ICT Security-Sécurité PC et Internet

Google is making passkeys the default option, aiming to replace passwords altogether.

Learn more / En savoir plus / Mehr erfahren:

https://www.scoop.it/topic/securite-pc-et-internet

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=PassKey

A new Android malware strain has been uncovered, part of the Rampant Kitten threat group’s widespread surveillance campaign that targets Telegram credentials and more.

Researchers have uncovered a threat group launching surveillance campaigns that target victims’ personal device data, browser credentials and Telegram messaging application files. One notable tool in the group’s arsenal is an Android malware that collects all two-factor authentication (2FA) security codes sent to devices, sniffs out Telegram credentials and launches Google account phishing attacks.

Researchers found the threat group, dubbed Rampant Kitten, has targeted Iranian entities with surveillance campaigns for at least six years. It specifically targets Iranian minorities and anti-regime organizations, including the Association of Families of Camp Ashraf and Liberty Residents (AFALR); and the Azerbaijan National Resistance Organization.

The threat group has relied on a wide array of tools for carrying out their attacks, including four Windows info-stealer variants used for pilfering Telegram and KeePass account information; phishing pages that impersonate Telegram to steal passwords; and the aforementioned Android backdoor that extracts 2FA codes from SMS messages and records the phone’s voice surroundings.

Learn more / En savoir plus / Mehr erfahren:

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

In April, with the GDPR deadline and its requirement for data portability looming, Instagram released the long-anticipated download your data tool. The feature gave users the ability to download images, posts and comments.

Unfortunately, Instagram turned the task of downloading your data into an exercise in exposing people’s passwords in plain text. Thankfully, the bug in the “download your data” tool only affected a handful of users, it said.

As The Information reported last week, Instagram told affected users on Thursday night that if they’d used the “download your data” feature, their passwords were showing up in plaintext in the URL of their browsers.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/securite-pc-et-internet/?&tag=Instagram

LastPass has closed a remote code execution vulnerability on its Chrome extension, but according to Google Project Zero researcher Tavis Ormandy, issues remain on its Firefox extension, as well as details on another password-stealing vulnerability to come.

Writing in the Project Zero issue tracker, Ormandy said it was possible to proxy untrusted messages to LastPass.

"This allows complete access to internal privileged LastPass RPC commands," the researcher said. "There are hundreds of internal LastPass RPCs, but the obviously bad ones are things copying and filling in passwords (copypass, fillform, etc)."

MORE SECURITY NEWS

Secret Service laptop with Trump Tower plans stolen from car
Feature or flaw? How to hijack a Windows account in less than a minute
Internet of Things security: What happens when every device is smart and you don't even know it?
Microsoft Edge used to escape VMware Workstation at Pwn2Own 2017
Additionally, if a user has the LastPass binary component installed, the system was vulnerable to remote code execution.

Yahoo has disclosed that more than one billion accounts may have been stolen from the company's systems in another cyberattack.

The company said in a statement Wednesday after the markets closed that unnamed attackers stole the accounts in August 2013, a little over a year prior to a previously disclosed attack in September, in which attackers stole around 500 million accounts in 2014.

But the company said it wasn't able to identify the intrusion associated with August breach.

The statement said that the hackers may have stolen names, email addresses, telephone numbers, hashed passwords (using the weak, easy to crack MD5 algorithm) dates of birth, and in some cases encrypted or unencrypted security questions and answers.

Yahoo said it has invalidated unencrypted security questions and answers so that they cannot be used to access affected accounts.

But payment card data and bank account information, stored in separate systems, are not thought to have been stolen in the attack.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Yahoo...

http://www.scoop.it/t/securite-pc-et-internet/?tag=DATA-BREACHES

http://www.scoop.it/t/securite-pc-et-internet/?tag=Cyberattacks

The web design platform Weebly was hacked in February, according to the data breach notification site LeakedSource. Usernames and passwords for more than 43 million accounts were taken in the breach, although the passwords are secured with the strong hashing algorithm bcrypt.

Weebly said in an email to customers that user IP addresses were also taken in the breach.

