Messages récents

Pages: [1] 2 3 4 5 6 7 8 ... 10
News / [AVAST]AV-Comparatives awards Avast top ranking | Avast
« Dernier message par igor51 le Aujourd'hui à 04:00:35 »
AV-Comparatives awards Avast top ranking | Avast

With so many cybersecurity products crowding the marketplace, consumers areav-comparatives-advanced-plus-malware-protection-test-award-march-2018 grateful for independent test lab AV-Comparatives. Like a friendly tech watchdog, the unbiased organization conducts monthly studies on security products, assessing detection and protection capabilities, among other things, and then publishing a report on its findings. The intent is to be a unbiased resource for consumers.

Source: AV-Comparatives awards Avast top ranking | Avast
5 tips for ultimate online security and privacy | Avast Infographic

avast-ultimate-security-privacy-infographic-finalCybersecurity encompasses multiple defenses. It’s not just an antivirus, it’s not just a VPN, it’s not just a password manager, internet security, and anti-track software. It’s all these things and more, working together to ensure every vulnerability is protected, whether the threats are coming from a phishing email, a malicious website, a botnet, public Wi-Fi, or other avenue. Cybercriminals are trying every angle to crack into our data, and they won’t rest until they do. 


Click to view a larger version of the infographic here.


We need to defend our digital lives comprehensively. Here are 5 ways to protect yourself online:

  1. Get Antivirus Protection: Every month, our network protects hundreds of millions of users from 2 billion malware attacks. Avast Premier is our top-of-the-line antivirus that stops emerging threats, ransomware, spyware, and then some.

  3. Use a VPN to encrypt your internet connection: A VPN protects your privacy online by masking your IP address and providing an encrypted connection between you and the internet. Access streaming shows when you travel, safely use a public Wi-Fi, and remain anonymous online.

  5. Use a fast, secure, and private browser: Get state-of-the-art protection for all your online activities—plus ad-blocking, anti-tracking, and anti-fingerprinting. This makes it impossible for others to create an online profile of you. Avast Secure Browser includes all this and it's up to 4x faster than your standard browser.

  7. Make your passwords unique and strong: Ever-changing, complex passwords are key to data protection. Use a password manager to securely sync your passwords across all your computers, smartphones, and tablet               
    devices. Avast Passwords Premium is a great option for
    managing your passwords and it also has the added benefit of detecting when sites have been compromised and prompts you to change your password.

  9. While you’re at it, speed up and clean up your PC: Along with all this protection, apply a full optimization suite like Avast Cleanup Premium which includes over 10 features to improve your PC’s reliability and speed. Our patented technologies provide next-gen tuning and cleaning which frees up disk space, removes bloatware, fixes problems, and increases speed.

Source: 5 tips for ultimate online security and privacy | Avast Infographic
Facebook conspiracy theories after Android app tries to “get root”

Facebook's Android app suddenly started making a bid for superuser access. Conspiracy theories popped up like fungi. (It's now fixed.)
Source: Facebook conspiracy theories after Android app tries to “get root”
News / [FireEye]Shining a Light on OAuth Abuse with PwnAuth
« Dernier message par igor51 le Hier à 19:00:20 »
Shining a Light on OAuth Abuse with PwnAuth



Spear phishing attacks are seen as one of the biggest cyber threats
  to an organization. It only takes one employee to enter their
  credentials or run some malware for an entire organization to become
  compromised. As such, companies devote significant resources to
  preventing credential harvesting and payload-driven social engineering
  attacks. Less attention, however, has been paid to a non-traditional,
  but just as dangerous, method of social engineering: OAuth abuse. In
  an OAuth abuse attack, a victim authorizes a third-party application
  to access their account. Once authorized, the application can access
  the user's data without the need for credentials and bypassing any
  two-factor authentication that may be in place.


Today, I’m releasing   href="">PwnAuth, a platform to
  allow organizations and penetration testers an opportunity to test
  their ability to detect and respond to OAuth abuse social engineering
  campaigns. In releasing the tool, we hope to increase awareness about
  this threat, improve the security community’s ability to detect it,
  and provide countermeasures for defenders.


Head over to our GitHub to     href="">start using PwnAuth.


What is OAuth?


OAuth 2.0 is described as "An open protocol to allow secure
  authorization in a simple and standard method from web, mobile and
  desktop applications..." It has become the de facto protocol that
  major Internet companies such as Amazon, Google, Facebook, and
  Microsoft use to facilitate granting third-party applications access
  to user data. An application that accesses your Microsoft OneDrive to
  allow for easy file sharing is an example of an application that would
  leverage OAuth.


Let’s use an application accessing OneDrive as an example to define
  some roles in an OAuth authorization flow:

The Application, or "Client"


The third-party application that is requesting access. In this case,
  the application that wishes to access your OneDrive files is the "Client."

The API "Resource"


The target application the "Client" wishes to access. In
  this case, the Microsoft OneDrive API endpoint is the "Resource."

The "Resource Owner"


The person granting access to a portion of their account. In this
  case, you.

