{"id":964,"date":"2020-03-22T03:13:44","date_gmt":"2020-03-22T03:13:44","guid":{"rendered":"https:\/\/www.affinite.fr\/index.php\/2020\/03\/22\/les-applis-android-de-lastpass-et-1password-sont-vulnerables-au-phishing\/"},"modified":"2020-03-22T03:13:44","modified_gmt":"2020-03-22T03:13:44","slug":"les-applis-android-de-lastpass-et-1password-sont-vulnerables-au-phishing","status":"publish","type":"post","link":"http:\/\/www.affinite.fr\/index.php\/2020\/03\/22\/les-applis-android-de-lastpass-et-1password-sont-vulnerables-au-phishing\/","title":{"rendered":"Les applis Android de LastPass et 1Password sont vuln\u00e9rables au phishing"},"content":{"rendered":"<p> [ad_1]<br \/>\n<br \/><img decoding=\"async\" src=\"https:\/\/img.bfmtv.com\/i\/0\/0\/293\/c3a7e19f3a660300d2fc66ccb6e83.jpg\" \/><\/p>\n<div itemprop=\"articleBody\">\n<p>Des chercheurs en s\u00e9curit\u00e9 de l\u2019universit\u00e9 de York ont d\u00e9couvert qu\u2019il \u00e9tait possible d\u2019extirper des mots de passe depuis les applications Android de LastPass et 1Password. En effet, ces gestionnaires de mots de passe disposent d\u2019une fonctionnalit\u00e9 de remplissage automatique qui fonctionne non seulement avec des sites web, mais aussi avec des applis mobiles. Si, par exemple, on ouvre une application Google, ils proposeront l\u2019insertion des identifiants correspondants. Ce qui est bien pratique.<\/p>\n<aside class=\"bg-color-0 padding-inside-all-s bloc border-s\">\n<h4 class=\"box-txt-normal\">\n<p><b>A d\u00e9couvrir aussi en vid\u00e9o<\/b>\n<\/p>\n<\/h4>\n<\/aside>\n<p>Malheureusement, cette fonctionnalit\u00e9 ne s\u2019appuie que sur le nom du package logiciel, ce qui cr\u00e9e un risque d\u2019usurpation. Un pirate peut tr\u00e8s facilement cr\u00e9er une appli malveillante avec le m\u00eame nom et la diffuser par des campagnes de phishing. Si un utilisateur l\u2019installe, il risque donc de faire fuiter ses mots de passe. LastPass et 1Password ne comptent pas corriger cette faille, estimant qu\u2019elle rel\u00e8ve davantage du comportement de l\u2019utilisateur.<\/p>\n<p><strong>Source\u00a0<\/strong>: <a href=\"https:\/\/www.york.ac.uk\/news-and-events\/news\/2020\/research\/expose-vulnerabilities-password-managers\/\" target=\"_blank\" rel=\"noopener noreferrer\">Universit\u00e9 de York<\/a><\/p>\n<\/p><\/div>\n<p><script>\n         !function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function()\n         {n.callMethod? n.callMethod.apply(n,arguments):n.queue.push(arguments)}\n         ;if(!f._fbq)f._fbq=n;\n             n.push=n;n.loaded=!0;n.version='2.0';n.queue=[];t=b.createElement(e);t.async=!0;\n             t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,\n                 document,'script','https:\/\/connect.facebook.net\/en_US\/fbevents.js');\n         fbq('init', '1065890633454496');\n         fbq('track', 'PageView');\n     <\/script><br \/>\n<br \/>[ad_2]<br \/>\n<br \/><a href=\"https:\/\/www.01net.com\/actualites\/les-applis-android-de-lastpass-et-1password-sont-vulnerables-au-phishing-1878546.html\">Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[ad_1] Des chercheurs en s\u00e9curit\u00e9 de l\u2019universit\u00e9 de York ont d\u00e9couvert qu\u2019il \u00e9tait possible d\u2019extirper des mots de passe depuis &hellip; <a href=\"http:\/\/www.affinite.fr\/index.php\/2020\/03\/22\/les-applis-android-de-lastpass-et-1password-sont-vulnerables-au-phishing\/\" class=\"more-link\">Plus <span class=\"screen-reader-text\">Les applis Android de LastPass et 1Password sont vuln\u00e9rables au phishing<\/span> <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":965,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_sitemap_exclude":false,"_sitemap_priority":"","_sitemap_frequency":"","footnotes":""},"categories":[1],"tags":[],"class_list":["post-964","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tous"],"_links":{"self":[{"href":"http:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/posts\/964"}],"collection":[{"href":"http:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/comments?post=964"}],"version-history":[{"count":0,"href":"http:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/posts\/964\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/media\/965"}],"wp:attachment":[{"href":"http:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/media?parent=964"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/categories?post=964"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/tags?post=964"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}