{"id":583651,"date":"2023-01-31T01:52:23","date_gmt":"2023-01-31T03:52:23","guid":{"rendered":"https:\/\/teknomers.com\/fr\/github-breach-des-pirates-ont-vole-des-certificats-de-signature-de-code-pour-github-desktop-et-atom\/"},"modified":"2023-01-31T01:52:25","modified_gmt":"2023-01-31T03:52:25","slug":"github-breach-des-pirates-ont-vole-des-certificats-de-signature-de-code-pour-github-desktop-et-atom","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/github-breach-des-pirates-ont-vole-des-certificats-de-signature-de-code-pour-github-desktop-et-atom\/","title":{"rendered":"GitHub Breach\u00a0: des pirates ont vol\u00e9 des certificats de signature de code pour GitHub Desktop et Atom"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div>\n<p><span class=\"p-author\"><i class=\"icon-font icon-calendar\">\ue802<\/i><span class=\"author\">31 janvier 2023<\/span><i class=\"icon-font icon-user\">\ue804<\/i><span class=\"author\">Ravie Lakshmanan<\/span><\/span><span class=\"p-tags\">Incident de s\u00e9curit\u00e9 \/ Chiffrement<\/span><\/p>\n<\/div>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><\/div>\n<p>GitHub a r\u00e9v\u00e9l\u00e9 lundi que des pirates inconnus avaient r\u00e9ussi \u00e0 exfiltrer des certificats de signature de code crypt\u00e9s appartenant \u00e0 certaines versions des applications GitHub Desktop pour Mac et Atom.<\/p>\n<p>En cons\u00e9quence, la soci\u00e9t\u00e9 est <a rel=\"nofollow noopener\" href=\"https:\/\/github.blog\/2023-01-30-action-needed-for-github-desktop-and-atom-users\/\" target=\"_blank\">faire le pas<\/a> de r\u00e9voquer les certificats expos\u00e9s par exc\u00e8s de prudence.  Les versions suivantes de GitHub Desktop pour Mac ont \u00e9t\u00e9 invalid\u00e9es\u00a0: 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.1.0, 3.1.1 et 3.1 .2.<\/p>\n<p>Les versions 1.63.0 et 1.63.1 de 1.63.0 d&#8217;Atom devraient \u00e9galement cesser de fonctionner \u00e0 compter du 2 f\u00e9vrier 2023, obligeant les utilisateurs \u00e0 r\u00e9trograder vers une <a rel=\"nofollow noopener\" href=\"https:\/\/github.com\/atom\/atom\/releases\/tag\/v1.60.0\" target=\"_blank\">la version pr\u00e9c\u00e9dente<\/a> (1.60.0) d&#8217;Atom.  GitHub Desktop pour Windows n&#8217;est pas affect\u00e9.<\/p>\n<p>La filiale appartenant \u00e0 Microsoft a d\u00e9clar\u00e9 avoir d\u00e9tect\u00e9 un acc\u00e8s non autoris\u00e9 \u00e0 un ensemble de r\u00e9f\u00e9rentiels obsol\u00e8tes utilis\u00e9s dans la planification et le d\u00e9veloppement de GitHub Desktop et Atom le 7 d\u00e9cembre 2022.<\/p>\n<p>Les r\u00e9f\u00e9rentiels auraient \u00e9t\u00e9 clon\u00e9s la veille par un jeton d&#8217;acc\u00e8s personnel compromis (<a rel=\"nofollow noopener\" href=\"https:\/\/docs.github.com\/en\/authentication\/keeping-your-account-and-data-secure\/creating-a-personal-access-token\" target=\"_blank\">TAPOTER<\/a>) associ\u00e9 \u00e0 un compte machine.  Aucun des r\u00e9f\u00e9rentiels ne contenait de donn\u00e9es client et les informations d&#8217;identification compromises ont depuis \u00e9t\u00e9 r\u00e9voqu\u00e9es.  GitHub n&#8217;a pas r\u00e9v\u00e9l\u00e9 comment le jeton a \u00e9t\u00e9 pirat\u00e9.<\/p>\n<p>&#8220;Plusieurs certificats de signature de code chiffr\u00e9s ont \u00e9t\u00e9 stock\u00e9s dans ces r\u00e9f\u00e9rentiels pour \u00eatre utilis\u00e9s via des actions dans nos workflows de publication GitHub Desktop et Atom&#8221;, a d\u00e9clar\u00e9 Alexis Wales de GitHub.  &#8220;Nous n&#8217;avons aucune preuve que l&#8217;auteur de la menace ait pu d\u00e9chiffrer ou utiliser ces certificats.