“We do not believe that any customer website has been improperly accessed,” Weebly said in the notice to users.” The company also said that it does not store credit card information, making fraudulent charges unlikely.

LeakedSource said it received the Weebly database from an anonymous source and notified Weebly of the breach. In addition to the customer notification emails, LeakedSource claims that password resets are being issued — but, if you’re a Weebly user and you don’t receive a password reset, you probably want to change your password anyway.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/securite-pc-et-internet/?tag=DATA-BREACHES

Die im Jahr 2012 von Hackern kopierte Dropbox-Datenbank ist online aufgetaucht. Die darin enthaltenen Passwörter sind zwar geschützt, etwa die Hälfte jedoch nur mit dem als nicht mehr sicher geltenden SHA1-Verfahren.

Der Sicherheitsforscher Thomas White hat 68 Millionen Passwort-Hashes von Dropbox-Nutzern veröffentlicht und stellt die Daten zum Download zur Verfügung. Unbekannte Angreifer haben die Passwörter Mitte 2012 abgezogen. Es ist davon auszugehen, dass die Daten echt sind.

E-Mail-Adresse plus Passwort-Hash
Alle Passwörter sind verschlüsselt. Rund bei der Hälfte greift das als sicher geltende Hash-Verfahren bcrypt. Beim Rest kommt ein einfacher SHA1-Hash mit Salt zum Einsatz. Diese Hashes lassen sich vergleichsweise schnell berechnen und Cracker könnten selbst gute Passwörter in überschaubarer Zeit knacken (siehe dazu Die Passwortknacker; Ein Blick hinter die Kulissen der Cracker).

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Dropbox

Do you have a Sky email account? There's potentially bad news - that service comes courtesy of Yahoo.

Here is what Sky is telling its customers:

At Sky, we take the security of our customers’ data and information extremely seriously.

You may have seen that overnight Yahoo! announced that a copy of certain user account information was stolen from its company’s network in late 2014. Yahoo! is the provider of sky.com email accounts.

If you are a sky.com email holder, in line with the advice provided by Yahoo!, we advise that you change your passwords online and follow good password management practices.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Yahoo...

Yes, hackers did manage to steal millions of account credentials back in 2012.
Make sure you have protected your account, and enabled two-step verification.

At the time, security commentators such as Brian Krebs, Troy Hunt and myselfurged internet users to be wary of the claims - as they had not been verified.

After all, it seemed possible that the data had been collected from heavily-reported mega breaches at Tumblr, LinkedIn and MySpace.

Now, however, Dropbox has confirmed to the media that a 5GB archive of files, containing the email addresses and hashed passwords for some 68,680,741 accounts, is genuine.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Dropbox

Opera has confirmed that an unknown hacker managed to gain access to its Opera sync system, potentially compromising the data of about 1.7 million active users. In response to the breach of Opera's web sync feature, which allows users to synchronise their browser data and settings across multiple platforms, the company has issued a forced password reset for all Sync users.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/securite-pc-et-internet

MySpace’s turn

Well, it’s happened again.

This time, the breach is said to come from MySpace, and the number of passwords claimed is an eye-popping 427 million.

Apparently, there are only 360 million users on the list, but some accounts have more than one password listed, for reasons that aren’t explained.

Once again, the passwords allegedly exposed in this breach were simple, unsalted SHA-1 hashes, vulnerable to just the same sort of high-speed try ’em all attack as in the LinkedIn breach of 2012.

According to Leaked Source, lots of passwords have already been cracked, with the top 50 choices so far accounting for more than 6 million passwords, or 1.5% of the total.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/securite-pc-et-internet/?tag=DATA-BREACHES

A newly uncovered trojan malware campaign is targeting businesses and higher education in what appears to be an effort to steal usernames, passwords and other private information as well as creating a persistent backdoor onto compromised systems.

Jupyter infostealer has been detailed by cybersecurity company Morphisec who discovered it on the network of an unnamed higher education establishment in the US. It's thought the trojan has been active since May this year.

The attack primarily targets Chromium, Firefox, and Chrome browser data, but also has additional capabilities for opening up a backdoor on compromised systems, allowing attackers to execute PowerShell scripts and commands, as well as the ability to download and execute additional malware.

