. One of our logisticians can pull credentials from LastPass in minutes, which means a meeting starts three minutes late instead of being rescheduled altogether. It sounds small, but for a team of high-value thinkers, that kind of efficiency adds up. It's comparative advantage in action &mdash; our principals stay focused on high-level work while our logistical staff have everything they need to keep things running.</em></p>
<h2>A secure foundation to solve access challenges</h2>
<p>The challenges Phillip describes are ones that distributed teams everywhere will recognize. When your workforce is remote and your tools are virtual, access management becomes the connective tissue that holds everything together &mdash; and when it's handled informally &mdash; the exposure is real. Unapproved AI tools and SaaS apps, shared credentials over email, accounts tied to individuals who may not be available: these aren't edge cases. They're the norm for lean, fast-moving organizations.</p>
<p>Password management is where the Urban3 story starts &mdash; and it remains a critical foundation of secure access for any organization. But as teams grow, tools multiply, and remote work becomes permanent, the need for visibility and control across the entire access landscape grows with it. LastPass is built to meet teams where they are today and scale with them as those challenges expand.</p>
<p>Ready to give your distributed team the same foundation? Discover how LastPass Secure Access Essentials helps lean teams secure access, manage credentials, and stay productive &mdash; without the overhead.&nbsp;</p>
<div class="button-container"><a rel="noopener noreferrer" href="https://www.lastpass.com/solutions/secure-access" target="_blank"><button class="lp-button lp-button--primary">Learn more about Secure Access Essentials</button></a></div>

How Urban3's distributed team secures remote access with LastPass

Read Urban3's case study on providing secure access with LastPass, and see the impact on team efficiency.

Customer Q&A: How a Distributed Analysis Firm Secured Access for a Remote-First Team

Shadow AI & SaaS Security Risks: Close the Gaps in 2026

<ul class="ul1" style="color: #000000;">
    <li class="li1" style="margin: 0px;">Shadow AI widens security gaps by creating unmanaged access paths, with credentials, integrations, and agent connections that persist without clear ownership or centralized control.&nbsp;</li>
    <li class="li1" style="margin: 0px;">Shadow AI increases risk faster than traditional Shadow IT because it embeds access directly into everyday workflows, where credentials are created and reused outside IT visibility.&nbsp;</li>
    <li class="li1" style="margin: 0px;">Most Shadow AI risk&nbsp;doesn&rsquo;t&nbsp;come from new exploits but from identity misuse: weak authentication, missing MFA, reused credentials, and overlooked access points.&nbsp;</li>
    <li class="li1" style="margin: 0px;">Policies and periodic audits&nbsp;can&rsquo;t&nbsp;keep up with Shadow AI; effective SaaS risk management in 2026 requires continuous discovery paired with&nbsp;real‑time&nbsp;access visibility. </li>
    <li class="li1" style="margin: 0px;">LastPass&nbsp;Business Max&nbsp;surfaces Shadow AI and SaaS usage at the point of login, helping lean IT teams&nbsp;identify&nbsp;and reduce unmanaged access before it becomes an incident.&nbsp;</li>
</ul>

Key takeaways: Shadow IT revealed your gaps. Shadow AI widens them unless you do this in 2026 

FAQs: Shadow IT revealed your gaps. Shadow AI widens them unless you do this in 2026 

Shadow AI widens the gaps Shadow IT left behind. Learn how continuous SaaS discovery and access control help lean IT teams manage Shadow AI risk in 2026.     

