{"id":491531,"date":"2022-12-02T07:20:29","date_gmt":"2022-12-02T09:20:29","guid":{"rendered":"https:\/\/teknomers.com\/fr\/lastpass-subit-une-autre-faille-de-securite-expose-certaines-informations-clients\/"},"modified":"2022-12-02T07:20:31","modified_gmt":"2022-12-02T09:20:31","slug":"lastpass-subit-une-autre-faille-de-securite-expose-certaines-informations-clients","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/lastpass-subit-une-autre-faille-de-securite-expose-certaines-informations-clients\/","title":{"rendered":"LastPass subit une autre faille de s\u00e9curit\u00e9\u00a0;  Expos\u00e9 certaines informations clients"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><\/div>\n<p>Le service de gestion de mots de passe populaire LastPass a d\u00e9clar\u00e9 qu&#8217;il enqu\u00eatait sur un deuxi\u00e8me incident de s\u00e9curit\u00e9 impliquant des attaquants acc\u00e9dant \u00e0 certaines de ses informations client.<\/p>\n<p>&#8220;Nous avons r\u00e9cemment d\u00e9tect\u00e9 une activit\u00e9 inhabituelle au sein d&#8217;un service de stockage en nuage tiers, qui est actuellement partag\u00e9 par LastPass et sa filiale, GoTo&#8221;, a d\u00e9clar\u00e9 le PDG de LastPass, Karim Toubba. <a rel=\"nofollow noopener\" href=\"https:\/\/blog.lastpass.com\/2022\/11\/notice-of-recent-security-incident\/\" target=\"_blank\">a dit<\/a>.<\/p>\n<p>GoTo, anciennement appel\u00e9 LogMeIn, a acquis LastPass en octobre 2015. En d\u00e9cembre 2021, la soci\u00e9t\u00e9 bas\u00e9e \u00e0 Boston <a rel=\"nofollow noopener\" href=\"https:\/\/blog.lastpass.com\/2021\/12\/lastpass-investing-even-more-in-your-password-security-in-2022\" target=\"_blank\">annonc\u00e9<\/a> envisage de cr\u00e9er LastPass en tant qu&#8217;entreprise ind\u00e9pendante.<\/p>\n<p>L&#8217;effraction num\u00e9rique a permis \u00e0 des tiers non autoris\u00e9s d&#8217;exploiter des informations obtenues \u00e0 la suite d&#8217;une pr\u00e9c\u00e9dente violation en ao\u00fbt 2022 pour acc\u00e9der \u00e0 &#8220;certains \u00e9l\u00e9ments des informations de nos clients&#8221;.<\/p>\n<div class=\"ad_two clear\"><center class=\"cf\"><a rel=\"nofollow noopener\" href=\"https:\/\/go.thn.li\/uptycs-inside\" target=\"_blank\" title=\"CyberSecurity\"><img decoding=\"async\" alt=\"La cyber-s\u00e9curit\u00e9\" class=\"lazyload\" loading=\"lazy\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/11\/Des-chercheurs-detaillent-la-vulnerabilite-inter-locataire-dAppSync-dans-Amazon-Web.jpg\" width=\"728\" height=\"90\"\/><\/a><\/center><\/div>\n<p>L&#8217;\u00e9v\u00e9nement de s\u00e9curit\u00e9 d&#8217;ao\u00fbt 2022 a cibl\u00e9 son environnement de d\u00e9veloppement, entra\u00eenant le vol d&#8217;une partie de son code source et de ses informations techniques.  En septembre, LastPass a r\u00e9v\u00e9l\u00e9 que l&#8217;acteur de la menace y avait acc\u00e8s pendant quatre jours.<\/p>\n<p>L&#8217;\u00e9tendue de la violation reste inconnue \u00e0 ce jour, et il n&#8217;est pas clair si les clients LastPass et GoTo sont touch\u00e9s.  Cependant, les mots de passe des utilisateurs n&#8217;ont pas \u00e9t\u00e9 compromis.<\/p>\n<p>La soci\u00e9t\u00e9 a d\u00e9clar\u00e9 avoir fait appel aux services de Mandiant, propri\u00e9t\u00e9 de Google, et alert\u00e9 les forces de l&#8217;ordre des derniers d\u00e9veloppements.  Il a \u00e9galement d\u00e9clar\u00e9 qu&#8217;il s&#8217;effor\u00e7ait d&#8217;identifier les donn\u00e9es sp\u00e9cifiques consult\u00e9es.<\/p>\n<p>En outre, il a soulign\u00e9 qu&#8217;il continuait \u00e0 d\u00e9ployer des mesures de s\u00e9curit\u00e9 et des capacit\u00e9s de surveillance am\u00e9lior\u00e9es pour aider \u00e0 d\u00e9tecter et \u00e0 pr\u00e9venir d&#8217;autres activit\u00e9s d&#8217;acteurs mena\u00e7ants.<\/p>\n<p><\/p>\n<div class=\"cf note-b\">Vous avez trouv\u00e9 cet article int\u00e9ressant ?  Suivez-nous sur <a rel=\"nofollow noopener\" href=\"https:\/\/twitter.com\/thehackersnews\" target=\"_blank\">Twitter <i class=\"icon-font icon-twitter\">\uf099<\/i><\/a>  et <a rel=\"nofollow noopener\" href=\"https:\/\/www.linkedin.com\/company\/thehackernews\/\" target=\"_blank\">LinkedIn<\/a> pour lire plus de contenu exclusif que nous publions.<\/div>\n<\/div>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\n<br \/><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2022\/12\/lastpass-suffers-another-security.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Le service de gestion de mots de passe populaire LastPass a d\u00e9clar\u00e9 qu&#8217;il enqu\u00eatait sur un deuxi\u00e8me incident de s\u00e9curit\u00e9 impliquant des attaquants acc\u00e9dant \u00e0 certaines de ses informations client. &#8220;Nous avons r\u00e9cemment d\u00e9tect\u00e9 une activit\u00e9 inhabituelle au sein d&#8217;un service de stockage en nuage tiers, qui est actuellement partag\u00e9 par LastPass et sa filiale, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":491532,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[4640,4789,8004,4168,4158,4165,4161,16209,9048,492,4157,4159,4171,4170,103437,4167,4160,4163,4162,1835,4172,4169,5305,196,4166,4164],"class_list":["post-491531","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-autre","tag-certaines","tag-clients","tag-comment-pirater","tag-cyber-actualites","tag-cyber-attaques","tag-cyber-mises-a-jour","tag-expose","tag-faille","tag-informations","tag-lactualite-de-la-cybersecurite","tag-lactualite-de-la-cybersecurite-aujourdhui","tag-lactualite-des-hackers","tag-la-securite-des-informations","tag-lastpass","tag-logiciel-malveillant-de-ransomware","tag-mises-a-jour-de-la-cybersecurite","tag-nouvelles-de-piratage","tag-nouvelles-de-pirates","tag-securite","tag-securite-informatique","tag-securite-internet","tag-subit","tag-une","tag-violation-de-donnees","tag-vulnerabilite-logicielle"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/491531","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=491531"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/491531\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/491532"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=491531"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=491531"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=491531"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}