The Jupyter installer is disguised in a zipped file, often using Microsoft Word icons and file names that look like they need to be urgently opened, pertaining to important documents, travel details or a pay rise.

If the installer is run, it will install legitimate tools in an effort to hide the real purpose of the installation – downloading and running a malicious installer into temporary folders in the background.

Learn more / En savoir plus / Mehr erfahren:

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Malware

Password manager LastPass has released an update last week to fix a security bug that exposes credentials entered on a previously visited site.

FIX AVAILABLE
LastPass, believed to be the most popular password manager app today, fixed the reported issue in version 4.33.0, released last week, on September 12.

If users have not enabled an auto-update mechanism for their LastPass browser extensions or mobile apps, they're advised to perform a manual update as soon as possible.

This is because yesterday, Ormandy published details about the security flaw he found. The security researcher's bug report walks an attacker through the steps necessary to reproduce the bug.

Learn more / En savoir plus / Mehr erfahren:

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Password+Managers

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Passwords

Password manager maker Keeper hit by another security snafu
The exposed server contained the company's downloadable software -- including a code-signing certificate.

Keeper, an embattled password manager maker currently suing a news reporter for defamation, left a server hosting the company's installer files exposed with full permissions, allowing anyone to access and replace files with malicious content, a security researcher told ZDNet.

Chris Vickery, who found the exposed server, immediately notified ZDNet of the exposure. We reached out to Keeper by phone and email on Friday. Within an hour of disclosure, the server had been secured.

Learn more / En savoir plus / Mehr erfahren:

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Password+Managers

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Passwords

Top 9 Password Manager Apps for Android Found Leaking Your Secrets.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/ict-security-tools/?&tag=Password-Tools

http://www.scoop.it/t/securite-pc-et-internet/?&tag=Password+Managers

http://www.scoop.it/t/securite-pc-et-internet/?&tag=Android

Hundreds of millions of users put at risk after AdultFriendFinder and other sites suffer hack.

What has happened?

The AdultFriendFinder website appears to have been hacked, exposing the personal information of hundreds of millions of user accounts.

What is AdultFriendFinder?

I don’t want to be indelicate, so I’ll just tell you it’s strapline: “Hookup, Find Sex or Meet Someone Hot Now”.

Oh! So like Ashley Madison?

Yes, very much so. And we all know what a big story that was, how extortionists attempted to blackmail users, and how lives were damaged as a result. Fortunately, information about individuals’ sexual preferences do not appear to have been included in the exposed databases.

Still, it sounds nasty – and there clearly remains the potential for blackmail. Are there any .gov and .mil email addresses associated with the exposed accounts in this latest breach?

I’m afraid so. Of the 412 million accounts exposed on the breached sites, in 5,650 cases, .gov email addresses have been used to register accounts. The same goes for 78,301 .mil email addresses.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/securite-pc-et-internet/?tag=DATA-BREACHES

As long as there is a demand for cheap IoT devices, there will be plenty of manufacturers happy to cut corners and put the internet community at risk.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Smart+Home

https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

http://www.scoop.it/t/securite-pc-et-internet/?tag=SHODAN+Search+Engine

http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things

http://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV

http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things

http://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

http://www.scoop.it/t/securite-pc-et-internet/?tag=Cars

A former Yahoo executive familiar with the company's security believes the hack involves many more than 500 million accounts, as Yahoo claims.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/securite-pc-et-internet/?tag=DATA-BREACHES

Yahoo has confirmed that at least 500 million Yahoo accounts were put at risk by a data breach in 2014. Here is what you need to know, and what you need to do.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Yahoo...

Dropbox hack released password of more than 68 million accounts online

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Dropbox

If you're a user of online backup service Carbonite, you're getting a new password. Don't make it one you've used somewhere before.

Carbonite has released a statement telling users it's run a system-wide password reset in the face of a password-reuse attack.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Passwords

http://www.scoop.it/t/securite-pc-et-internet/?tag=CARBONITE

Password Day is a day for "taking our passwords to the next level" - here are five traditions the crooks really don't want us to start.