The Authorization Server


The Authorization Server presents the interface that the Resource
  Owner uses to give or deny consent. The server could be the same as
  the API Resource or a different component. In this case, the Microsoft
  login portal is the "Authorization Server".



The Scope is defined as the type of access that the third-party
  application is requesting. Most API Resources will define a set of
  scopes that applications can request. This is similar to the
  permissions that an Android phone application would request on
  installation. In this example, the application may request access to
  your OneDrive files and user profile.


OAuth 2.0 provides several different authorization "grant
  types" to facilitate the different applications that we, as
  users, interact with. For the purpose of this post, we are interested
  in the "Authorization Code" grant type, which is used by web
  applications implementing OAuth. The following is an example
  authorization flow:


1.  A "Consent" link is created that directs the Resource
  Owner to the Authorization Server with parameters identifying the
  Application and the scopes requested.






2.  The Resource Owner will be presented with an authorization
  prompt, stating the application name and requested scopes. The
  Resource Owner has the option to approve or deny this authorization request.


3.  Upon approval, the Authorization Server will redirect back to
  the Application with an authorization code.

HTTP/1.1 200
  Content-Type: application/json
  Pragma: no-cache








4.  The Application can then use the authorization code and request
  an access token from the Authorization Server. Access tokens can be
  used for a set duration of time to access the user’s data from the API
  Resource, without any further action by the Resource Owner.


Room For Abuse


OAuth applications provide an ideal vector through which attackers
  could compromise a target and harvest confidential data such as email,
  contacts, and files. An attacker could create a malicious application
  and use the obtained access tokens to retrieve victims' account data
  via the API Resource. The access tokens do not require knowledge of
  the user's password, and bypass any two-factor enforcement. Further,
  the only way to remove an attacker's access is to explicitly revoke
  access to the OAuth application. In order to obtain OAuth tokens, an
  attacker would need to convince a victim to click a "Consent
  link" and approve the application via social engineering. Because
  all victim interaction is on sites owned by the legitimate Resource
  Provider (e.g. Microsoft), it can be hard for an untrained user to
  differentiate between a legitimate OAuth application and a malicious one.


Though likely not the first instance of such campaigns, OAuth abuse
  first came to the media's attention during the 2016 presidential
  election. FireEye wrote about APT28's usage of OAuth abuse to gain
  access to emails of U.S. politicians in our     href="">M-TRENDS
    2017 report. Since then, FireEye has seen the     href="">technique
    spread to commodity worms seeking to spread across Gmail.




PwnAuth is a web application framework I wrote to make it easier for
  organizations to test their ability to detect and respond to OAuth
  abuse campaigns. The web application provides penetration testers with
  an easy-to-use UI to manage malicious OAuth applications, store
  gathered OAuth tokens, and interact with API Resources. The
  application UI and framework are designed to be easily extendable to
  other API Resources through the creation of additional modules. While
  any cloud environment that allows OAuth applications could be
  targeted, currently PwnAuth ships with a module to support malicious
  Office 365 applications that will capture OAuth tokens and facilitate
  interaction with the Microsoft Graph API using those captured tokens.
  The Office 365 module itself could be further extended, but currently
  provides the following:

  • Reading mail
  • Searching the user's mailbox
  • Reading the
        user's contacts
  • Downloading messages and attachments

  • Searching OneDrive and downloading files
  • Sending
        messages on behalf of the user


The interface is designed to be intuitive and user-friendly. The
  first step to using PwnAuth would be to create a Microsoft
  Application. That information must then be entered into PwnAuth
  (Figure 1).


 Figure 1: Importing a Microsoft App into PwnAuth


Once configured, you can use the generated "Authorization
  URL" to phish potential victims. When clicked, PwnAuth will
  capture victim OAuth tokens for later use. An example victim listing
  is shown in Figure 2.


 Figure 2: Listing victim users in PwnAuth


Once PwnAuth has captured a victim's OAuth token, you can begin to
  access their data. Use PwnAuth to query the victim's mailbox for all
  messages containing the string "password", for example
  (Figure 3).


 Figure 3: Searching the mailbox of a victim


See the GitHub
for more information on usage.




Our FireEye technology stack includes network-based signatures to
  detect potentially malicious OAuth consent URLs. Attackers tend to
  include certain scopes in malicious apps that can be detected and
  flagged. Organizations with social engineering training programs can
  add OAuth abuse scenarios to their existing programs to better educate
  users about this attacker vector. Additionally, organizations can take
  steps to limit the potential impact of malicious OAuth applications
  and increase their detection capabilities. The options available to an
  organization vary greatly depending on the API Resource, but, in
  general, include:

  • Limit the API scopes
        third-party apps can request.
  • Disable third-party apps in
        an organization.
  • Implement a whitelist or blacklist for
  • Query an organization's user base for all
        consented applications.
  • Log any user consent events and
        report suspicious activity.