&#8221;<\/p>\n<p>Il convient de souligner qu&#8217;un d\u00e9cryptage r\u00e9ussi des certificats pourrait permettre \u00e0 un adversaire de signer des applications trojanis\u00e9es avec ces certificats et de les faire passer pour provenant de GitHub.<\/p>\n<p>Les trois certificats compromis &#8211; deux certificats de signature de code Digicert utilis\u00e9s pour Windows et un certificat Apple Developer ID &#8211; doivent \u00eatre r\u00e9voqu\u00e9s le 2 f\u00e9vrier 2023.<\/p>\n<p>La plate-forme d&#8217;h\u00e9bergement de code a \u00e9galement d\u00e9clar\u00e9 avoir publi\u00e9 une nouvelle version de l&#8217;application Desktop le 4 janvier 2023, qui est sign\u00e9e avec de nouveaux certificats qui n&#8217;ont pas \u00e9t\u00e9 expos\u00e9s \u00e0 l&#8217;acteur de la menace.  Il a en outre soulign\u00e9 qu&#8217;aucune modification non autoris\u00e9e n&#8217;avait \u00e9t\u00e9 apport\u00e9e au code dans ces r\u00e9f\u00e9rentiels.<\/p>\n<p><\/p>\n<div class=\"cf note-b\">Vous avez trouv\u00e9 cet article int\u00e9ressant ?  Suivez-nous sur <a rel=\"nofollow noopener\" href=\"https:\/\/twitter.com\/thehackersnews\" target=\"_blank\">Twitter <i class=\"icon-font icon-twitter\">\uf099<\/i><\/a>  et <a rel=\"nofollow noopener\" href=\"https:\/\/www.linkedin.com\/company\/thehackernews\/\" target=\"_blank\">LinkedIn<\/a> pour lire plus de contenu exclusif que nous publions.<\/div>\n<\/div>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\n<br \/><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2023\/01\/github-breach-hackers-stole-code.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\ue80231 janvier 2023\ue804Ravie LakshmananIncident de s\u00e9curit\u00e9 \/ Chiffrement GitHub a r\u00e9v\u00e9l\u00e9 lundi que des pirates inconnus avaient r\u00e9ussi \u00e0 exfiltrer des certificats de signature de code crypt\u00e9s appartenant \u00e0 certaines versions des applications GitHub Desktop pour Mac et Atom. En cons\u00e9quence, la soci\u00e9t\u00e9 est faire le pas de r\u00e9voquer les certificats expos\u00e9s par exc\u00e8s de [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":583652,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[142530,44969,19654,5597,4168,4158,4165,4161,133,142529,50438,4157,4159,4171,4170,4167,4160,4163,4162,249,4394,185,4172,4169,1546,4166,1661,4164],"class_list":["post-583651","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-atom","tag-breach","tag-certificats","tag-code","tag-comment-pirater","tag-cyber-actualites","tag-cyber-attaques","tag-cyber-mises-a-jour","tag-des","tag-desktop","tag-github","tag-lactualite-de-la-cybersecurite","tag-lactualite-de-la-cybersecurite-aujourdhui","tag-lactualite-des-hackers","tag-la-securite-des-informations","tag-logiciel-malveillant-de-ransomware","tag-mises-a-jour-de-la-cybersecurite","tag-nouvelles-de-piratage","tag-nouvelles-de-pirates","tag-ont","tag-pirates","tag-pour","tag-securite-informatique","tag-securite-internet","tag-signature","tag-violation-de-donnees","tag-vole","tag-vulnerabilite-logicielle"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/583651","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=583651"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/583651\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/583652"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=583651"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=583651"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=583651"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}