Inside the shadows: The new SaaS security risks of Shadow AI in 2026 

<p>A lot of ink has been spilled on AI threats over the last few years and with good reason. AI is undoubtedly changing the cyber threat landscape in ways positive and negative. <a href="https://www.anthropic.com/glasswing">Anthropic&rsquo;s announcement of Project Glasswing</a> this week is a great example of a positive way (for now) AI is helping keep organizations more secure as major companies like Google, Apple, Anthropic, and NVIDIA band together to use Claude Mythos<sup>2</sup> to scan for vulnerabilities across critical software in a responsible manner. Are there concerns this capability can and will be replicated by less responsible organizations and malicious threat actors to identify and exploit vulnerabilities before they are patched? Absolutely, but we&rsquo;ll get to that another day. For now, let&rsquo;s focus on the topic of AI threats and how to frame them in a way that is manageable, particularly for small and midsized businesses that may be overwhelmed by the sheer volume of threat reporting out there. This post will be the first in a series on how to think about AI threats that will help organizations frame these issues in a way that will allow them to parse out what&rsquo;s noise and what needs action and what can be done about it. </p>
<p>For this first piece, let&rsquo;s focus on breaking down &ldquo;AI threats&rdquo; into two subdivisions&hellip;threats TO AI, which we will address in future posts, and threats FROM AI, which is what the majority of current cybersecurity media reporting is currently focused on. These threats generally fall into a few major categories; examples of these include: </p>
<ul style="list-style-type: disc;">
    <li><span style="text-decoration: underline;">Phishing</span>: &ldquo;AI-enabled phishing&rdquo; served as the bow wave of AI threats. This started largely as phishing campaigns using AI to draft higher quality emails, devoid of the typical spelling and grammar mistakes that served as the hallmark of spam for decades, before evolving to include AI-driven reconnaissance and spearphishing that enabled the creation of more targeted messages and campaigns at a larger scale. This has now progressed to the creation of whole phishing kits enabled by AI, including writing the code for interstitial (referral) pages, security research detection and obfuscation measures, and the creation of custom phishing pages. The LastPass Threat Intelligence team assesses we have seen this last phase of activity in phishing campaigns targeting our own customers, in fact. </li>
    <li><span style="text-decoration: underline;">Malware Development</span>: The use of AI to improve and even develop new and custom malware has been a long-standing concern and one that has borne out over the last few years. Threat actors are either developing unique and malicious large-language models (LLMs) to help them with this or finding ways to jailbreak legitimate models to assist in the creation and/or improvement of malware. Reports from major AI companies <a href="https://www-cdn.anthropic.com/b2a76c6f6992465c09a6f2fce282f6c0cea8c200.pdf">such as Anthropic</a> confirm these efforts and again, our own analysis has uncovered indicators of AI involvement in the creation of custom phishing kits which, while not malware per se, demonstrate the use of AI to create code with malicious intent.</li>
    <li><span style="text-decoration: underline;">Deep Fakes and Disinformation</span>: This category refers to the use of AI to generate deliberately misleading written, audio, or video material. The use of deep fakes has long been a concern but is becoming more of a reality in cyber attacks targeting organizations, most notable in recent campaign by North Korea in which nation-state cyber threat actors leverage deep fakes of whole teams to arrange virtual meetings with individuals generally with goal of compromised their machine and/or network to enable further attacks targeting credentials, tokens, and/or cryptocurrency. The recent supply chain attack <a href="https://github.com/axios/axios/issues/10636#issuecomment-4180237789">targeting the Axios software on npm</a> is a great example of this. </li>
    <li><span style="text-decoration: underline;">Increased Speed and Scale of Operations</span>: Just as many people are, cyber threat actors are using AI (particularly agentic AI) to automate their operations, allowing them to plan and execute their attacks at unprecedented speed and scales. A <a href="https://assets.anthropic.com/m/ec212e6566a0d47/original/Disrupting-the-first-reported-AI-orchestrated-cyber-espionage-campaign.pdf">separate Anthropic report from last November</a> detailed an extensive cyberespionage campaign linked to Chinese nation-state threat actor that was orchestrated by AI and since then, there are increasing indications these approaches are being leveraged by a broader range of threat actors. </li>
    <li><span style="text-decoration: underline;">Lowered Technological Barrier of Entry</span>: &ldquo;Vibe coding&rdquo; isn&rsquo;t just for people looking to create their killer app&hellip; cyber threat actors are doing it, too. The derisive terms &ldquo;script kiddies&rdquo; or &ldquo;skiddos&rdquo; have been around in cybersecurity forever, referring to individuals using simple techniques or scripts to attempt to conduct cyber attacks&hellip; for a long time, this was largely a nuisance issue, particularly for well-defended organizations. Now, however, AI is allowing &ldquo;n00bs&rdquo; to pose legitimate threats as they are able use AI tools to create and launch various attacks, similar to what we discussed above. When these &ldquo;&rsquo;bad vibe&rsquo; coding&rdquo; attacks are combined with the larger &ldquo;evil-as-a-service&rdquo; cybercrime ecosystem (ransomware-as-a-service, phishing-as-a-service, etc.), these relatively unsophisticated threat actors become serious concerns that can punch well above their weight. </li>
</ul>
<p>This list is by no means exhaustive but it does demonstrate the threats organizations are facing FROM AI&hellip; in other words, those threats that are enabled by AI. The good news is that while these threats generate a lot of reporting, for the most part, existing controls when well-implemented can mitigate much of the threat from these. Remember, the TYPES of attacks associated with the points above aren&rsquo;t fundamentally different from what existed previously, it is HOW they are creating and conducting them that is largely changing. I would argue the largest shift on this front right now is the last bullet point: the threat environment is growing because just about anyone with a computer and a bad attitude can now jump into the cybercrime ecosystem, which means there are MORE attacks to worry about. But again, passwords, MFA, passkeys, patching, and other basic cyber hygiene measures can address most of these concerns. </p>
<p>Stay tuned as we move on in this series&hellip; next up, we will start to dig into threat TO AI, starting with a look at why the use of AI by organization creates a unique threat model and how to frame these threats in a way that can help you address them in an organized and methodical manner. </p>

Thinking About Cyber Threats in the Age of AI

This blog post focuses on the topic of AI threats and how to frame them in a way that is manageable, particularly for small and midsized businesses that may be overwhelmed by the sheer volume of threat reporting out there. This post will be the first in a series on how to think about AI threats that will help organizations frame these issues in a way that will allow them to parse out what’s noise and what needs action and what can be done about it. 

