http://www.ph-v.net/ Web blog d'un ingénieur en sécurité informatique. IT Security watcher's blog: news, threats analysis, AV issues, PoC, IT security, bugs... Contact: philippe.vialle@wanadoo.fr fr Sun, 19 Feb 2012 06:02:53 +0100 Sun, 19 Feb 2012 06:02:53 +0100 Over-blog.com RSS 2.0 Engine Copyright 2012 www.ph-v.net Hi Tech http://www.rssboard.org/rss-specification/ http://www.ph-v.net/article-old-versions-of-firefox-left-over-at-risk-98481626.html
Let's say that you start an old box, even a WinXP... that had not been used for a while. Because you're aware of security risks if you don't update your software, you try to update the whole stuff. Windows Updates works like a charm, and may deploy 100 updates with 1 or 2 reboots, okay fine.[...]]]> Thu, 02 Feb 2012 23:58:00 +0100 13724415fec8bc44bea6a4eb2bb915b4 http://www.ph-v.net/article-old-versions-of-firefox-left-over-at-risk-98481626-comments.html#anchorComment http://www.ph-v.net/article-antivirus-dans-le-nuage-pour-de-bon-98481318.html Thu, 02 Feb 2012 23:48:00 +0100 a00ebbd70d5bc6becf43da3c7b729823 http://www.ph-v.net/article-antivirus-dans-le-nuage-pour-de-bon-98481318-comments.html#anchorComment http://www.ph-v.net/article-nouveau-webmail-de-free-ancienne-version-de-php-97566299.html
Je ne dois pas être le seul à l'avoir vu, l'opérateur en fait l'annonce sur son portail dès l'instant que l'on rentre dans la partie "webmail"... Mais le problème est que l'infra Zimbra en question ne semble pas elle aussi neuve : D'après le site éditeur de PHP, cette version 5.2 n'est plus[...]]]> Fri, 20 Jan 2012 23:37:00 +0100 bb1c63b905f5299d496dd6b496f7675d Veille sécurité http://www.ph-v.net/article-nouveau-webmail-de-free-ancienne-version-de-php-97566299-comments.html#anchorComment http://www.ph-v.net/article-gtalk-bot-leading-users-to-porn-related-dating-website-97087350.html
An old-fashion IM bot, but this time over GTalk... Here is the chat: loveflor3 hey whats up? 23/F here. youu? moi Sunny. Thx loveflor3 hmm. have we chattted before? moi Yes loveflor3 oh ok. l wasn't sure. anywayz.... whats up? 12:29 loveflor3 hello? 12:58 moi yes I'm having lunch loveflor3 im[...]]]> Sat, 14 Jan 2012 13:24:00 +0100 9dd37eb3a1d7065329e31ea0ee8ed14d Veille sécurité http://www.ph-v.net/article-gtalk-bot-leading-users-to-porn-related-dating-website-97087350-comments.html#anchorComment http://www.ph-v.net/article-android-ad-ware-case-study-96838069.html
I would believe we are back to Win 9x systems fashion, when adwares used to be legion (at least, in proportion compared to global threats trends at this time). But this case seems to concern any Android OS from 1.6 to 2.x, much more modern systems... In a nutshell, this adware will: - add an[...]]]> Wed, 11 Jan 2012 01:12:00 +0100 38f61d9444b12bf66de42a6c167be6f2 Veille virale http://www.ph-v.net/article-android-ad-ware-case-study-96838069-comments.html#anchorComment http://www.ph-v.net/article-facebook-https-certificate-rollback-96634725.html
A bit strange, isn't it, that alert from Certificate patrol? This came up while accessing Facebook with Firefox... Well, that would mean Facebook rolled back their HTTPS certificate, to re-use a former one, issued on November 2010... Why so? no real clue... How are we (professionals) supposed[...]]]> Sun, 08 Jan 2012 21:20:00 +0100 3732d23492ac440ef75999bdc3080de0 Veille sécurité http://www.ph-v.net/article-facebook-https-certificate-rollback-96634725-comments.html#anchorComment http://www.ph-v.net/article-deni-de-service-gmail-96632856.html
Qui a dit que cela n'arrivait pas à tous les fournisseurs de service ? GMail ne fait pas exception à la règle. Bien que le Copyright sur la page date de 2008, le message lui, date bien de 2011 ! (je n'avais pas eu l'occasion de le poster). Attention donc à ceux qui veulent "mettre dans le[...]]]> Sun, 08 Jan 2012 20:49:00 +0100 4390af9b073c6ee0ba33dd1172901c92 Veille sécurité http://www.ph-v.net/article-deni-de-service-gmail-96632856-comments.html#anchorComment http://www.ph-v.net/article-erreur-de-mise-a-jour-kaspersky-menant-au-plantage-96631536.html
Il y a peu, en démarrant la machine, Kaspersky a affiché des avertissements et la session ne se chargeait plus correctement (pas complètement). Voici tout d'abord les infos de version du produit, pour savoir de quoi il est question : Ensuite, le message d'erreur proprement dit (apparu donc[...]]]> Sun, 08 Jan 2012 20:34:00 +0100 b3349d0adb74d94a13bd1c8cf97eecbb Veille sécurité http://www.ph-v.net/article-erreur-de-mise-a-jour-kaspersky-menant-au-plantage-96631536-comments.html#anchorComment http://www.ph-v.net/article-viadeo-rappele-a-l-ordre-par-trusteer-91720941.html
L'avertissement est, je pense, suffisamment explicite ! Mais où se cache le HTTPS ? Solution possible : utiliser HTTPS EveryWhere dans Firefox...]]> Thu, 08 Dec 2011 01:08:00 +0100 890379e1199575e21f5f5e52ea9a4f3f http://www.ph-v.net/article-viadeo-rappele-a-l-ordre-par-trusteer-91720941-comments.html#anchorComment http://www.ph-v.net/article-new-fake-av-spreading-over-email-gmail-91519923.html
First I thouht this was like regular spam, and something close to Viagra (and others...). But, in the end, no... The contact told me his "mail account" had been stolen, whereas I do believe his computer has been compromised (and then, the bad guys used that to gain access to the email[...]]]> Tue, 06 Dec 2011 21:55:00 +0100 f3bf7ed92af3e3fb98eb6106c4901299 Veille virale http://www.ph-v.net/article-new-fake-av-spreading-over-email-gmail-91519923-comments.html#anchorComment