D\u00e9cid\u00e9ment, les webmail regorgent de probl\u00e8mes de s\u00e9curit\u00e9. La faille, corrig\u00e9e par Yahoo, permet de contourner les filtres anti-Javascript du webmail<\/p>\n
Ce jeudi, la soci\u00e9t\u00e9 Eeye a annonc\u00e9 avoir d\u00e9couvert une vuln\u00e9rabilit\u00e9 dans le webmail du g\u00e9ant Yahoo!, qui compte plusieurs millions d’utilisateurs. Ce probl\u00e8me de s\u00e9curit\u00e9 qui touche les protections anti-javascript du Webmail aurait pu permettre \u00e0 un attaquant de s’approprier n’importe quel compte email en envoyant un simple email pi\u00e9g\u00e9.<\/p>\n
Avant que cette information soit publique, Yahoo! avait d\u00e9j\u00e0 corrig\u00e9 la faille. On peut se demander alors pourquoi l’annoncer sur les listes sp\u00e9cialis\u00e9es. La r\u00e9ponse est simple, comme beaucoup d’entreprises sp\u00e9cialis\u00e9es dans la s\u00e9curit\u00e9, l’annonce publique de d\u00e9couvertes sensationnelles fait partie d’une strat\u00e9gie marketing bien rod\u00e9e.<\/p>\n
Nous noterons avec un l\u00e9ger sourire aux l\u00e8vres cette explication pr\u00e9sente \u00e0 la fin de l’alerte Eeye \u00ab\u00a0A remarkable note about this bug is that no one seems to have found it before. As far as anyone knows… \u00a0\u00bb R\u00e9jouissons nous, Eeye nous a sauv\u00e9.<\/p>\n
Alors qu’en France, l’Etat est en passe de restreindre nos droits en mati\u00e8re d’informations technique, aux Etats-Unis, publier une vuln\u00e9rabilit\u00e9 est bien souvent un v\u00e9ritable outil marketing.<\/p>\n
[source – Silicon.fr] Aur\u00e9lien Cabezon (c) Vulnerabilite.com <\/p>\n","protected":false},"excerpt":{"rendered":"
D\u00e9cid\u00e9ment, les webmail regorgent de probl\u00e8mes de s\u00e9curit\u00e9. La faille, corrig\u00e9e par Yahoo, permet de contourner les filtres anti-Javascript du webmail<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_citadela_custom_class":"","footnotes":""},"categories":[15],"tags":[],"class_list":["post-3396","post","type-post","status-publish","format-standard","hentry","category-securite"],"_links":{"self":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/posts\/3396","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3396"}],"version-history":[{"count":0,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/posts\/3396\/revisions"}],"wp:attachment":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3396"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3396"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3396"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}