“Well, We Had a Good Run”: Thinking About Cyber Threats in the Age of AI

Your Survival Guide to Infosecurity Europe, ExCeL London June 2-4, 2026: The Event Attackers Wish You’d Skip

<ul class="ul1" style="color: #000000;">
    <li class="li1" style="margin: 0px;">Infosecurity&nbsp;Europe&nbsp;will be held in&nbsp;ExCeL&nbsp;London, from June 2-4, 2026.&nbsp;&nbsp;</li>
    <li class="li1" style="margin: 0px;">Don't&nbsp;wait: Registration for&nbsp;Infosecurity&nbsp;Europe&nbsp;is free up to May 4th, 2026, for all passes except SANS Institute Workshops. On May 5<sup>th</sup>,&nbsp;you&rsquo;ll&nbsp;pay &pound;49+VAT.&nbsp;</li>
    <li class="li1" style="margin: 0px;">This year&rsquo;s hottest topics will focus on agentic AI, emerging ransomware tactics, the post quantum threat, and the shrinking gap between misconfiguration and exploitation.&nbsp;</li>
    <li class="li1" style="margin: 0px;">Yes! LastPass, a leading global Secure Access provider, will be at&nbsp;Infosecurity&nbsp;Europe&nbsp;2026. Scroll down to see how to win&nbsp;exclusive&nbsp;swag and bag a 1:1 meet with a LastPass executive. </li>
    <li class="li1" style="margin: 0px;">All work and no play makes for a dull day. See the FAQ section for the best dining options and the London attractions you&nbsp;don&rsquo;t&nbsp;want to miss.&nbsp;</li>
</ul>

Key takeaways: Infosecurity Europe

FAQs: Infosecurity Europe 2026

Everything you need to know about Infosecurity Europe 2026 — dates, passes, top sessions, networking events, and what's waiting at the LastPass booth (D104).

Identity is no longer a person — it's anything that can take action in your environment. Non-human identities (NHIs) now outnumber human users in most environments. From a threat perspective, that means the number of credentials organizations have to lock down has increased exponentially.

Non‑Human Identities Are a Growing AI Security Risk — Here’s Why

<ul class="ul1" style="color: #000000;">
    <li class="li1" style="margin: 0px;">Non-human identities increase security risks by introducing&nbsp;persistent access paths, as their credentials rarely expire, rotate, or map to accountable owners.&nbsp;</li>
    <li class="li1" style="margin: 0px;">You&nbsp;don&rsquo;t&nbsp;need a dedicated security team to make&nbsp;progress.The&nbsp;fastest risk reduction comes from knowing where access exists, assigning ownership, and enforcing repeatable credential hygiene.&nbsp;</li>
    <li class="li1" style="margin: 0px;">Unapproved AI and SaaS app usage&nbsp;is&nbsp;the primary multiplier of NHI risk.&nbsp;</li>
    <li class="li1" style="margin: 0px;">Ownership is the most&nbsp;effective&nbsp;missing control. Non‑human identities may not&nbsp;map to&nbsp;employees, but they should still have accountable human owners to prevent orphaned access.&nbsp;</li>
    <li class="li1" style="margin: 0px;">Centralizing shared credentials and applying basic access policies is the first step in effective credential rotation.&nbsp;</li>
    <li class="li1" style="margin: 0px;">LastPass can help govern the access behaviors, SaaS usage, and credential practices attackers exploit to reach machine environments.</li>
</ul>

   Key takeaways: non-human identities — the security risk that’s flying under your radar

FAQs: Non-human identities: The security risk that’s flying under your radar

 Non-human identities are multiplying faster than teams can manage. Learn what NHIs are, why they're a growing risk, and how to reduce your exposure.