Office 365 in particular offers some options for administrators:

  • Organizations with Cloud
        App Security can make use of the       href="">"app
          permissions" feature to query and block third party
  • Administrators can       href="">block
          access to third-party applications globally.

  • Administrators can take actions if they believe a       href="">malicious
          app was granted access to an account.
  • The Unified
        Audit Log records whenever a user consents to a third-party
        application; however, the specific scopes and app information is not
        recorded in the log.


I have created a collection of scripts to assist administrators in
    hunting for
    malicious OAuth applications
in cloud environments. Currently
  there is a script to investigate Office 365 tenants with plans to add
  other cloud environments.




OAuth abuse attacks are a dangerous and non-traditional phishing
  technique that attackers can use to gain access to an organization's
  confidential data. As we move more services to the cloud,
  organizations should be careful to lock down third-party application
  access and ensure that their monitoring and detection strategy covers
  application consent grants. Organizations and security professionals
  can use PwnAuth to
  test their ability to detect and respond to this new type of attack.


Head over to our GitHub and     href="">start using PwnAuth today.

Source: Shining a Light on OAuth Abuse with PwnAuth
Hardware / Re : carte graphique :/
« Dernier message par christuf le Hier à 18:57:41 »

Merci de votre reponse rapide,

J'ai rinstaller le pilote de la carte graphique, mais le probleme est toujours présent,

J'essaie de suite votre installation de intel =)

Hardware / Re : carte graphique :/
« Dernier message par Artisan le Hier à 18:26:40 »
Bonjour  :AAC

Essayez la procédure suivante:
Comment mettre à niveau la technologie Rapid Storage Intel® ?

J'ai déjà tenter de reinstaller mes pilotes, rien ni fait

Quels pilotes avez vous réinstallé ?

Hardware / carte graphique :/
« Dernier message par christuf le Hier à 18:16:13 »

Cela fait maintenant plusieurs semaines que je galere à jouer à mes jeux videos,

En effet, lorsque je lance un de ces jeux, mon ecran se fige et impossible de faire quoi que ce soit, je dois reboot l'ordi...

Le systeme de fiabilité m'annonce une erreur matérielle ...

Un problème rencontré avec le matériel a provoqué un dysfonctionnement de Windows.

Signature du problème
Nom d’événement du problème :   LiveKernelEvent
Code:   141
Paramètre 1:   ffffc88bc711f4a0
Paramètre 2:   fffff80f197fed6c
Paramètre 3:   0
Paramètre 4:   301c
Version du système d’exploitation:   10_0_16299
Service Pack:   0_0
Produit:   768_1
Version du système:   10.0.16299.
Identificateur de paramètres régionaux:   1036

Informations complémentaires sur le problème
ID du récipient :   BAD_DUMPFILE"

Chemin d’accès de l’application défaillante :   C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

Signature du problème
Nom d’événement du problème :   CLR20r3
Signature du problème 01:   IAStorDataMgrSvc.exe
Signature du problème 02:
Signature du problème 03:   55b5f9d3
Signature du problème 04:   IAStorUtil
Signature du problème 05:
Signature du problème 06:   55b5f9cd
Signature du problème 07:   2e
Signature du problème 08:   0
Signature du problème 09:   System.NullReferenceException
Version du système:   10.0.16299.
Identificateur de paramètres régionaux:   1036
Information supplémentaire n° 1:   2beb
Information supplémentaire n° 2:   2beba6fb4680d73a8c78ca7c24ccdb46
Information supplémentaire n° 3:   4403
Information supplémentaire n° 4:   4403f015ed7034dc0edefc48c8ad7c13

Informations complémentaires sur le problème
ID de compartiment :   8e6b78ff71b2b95122e89f2c316f823a (128887068514)"

J'ai déjà tenter de reinstaller mes pilotes, rien ni fait

Pouvez-vous m'aider ?
GPON Vulnerabilities Exploited for Mexico-based Mirai-like Scanning Activities

We recently found similar Mirai-like scanning activity from Mexico with some being done via the exploitation of CVE-2018-10561 and CVE-2018-10562, two vulnerabilities that are specific to Gigabit Passive Optical Network (GPON)-based home routers.

The post GPON Vulnerabilities Exploited for Mexico-based Mirai-like Scanning Activities appeared first on .

Source: GPON Vulnerabilities Exploited for Mexico-based Mirai-like Scanning Activities
News / [Eset]Cybersecurity training still neglected by many employers
« Dernier message par igor51 le Hier à 15:00:06 »
Cybersecurity training still neglected by many employers

While training employees will not guarantee complete cyber safety for companies, it could go a long way to making workers more cyber-aware
The post Cybersecurity training still neglected by many employers appeared first on WeLiveSecurity

Source: Cybersecurity training still neglected by many employers
Real-time cellphone location data leaked for all major US carriers

From the carriers to LocationSmart to 3Cinteractive to Securus: there appears to be a chain pockmarked with lack of authentication and data lost to hackers.
Source: Real-time cellphone location data leaked for all major US carriers
Pages: [1] 2 3 4 5 6 7 8 ... 10