Découvrez l’actualité Sécurité de la semaine avec la newsletter Adacis:

Au menu:

• Nouvelle Attaque contre RC4 ! Cette fois-ci faut vraiment arrêter de l’utiliser….

« Imperva has managed to exploit the vulnerability for plaintext recovery attacks in which an attacker can extract partial data from protected communications, including payment card details, passwords, and session cookies. The attack, dubbed “Bar Mitzvah,” is similar to BEAST (Browser Exploit Against SSL/TLS), but it’s considered more stable.« 

et un petit article qui explique comment le désactiver dans Chrome et Firefox !

• Google trouve de nouveaux faux certificats pour GMAIL

« On Friday, March 20th, we became aware of unauthorized digital certificates for several Google domains. The certificates were issued by an intermediate certificate authority apparently held by a company called MCS Holdings. This intermediate certificate was issued by CNNIC. « 

• Une nouvelle faille critique dans Android

« Roughly half of all Android handsets are vulnerable to a newly discovered hack that in some cases allows attackers to surreptitiously modify or replace seemingly benign apps with malicious ones that steal passwords and other sensitive data. »

• Les mots de passe des utilisateurs du service Twitch leakés

« We are writing to let you know that there may have been unauthorized access to some Twitch user account information.

For your protection, we have expired passwords and stream keys and have disconnected accounts from Twitter and YouTube »

• Attaque Bit Whisper contre les systèmes déconnectés ‘Air Gap’ en utilisant .. la chaleur !

« AIR-GAPPED SYSTEMS, WHICH are isolated from the Internet and are not connected to other systems that are connected to the Internet […] But security researchers at Ben Gurion University in Israel have found a way to retrieve data from an air-gapped computer using only heat emissions and a computer’s built-in thermal sensors.« 

• 700000 routeurs vulnérables !

« More than 700,000 ADSL routers provided to customers by ISPs around the world contain serious flaws that allow remote hackers to take control of them.

Most of the routers have a “directory traversal” flaw in a firmware component called webproc.cgi that allows hackers to extract sensitive configuration data, including administrative credentials.« 

• GitHub fait face au plus gros DDoS qu’il ait rencontré, les dépots ciblés sont principalement des outils de contournement du Great FireWall Chinois

« Late Thursday night, the popular coding site GitHub an​nounced that someone had been attacking the site with a “continuous” distributed denial of service attack for more than 24 hours.« 

• Un nouveau malware PoS découvert par Cisco

« Cisco has discovered a new malware threat against Point-of-Sale (PoS) terminals that has the potential to pilfer credit card details. The threat appears to be a lot more damaging than the malware that infected Target.« 

• Selon Akamai la plupart des attaques en 2014 provenaient de Chine

« A majority of the Internet attack traffic in 2014’s fourth quarter originated in China, followed by the U.S., according to cloud service provider Akamai.« 

• Les 5 risques majeurs de la fin de vie de Windows 2003

« […] Even companies on board to move to Windows Server 2012 in the face of Windows Server 2003’s July 2015 end-of-life deadline will face some security-related challenges.«