<p>A great onboarding experience sets new hires up for success from day one, helping team members understand their role, build relationships with their
teammates, and start contributing faster. And when the process is smooth and well-organized, it reflects positively on your company culture before your hew
hires even finished their first week.</p>
<p>The best onboarding programs include structured schedules, clear expectations, mentorship, and secure ways to share access to the tools new hires need. A
Secure Access solution like&nbsp;<a class="Hyperlink SCXW137436711 BCX0" href="https://www.lastpass.com/" target="_blank" rel="noopener noreferrer" style="color: inherit; background-color: #ffffff; margin: 0px; padding: 0px;"><span data-contrast="none" class="TextRun Underlined SCXW137436711 BCX0" style="margin: 0px; padding: 0px; color: #1155cc;"><span class="NormalTextRun SCXW137436711 BCX0" data-ccp-charstyle="Hyperlink" style="margin: 0px; padding: 0px;">LastPass</span></span></a><span data-contrast="auto" class="TextRun SCXW137436711 BCX0" style="background-color: #ffffff; margin: 0px; padding: 0px; color: #000000;"><span class="NormalTextRun SCXW137436711 BCX0" style="margin: 0px; padding: 0px;"></span></span> can help with making credential handoffs simple for IT and new employees alike.</p>
<div class="button-container"><a href="https://www.lastpass.com/trial/business?max=true"><button class="lp-button lp-button--primary">Try Business Max</button></a></div>
<p>Below are ten onboarding best practices worth building into your process.</p>
&nbsp;
<div id="calloutcontent1">&nbsp;</div>
<h2>How to build a great employee onboarding experience</h2>
<h3>1. Start the onboarding process before day one</h3>
<p>The best onboarding experiences begin before your new hire walks through the door. Starting early is your chance to handle administrative tasks like
paperwork, tax forms, and benefits enrollment so team members aren't buried in logistics on their first day.</p>
<p>Send a welcome email that includes what to expect during the first week, who to meet, and any reading materials that might help with getting up to speed.
Include practical details too, like where to go on arrival, what time to show up, and who to ask for at reception.</p>
<p>This early communication signals that your company is organized and that you're genuinely excited to have them join. It also gives new hires time to prepare
questions and mentally shift into their new role.</p>
<h3>2. Have all accounts and tools ready to go on arrival</h3>
<p>Before your new hire arrives, make sure their laptop is configured, accounts are created, and all necessary applications are installed. This way, your
people can focus on learning and meeting the team instead of waiting for IT access.</p>
<p>This requires coordination between HR, IT, and the hiring manager. Create a checklist of every tool and account the role needs. Does the new hire need
access to your CRM? Project management software? Communication tools like Slack or Teams? Get all of this sorted ahead of time.</p>
<p>A solution with password management makes credential handoffs much easier. Instead of sending login details through insecure channels, you can share access
through&nbsp;<a class="Hyperlink SCXW98463182 BCX0" href="https://www.lastpass.com/features/shared-folders" target="_blank" rel="noopener noreferrer" style="color: inherit; background-color: #ffffff; margin: 0px; padding: 0px;"><span data-contrast="none" class="TextRun Underlined SCXW98463182 BCX0" style="margin: 0px; padding: 0px; color: #467886;"><span class="NormalTextRun SCXW98463182 BCX0" data-ccp-charstyle="Hyperlink" style="margin: 0px; padding: 0px;"></span></span></a><a class="Hyperlink SCXW98463182 BCX0" href="https://www.lastpass.com/features/shared-folders" target="_blank" rel="noopener noreferrer" style="color: inherit; background-color: #ffffff; margin: 0px; padding: 0px;"><span data-contrast="none" class="TextRun Underlined SCXW98463182 BCX0" style="margin: 0px; padding: 0px; color: #1155cc;"><span class="NormalTextRun SCXW98463182 BCX0" data-ccp-charstyle="Hyperlink" style="margin: 0px; padding: 0px;">encrypted folders</span></span></a><span data-contrast="auto" class="TextRun SCXW98463182 BCX0" style="background-color: #ffffff; margin: 0px; padding: 0px; color: #000000;"><span class="NormalTextRun SCXW98463182 BCX0" style="margin: 0px; padding: 0px;">&nbsp;</span></span> that keep sensitive information protected.</p>
<p><a href="https://www.lastpass.com/trial/business?max=true"><button class="lp-button lp-button--primary">Try Business Max</button></a></p>
<h3>3. Assign a buddy or mentor for the first few weeks</h3>
<p>New employees often have questions they might hesitate to ask their manager. That's where an onboarding buddy comes in. This person serves as a friendly
resource for the day-to-day questions that don't quite warrant a meeting.</p>
<p>Choose a buddy who knows the company well and genuinely enjoys helping others. This shouldn't feel like a burden for either party. The buddy can explain
unwritten rules, introduce new hires to colleagues, and help them navigate office culture.</p>
<p>Regular informal check-ins with the buddy during the first few weeks help new hires feel more comfortable and connected. It's also a chance for them to hear
honest perspectives about what it's really like to work at your company.</p>
<h3>4. Create a structured first-week schedule</h3>
<p>A clear first-week schedule helps new hires know exactly what to expect and where to focus their energy.</p>
