Basically you just need to turn off auto-login and auto-fill on all sites, no matter what your password manager is. All of the attacks depended on those two features, from what I could tell from a quick scan of the paper.
How can you set LastPass to globally disable auto-fill and auto-login? I checked again and I couldn't find any options in the extension or vault settings.
