{"id":297319,"date":"2022-08-05T12:06:39","date_gmt":"2022-08-05T14:06:39","guid":{"rendered":"https:\/\/teknomers.com\/fr\/les-failles-du-systeme-dalerte-durgence-pourraient-permettre-aux-attaquants-de-transmettre-de-faux-messages\/"},"modified":"2022-08-05T12:06:41","modified_gmt":"2022-08-05T14:06:41","slug":"les-failles-du-systeme-dalerte-durgence-pourraient-permettre-aux-attaquants-de-transmettre-de-faux-messages","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/les-failles-du-systeme-dalerte-durgence-pourraient-permettre-aux-attaquants-de-transmettre-de-faux-messages\/","title":{"rendered":"Les failles du syst\u00e8me d&#8217;alerte d&#8217;urgence pourraient permettre aux attaquants de transmettre de faux messages"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both\"><\/div>\n<p>Le d\u00e9partement am\u00e9ricain de la S\u00e9curit\u00e9 int\u00e9rieure (DHS) a mis en garde contre des vuln\u00e9rabilit\u00e9s de s\u00e9curit\u00e9 critiques dans les encodeurs\/d\u00e9codeurs du syst\u00e8me d&#8217;alerte d&#8217;urgence (EAS).<\/p>\n<p>S&#8217;ils ne sont pas corrig\u00e9s, les probl\u00e8mes pourraient permettre \u00e0 un adversaire d&#8217;\u00e9mettre des alertes d&#8217;urgence frauduleuses sur les r\u00e9seaux de t\u00e9l\u00e9vision, de radio et de c\u00e2ble.<\/p>\n<p>L&#8217;avis du 1er ao\u00fbt est une gracieuset\u00e9 de l&#8217;Agence f\u00e9d\u00e9rale de gestion des urgences (FEMA) du DHS.  Le chercheur en s\u00e9curit\u00e9 de CYBIR, Ken Pyle, a \u00e9t\u00e9 cr\u00e9dit\u00e9 d&#8217;avoir d\u00e9couvert la lacune.<\/p>\n<div class=\"ad_two clear\"><a rel=\"nofollow noopener\" href=\"https:\/\/go.thn.li\/strike-d\" target=\"_blank\" title=\"DevOps backupy\"><img decoding=\"async\" alt=\"La cyber-s\u00e9curit\u00e9\" class=\"lazyload\" loading=\"lazy\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/07\/Une-nouvelle-etude-revele-que-la-plupart-des-fournisseurs-dentreprise.png\" width=\"300\" height=\"250\" \/><\/a><\/div>\n<p>EAS est un ressortissant am\u00e9ricain <a rel=\"nofollow noopener\" href=\"https:\/\/www.fema.gov\/emergency-managers\/practitioners\/integrated-public-alert-warning-system\/public\/emergency-alert-system\" target=\"_blank\">syst\u00e8me d&#8217;alerte publique<\/a> qui permet aux autorit\u00e9s de l&#8217;\u00c9tat de diffuser des informations dans les 10 minutes en cas d&#8217;urgence.  De telles alertes peuvent interrompre la radio et la t\u00e9l\u00e9vision pour diffuser des informations d&#8217;alerte d&#8217;urgence.<\/p>\n<div class=\"separator\" style=\"clear: both\"><img decoding=\"async\" alt=\"Syst\u00e8mes d'alerte d'urgence\" border=\"0\" data-original-height=\"394\" data-original-width=\"728\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/08\/1659708399_170_Les-failles-du-systeme-dalerte-durgence-pourraient-permettre-aux-attaquants.jpg\" title=\"Syst\u00e8mes d'alerte d'urgence\" \/><\/div>\n<p>Les d\u00e9tails de la faille ont \u00e9t\u00e9 gard\u00e9s secrets pour emp\u00eacher toute exploitation active par des acteurs malveillants, bien qu&#8217;elle devrait \u00eatre rendue publique en tant que preuve de concept lors de la conf\u00e9rence DEF CON qui se tiendra \u00e0 Las Vegas la semaine prochaine.<\/p>\n<div class=\"ad_two clear\"><a rel=\"nofollow noopener\" href=\"https:\/\/go.thn.li\/crowdsec-tour-d\" target=\"_blank\" title=\"CyberSecurity\"><img decoding=\"async\" alt=\"La cyber-s\u00e9curit\u00e9\" class=\"lazyload\" loading=\"lazy\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/07\/1656663365_395_Amazon-corrige-discretement-la-vulnerabilite-de-gravite-elevee-dans-lapplication.jpg\" width=\"728\" height=\"90\" \/><\/a><\/div>\n<p>&#8220;En bref, la vuln\u00e9rabilit\u00e9 est de notori\u00e9t\u00e9 publique et sera d\u00e9montr\u00e9e \u00e0 un large public dans les prochaines semaines&#8221;, a d\u00e9clar\u00e9 l&#8217;agence. <a rel=\"nofollow noopener\" href=\"https:\/\/content.govdelivery.com\/accounts\/USDHSFEMA\/bulletins\/3263326\" target=\"_blank\">a dit<\/a> dans le bulletin.<\/p>\n<p>Pour att\u00e9nuer la vuln\u00e9rabilit\u00e9, il est recommand\u00e9 aux participants concern\u00e9s de mettre \u00e0 jour les appareils EAS vers les derni\u00e8res versions logicielles, de les s\u00e9curiser avec un pare-feu, et de surveiller et d&#8217;auditer les journaux d&#8217;examen pour d\u00e9tecter les signes d&#8217;acc\u00e8s non autoris\u00e9.<\/p>\n<p><\/p>\n<\/div>\n<p><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2022\/08\/emergency-alert-system-flaws-could-let.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Le d\u00e9partement am\u00e9ricain de la S\u00e9curit\u00e9 int\u00e9rieure (DHS) a mis en garde contre des vuln\u00e9rabilit\u00e9s de s\u00e9curit\u00e9 critiques dans les encodeurs\/d\u00e9codeurs du syst\u00e8me d&#8217;alerte d&#8217;urgence (EAS). S&#8217;ils ne sont pas corrig\u00e9s, les probl\u00e8mes pourraient permettre \u00e0 un adversaire d&#8217;\u00e9mettre des alertes d&#8217;urgence frauduleuses sur les r\u00e9seaux de t\u00e9l\u00e9vision, de radio et de c\u00e2ble. L&#8217;avis du [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":297320,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[11865,507,4168,4158,4165,4161,12229,252,4806,5971,4157,4159,4171,4170,65,4167,1081,4160,4163,4162,5848,1612,4172,4169,2622,66964,4166,4164],"class_list":["post-297319","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-attaquants","tag-aux","tag-comment-pirater","tag-cyber-actualites","tag-cyber-attaques","tag-cyber-mises-a-jour","tag-dalerte","tag-durgence","tag-failles","tag-faux","tag-lactualite-de-la-cybersecurite","tag-lactualite-de-la-cybersecurite-aujourdhui","tag-lactualite-des-hackers","tag-la-securite-des-informations","tag-les","tag-logiciel-malveillant-de-ransomware","tag-messages","tag-mises-a-jour-de-la-cybersecurite","tag-nouvelles-de-piratage","tag-nouvelles-de-pirates","tag-permettre","tag-pourraient","tag-securite-informatique","tag-securite-internet","tag-systeme","tag-transmettre","tag-violation-de-donnees","tag-vulnerabilite-logicielle"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/297319","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=297319"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/297319\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/297320"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=297319"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=297319"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=297319"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}