<p>Map out each day with a mix of orientation sessions, team introductions, training, and independent time. Build in breaks so new hires aren't overwhelmed
with back-to-back meetings. Include time for them to explore their tools, read documentation, and ask questions.</p>
<p>Share the schedule before the start date so team members know what's coming. Knowing what to expect helps reduce first-day nerves and allows employees to
arrive ready to engage.</p>
<h3>5. Set clear 30-60-90-day expectations and goals</h3>
<p>New hires want to know what success looks like in their role. Clear goals give them focus and direction.</p>
<p>Work with the hiring manager to define specific, measurable objectives for the first 30, 60, and 90 days. Think about what skills new hires need to develop,
what projects they should be involved in, and how much independence they should have by each milestone. The specifics will vary depending on the role, but
having clear benchmarks gives new hires something concrete to work toward.</p>
<p>Write these expectations down and review them together. Check in regularly to track progress and adjust goals if needed. This framework gives new hires a
roadmap and reassures them that they're on track.</p>
<h3>6. Introduce company culture early</h3>
<p>Onboarding often focuses heavily on compliance training and policy reviews. While these are necessary, they don't tell new hires who you really are as a
company. Culture needs intentional introduction too.</p>
<p>Share your company's mission, values, and the "why" behind what you do. Explain how teams collaborate, how decisions get made, and what behaviors are
celebrated. If possible, have leadership share the company's story directly.</p>
<p>Introduce new hires to different departments early on, even if they won't work together directly. This helps your new team members understand how their role
fits into the bigger picture and builds cross-functional relationships from the start.</p>
<h3>7. Use secure systems to share credentials and sensitive access</h3>
<p>Email and Slack messages weren't designed for sharing login credentials. <a class="Hyperlink SCXW34812729 BCX0" href="https://www.lastpass.com/password-manager" target="_blank" rel="noopener noreferrer" style="color: inherit; background-color: #ffffff; margin: 0px; padding: 0px;"><span data-contrast="none" class="TextRun SCXW34812729 BCX0" style="margin: 0px; padding: 0px; color: #1155cc;">Password management</span></a>&nbsp;offers a better way to get new hires the access they need.</p>
<p>With password management, you can share specific credentials through encrypted folders and control exactly what each person can see. When permissions change
or someone leaves, you can revoke access in a few clicks.</p>
<p><a href="https://www.lastpass.com/trial/business?max=true"><button class="lp-button lp-button--primary">Try Business Max</button></a></p>
<p>This keeps sensitive information protected while making life easier for IT. New employees get what they need on day one, and admins stay in control.</p>
<h3>8. Schedule regular check-ins throughout the first 90 days</h3>
<p>Regular check-ins with their manager help new hires feel supported, answer questions early, and show that you're invested in their success.</p>
<p>Weekly one-on-ones during the first month work well, then you can shift to biweekly as they settle in. Use these conversations to discuss how onboarding is
going, what's working, and where new hires need more support.</p>
<p>Check-ins also give managers insight into how the onboarding process itself is performing. If the same questions or frustrations keep coming up, that's
feedback you can use to improve things for future hires.</p>
<h3>9. Don't overwhelm new hires with everything at once</h3>
<p>It's tempting to front-load onboarding with every piece of information a new hire might eventually need. But too much too fast leads to information
overload. People can only absorb so much before details start slipping through the cracks.</p>
<p>Prioritize what's essential for the first week and save deeper training for later. New employees don't need to master every system on day two. Conduct your
training in phases so new hires can build competence gradually rather than feeling buried.</p>
<p>Give new employees permission to learn at their own pace where possible. Let them know it's okay to revisit training materials and ask questions later. This
takes the pressure off and leads to better retention.</p>
<h3>10. Collect feedback to improve your onboarding process</h3>
<p>Onboarding isn't a one-and-done project. The best programs evolve based on input from the people who go through them. Ask new hires for feedback at multiple
points: after week one, after 30 days, and after 90 days.</p>
<p>Keep questions specific. What felt confusing? What information did they wish they had sooner? What surprised them about the company or role? Their fresh
perspective is invaluable because they notice things long-term employees no longer see.</p>
<p>Use this feedback to make tangible improvements. When new hires see their input put into action, it reinforces that their voice matters, which is itself a
powerful onboarding experience.</p>
<h2>How LastPass helps you onboard employees securely</h2>
<p>LastPass makes it easy to share credentials with new hires securely. You can organize passwords into shared folders by team, department, or project, and
grant new employees access to exactly what they need for their role. Instead of sending logins over email or Slack, everything stays <a class="Hyperlink SCXW72345596 BCX0" href="https://www.lastpass.com/security" target="_blank" rel="noopener noreferrer" style="color: inherit; background-color: #ffffff; margin: 0px; padding: 0px;"><span data-contrast="none" class="TextRun Underlined SCXW72345596 BCX0" style="margin: 0px; padding: 0px; color: #467886;"><span class="NormalTextRun SCXW72345596 BCX0" data-ccp-charstyle="Hyperlink" style="margin: 0px; padding: 0px;"></span></span></a><a class="Hyperlink SCXW72345596 BCX0" href="https://www.lastpass.com/security" target="_blank" rel="noopener noreferrer" style="color: inherit; background-color: #ffffff; margin: 0px; padding: 0px;"><span data-contrast="none" class="TextRun Underlined SCXW72345596 BCX0" style="margin: 0px; padding: 0px; color: #1155cc;"><span class="NormalTextRun SCXW72345596 BCX0" data-ccp-charstyle="Hyperlink" style="margin: 0px; padding: 0px;">encrypted and protected</span></span></a>.</p>
<p class="Paragraph SCXW258403471 BCX0" paraid="527509673" paraeid="{c2c859ec-0995-4779-b1ad-7eb5bde0ba4e}{118}" style="color: windowtext; background-color: transparent; margin: 16px 0px; padding: 0px;"><span data-contrast="auto" class="TextRun SCXW258403471 BCX0" style="margin: 0px; padding: 0px;">If your company uses an&nbsp;</span><a class="Hyperlink SCXW258403471 BCX0" href="https://www.lastpass.com/features/directory-integration" target="_blank" rel="noopener noreferrer" style="color: inherit; margin: 0px; padding: 0px;"><span data-contrast="none" class="TextRun Underlined SCXW258403471 BCX0" style="margin: 0px; padding: 0px; color: #467886;"><span class="NormalTextRun SCXW258403471 BCX0" data-ccp-charstyle="Hyperlink" style="margin: 0px; padding: 0px;"></span></span></a><a class="Hyperlink SCXW258403471 BCX0" href="https://www.lastpass.com/features/directory-integration" target="_blank" rel="noopener noreferrer" style="color: inherit; margin: 0px; padding: 0px;"><span data-contrast="none" class="TextRun Underlined SCXW258403471 BCX0" style="margin: 0px; padding: 0px; color: #1155cc;"><span class="NormalTextRun SCXW258403471 BCX0" data-ccp-charstyle="Hyperlink" style="margin: 0px; padding: 0px;">identity provider</span></span></a><span data-contrast="auto" class="TextRun SCXW258403471 BCX0" style="margin: 0px; padding: 0px;">&nbsp;like Microsoft Entra ID, Google Workspace, Okta, or OneLogin, LastPass can automatically create accounts for new hires when you add them to your directory. This saves time and means one less thing for IT to set up manually.</span><span class="EOP SCXW258403471 BCX0" data-ccp-props="{'134233117':false,'134233118':false,'201341983':0,'335559738':240,'335559739':240,'335559740':276}" style="margin: 0px; padding: 0px;"></span></p>
<p class="Paragraph SCXW258403471 BCX0" paraid="1503984376" paraeid="{c2c859ec-0995-4779-b1ad-7eb5bde0ba4e}{120}" style="color: windowtext; background-color: transparent; margin: 16px 0px; padding: 0px;"><span data-contrast="auto" class="TextRun SCXW258403471 BCX0" style="margin: 0px; padding: 0px;">And if someone forgets their master password during their first week, LastPass offers several</span><a class="Hyperlink SCXW258403471 BCX0" href="https://support.lastpass.com/help/about-account-recovery-options-in-lastpass" target="_blank" rel="noopener noreferrer" style="color: inherit; margin: 0px; padding: 0px;"><span data-contrast="none" class="TextRun Underlined SCXW258403471 BCX0" style="margin: 0px; padding: 0px; color: #467886;"><span class="NormalTextRun SCXW258403471 BCX0" data-ccp-charstyle="Hyperlink" style="margin: 0px; padding: 0px;">&nbsp;</span></span></a>&nbsp;<a class="Hyperlink SCXW258403471 BCX0" href="https://support.lastpass.com/help/about-account-recovery-options-in-lastpass" target="_blank" rel="noopener noreferrer" style="color: inherit; margin: 0px; padding: 0px;"><span data-contrast="none" class="TextRun Underlined SCXW258403471 BCX0" style="margin: 0px; padding: 0px; color: #1155cc;"><span class="NormalTextRun SCXW258403471 BCX0" data-ccp-charstyle="Hyperlink" style="margin: 0px; padding: 0px;">recovery options</span></span></a><span data-contrast="auto" class="TextRun SCXW258403471 BCX0" style="margin: 0px; padding: 0px;"><span class="NormalTextRun SCXW258403471 BCX0" style="margin: 0px; padding: 0px;">&nbsp;so&nbsp;</span><span class="NormalTextRun SCXW258403471 BCX0" style="margin: 0px; padding: 0px;">news hires&nbsp;</span><span class="NormalTextRun SCXW258403471 BCX0" style="margin: 0px; padding: 0px;">aren&rsquo;</span><span class="NormalTextRun SCXW258403471 BCX0" style="margin: 0px; padding: 0px;">t</span><span class="NormalTextRun SCXW258403471 BCX0" style="margin: 0px; padding: 0px;">&nbsp;stuck waiting on IT.</span></span><span class="EOP SCXW258403471 BCX0" data-ccp-props="{'134233117':false,'134233118':false,'201341983':0,'335559738':240,'335559739':240,'335559740':276}" style="margin: 0px; padding: 0px;"></span></p>
<p class="Paragraph SCXW258403471 BCX0" paraid="910223111" paraeid="{c2c859ec-0995-4779-b1ad-7eb5bde0ba4e}{122}" style="color: windowtext; background-color: transparent; margin: 16px 0px; padding: 0px;"><a class="Hyperlink SCXW258403471 BCX0" href="https://www.lastpass.com/" target="_blank" rel="noopener noreferrer" style="color: inherit; margin: 0px; padding: 0px;"><span data-contrast="none" class="TextRun Underlined SCXW258403471 BCX0" style="margin: 0px; padding: 0px; color: #1155cc;"><span class="NormalTextRun SCXW258403471 BCX0" data-ccp-charstyle="Hyperlink" style="margin: 0px; padding: 0px;">Try LastPass free</span></span></a><span data-contrast="auto" class="TextRun SCXW258403471 BCX0" style="margin: 0px; padding: 0px;">&nbsp;and see how it fits into your onboarding process.</span></p>
<div id="callout">&nbsp;</div>

10 employee onboarding best practices in 2026

<ul class="ul1" style="color: #000000;">
    <li class="li1" style="margin: 0px;">Starting onboarding&nbsp;before day one helps new hires feel prepared and reduces first-day anxiety.&nbsp;</li>
    <li class="li1" style="margin: 0px;">Having accounts and credentials ready through a tool like LastPass&nbsp;eliminates&nbsp;frustrating access delays.&nbsp;</li>
    <li class="li1" style="margin: 0px;">Assigning mentors and scheduling regular check-ins keeps new employees engaged and supported.&nbsp;</li>
    <li class="li1" style="margin: 0px;">Clear&nbsp;30-60-90-day&nbsp;goals give new hires direction and measurable milestones to work toward. </li>
    <li class="li1" style="margin: 0px;">Collecting feedback throughout onboarding helps you&nbsp;identify&nbsp;gaps and improve the process over time.&nbsp;</li>
</ul>

Key takeaways: Employee onboarding best practices

FAQs about employee onboarding best practices

Discover employee onboarding best practices that help new hires succeed from day one, including secure credential sharing and structured schedules.

10 Employee Onboarding Best Practices to Start Your Employee Off in the Right Direction

<p>One chapter in the saga of infostealer malware has ended&mdash;at least for now&mdash;after a global law enforcement takedown of Lumma Stealer in mid-May. US, European, and Japanese authorities, with the help of tech companies including Microsoft and Cloudflare, took down, suspended, and blocked approximately 2,300 malicious domains that made up part of the infostealer&rsquo;s backbone. The FBI also seized domains that served as login panels allowing other criminals to access and use the infostealer. Although, this seizure is intended to effectively prevent criminals from being able to access Lumma to compromise computers and steal data, the overall stealer threat will remain prevalent for the foreseeable future. </p>
<p><em>(Interested in learning more about the infostealer threat outlook? Read the LastPass TIME team&rsquo;s threat predictions and analysis on </em><a href="https://blog.lastpass.com/posts/2025-cybersecurity-trends"><em>what direction infostealers and other threats are heading</em></a><em>.) </em></p>
<h2>What is Lumma?</h2>
<p><strong><em> </em></strong></p>
<p>Lumma Stealer, also known as LummaC2, dominated the expanding stealer market with significant campaigns since it emerged as early as late 2022. Since its initial release, Lumma&rsquo;s developers have released multiple upgraded versions of the software. Before the malware-as-a-service (MaaS) platform was dismantled, the FBI linked Lumma to around <a href="https://www.malwarebytes.com/blog/news/2025/05/lumma-information-stealer-infrastructure-disrupted">10 million infections</a> globally. Lumma&rsquo;s follow-on attacks involving stealing credentials, cryptocurrency data, and credit card information have resulted in an estimated <a href="https://cyberscoop.com/lumma-infostealer-widespread-victims/">$36.5 million USD</a> in credit card theft in 2023. The malware hit individuals and a wide range of industries, including Fortune 500 companies, airlines, universities, banks, and hospitals. </p>
<p>What makes this stealer particularly effective is that it continues to evolve to bypass security layers even as defenders are responding to the threat. On top of grabbing browser-stored passwords and cookies, it&rsquo;s also capable of extracting autofill data, email credentials, File Transfer Protocol (FTP) data, and two-factor authentication tokens and backup codes. Using its MaaS platform, its creators sold access to the malware on multiple underground markets and platforms like Telegram. </p>
<h2>What comes next?</h2>
<p><strong><em> </em></strong></p>
<p>This takedown is a major win for law enforcement and will help disrupt the initial access broker ecosystem in the near term. However, this is an ecosystem that has demonstrated its resilience again and again. The number of existing infostealer families, the open access to numerous source codes of previous infostealers, and the constant demand create a lucrative environment with very low barriers to entry. Given the resiliency of this market, other infostealer will likely quickly step in and fill in the gaps left after the Lumma takedown. </p>
<p>A similar pattern previously played out with other similar takedowns. On October 28, 2024, Operation Magnus disrupted the RedLine and META infostealers. RedLine was a significant stealer last year up until the takedown, after which Lumma grew in popularity and took over a portion of the market share previously held by RedLine. Redline infected 9.9 million hosts, or 43% of all infostealer infections observed by Flashpoint in 2024. The next four most-prolific infostealers in 2024, including RisePro, SteaC, Lumma Stealer, and Meta Stealer, infected a <a href="https://cyberscoop.com/infostealers-cybercrime-surged-2024-flashpoint/">combined 7 million hosts</a>. </p>
<p>We expect to see something similar following the Lumma Stealer takedown operation. The disruption effect following takedown is real, but there are still some new infections and logs for sale that were likely stolen before the infrastructure was taken down. Additionally, just because Lumma&rsquo;s infrastructure was dismantled, a lot of the data it stole likely continues to live on the dark web&mdash;thanks to the cybercriminal ecosystem that resells this information. <span>Additionally, <a href="https://blog.checkpoint.com/security/lumma-infostealer-down-but-not-out/">CheckPoint</a> reported Lumma&rsquo;s developers are already trying to rebuild and restart their operations, which may or may not be successful.&nbsp;</span>As SpyCloud&rsquo;s <a href="https://www.linkedin.com/posts/thilligoss_lummatakedown-lummareallynowork-stealc-activity-7332888157480198146-u94p">Trevor Hilligoss shared</a>, daily new Lumma infections have trended downward following the takedown but not as much as expected. Continued monitoring will be necessary to determine the takedown&rsquo;s impact. </p>
<p>Long-standing groups such as Vidar and Stealc are good examples of this, but other newer families, such as Acreed, will also be well positioned to increase their market share. <span><a href="https://www.bleepingcomputer.com/news/security/russian-market-emerges-as-a-go-to-shop-for-stolen-credentials/">ReliaQuests</a> already reported Acreed is rapidly gaining traction following the Lumma takedown. <a href="https://webz.io/dwp/acreed-infostealer-everything-we-know-so-far/">Over 4,000 logs</a> stolen by Acreed were reportedly uploaded to the Russian Market within its first week of operations.&nbsp;</span>Nexus has also gained some traction over the last week in Lumma&rsquo;s absence. Further, former affiliates and/or administrators associated with Lumma itself may split off to create their own offerings.</p>
<p style="text-align: center;">
<img src="https://cdn.lputil.com/-/media/ffef2d4ef9d544babc2169a6d0274059.jpg?h=310&amp;w=624" >&nbsp;</p>
<p style="text-align: center;"><em>Daily new LummaC2 infections (Source: Trevor Hilligoss)</em></p>
<h2>How to protect yourself against infostealers</h2>
<p>The threat from infostealers will remain very real for the foreseeable future and continue to adapt. Oftentimes, stealers are used in indiscriminate campaigns. Additionally, the sheer volume of data that has been dumped on the internet is immense. That means anyone is fair game and should take action to protect themselves following that assumption that they could be targeted. </p>
<ul>
    <li><strong>Use strong, unique passwords for every account.</strong> This will prevent credential stuffing attacks, which is a common tactic where threat actors insert stolen usernames and passwords. That way, if one password is exposed, it won&rsquo;t give access to all your other accounts where you reuse the same password. Also, consider using a password manager to securely and conveniently store them.</li>
    <li><strong>Enable MFA on your accounts.</strong> While this measure isn&rsquo;t failproof on its own, it adds an additional layer of defense and makes you a harder target.</li>
    <li><strong>Be on guard for phishing attempts.</strong> Infostealers often spread through phishing emails and malicious downloads. </li>
    <li><strong>Check HaveIBeenPwned to monitor potential exposure </strong>if you&rsquo;re worried you may have been infected by an infostealer. </li>
</ul>

What the Lumma stealer takedown means for the infostealer market and your personal data

Lumma Stealer, also known as LummaC2, dominated the expanding stealer market with significant campaigns since it emerged as early as late 2022

Dark Side of the Lumma: What the Lumma stealer takedown means for the infostealer market and your personal data

Passkey vs Password: Which is More Secure? | LastPass

FAQs: Passkey vs password

Explore the differences between passkeys and passwords. Learn how LastPass enhances security and simplifies access with advanced authentication methods.

Blog

Blog

Recent

News & Insights

Cybersecurity

Product Tutorials

Threat Intel

Product Updates

Tips And Tricks