Overblog Suivre ce blog
Editer l'article Administration Créer mon blog
3 octobre 2016 1 03 /10 /octobre /2016 21:39

==============================================================================================================================================

Toujours pas de commentaires, pas le temps.....

Bonne lecture
Tristan

==============================================================================================================================================


A LIRE SECURITE
---------------

The power of protocol analyzers [Un petit Tuto Wireshark, toujours intéressant à avoir sous la main]
http://news.hitb.org/content/power-protocol-analyzers
http://arstechnica.com/information-technology/2016/09/the-power-of-protocol-analyzers/

Data hoarding site LeakedSource could make hacking easier [Pour ou contre le full disclosure ?? ;-)) Ca rappelle des souvenirs, mais ici l'analyse est assez bien faite]
http://news.hitb.org/content/data-hoarding-site-leakedsource-could-make-hacking-easier
http://www.computerworld.com/article/3122394/security/data-hoarding-site-leakedsource-could-make-hacking-easier.html

RESEARCHER PROVES VIABILITY OF NAND MIRRORING TO BYPASS IPHONE PASSCODE RESTRICTIONS
https://threatpost.com/researcher-proves-viability-of-nand-mirroring-to-bypass-iphone-passcode-restrictions/120648/

Building a Security Culture
http://www.tripwire.com/state-of-security/risk-based-security-for-executives/connecting-security-to-the-business/building-a-security-culture/

Why do we ignore up to 90% of computer security alerts? Because we’re terrible at multi-tasking…
http://www.tripwire.com/state-of-security/featured/security-alerts-multitasking/

UNSECURED DNSSEC EASILY WEAPONIZED, RESEARCHERS WARN
https://threatpost.com/unsecured-dnssec-easily-weaponized-researchers-warn/119969/

MICROSOFT MISTAKENLY LEAKS SECURE BOOT KEY
https://threatpost.com/microsoft-mistakenly-leaks-secure-boot-key/119828/

Le chiffrement quantique, nouvel eldorado de la sécurité
http://www.01net.com/actualites/le-chiffrement-quantique-nouvel-eldorado-de-la-securite-1027383.html

Security Think Tank: Malware infection is inevitable, so be prepared
http://news.hitb.org/content/security-think-tank-malware-infection-inevitable-so-be-prepared
http://www.computerweekly.com/opinion/Security-Think-Tank-Malware-infection-is-inevitable-so-be-prepared

Hackers can steal data from 3D printers using just a smartphone
http://news.hitb.org/content/hackers-can-steal-data-3d-printers-using-just-smartphone
http://www.digitaltrends.com/cool-tech/3d-printer-hack-smartphone/

GENERIC OS X MALWARE DETECTION METHOD EXPLAINED
https://threatpost.com/generic-os-x-malware-detection-method-explained/120503/

DHS ANNOUNCES INTENT TO DRAFT IOT SECURITY FRAMEWORK
https://threatpost.com/dhs-announces-intent-to-draft-iot-security-framework/120799/

UK online financial crime up 53% in 2016
http://news.hitb.org/content/uk-online-financial-crime-53-2016
http://tamebay.com/2016/09/uk-online-financial-crime-up-53-in-2015.html

That’s why the Take Five campaign is asking consumers to help protect themselves from financial fraud by remembering some simple advice:
1) Never disclose security details, such as your PIN or full password – it’s never right to reveal these details
2) Don’t assume an email request or caller is genuine – people aren’t always who they say they are
3) Don’t be rushed – a bank or genuine organisation won’t mind waiting to give you time to stop and think
4) Listen to your instincts – if something feels wrong then it is usually right to pause and question it
5) Stay in control – have the confidence to refuse unusual requests for information

DOSSIERS
--------

Le hack de la NSA met l'Internet en danger
http://www.01net.com/actualites/le-hack-de-la-nsa-met-l-internet-en-danger-1027339.html
http://hightech.bfmtv.com/securite/pourquoi-le-piratage-de-la-nsa-met-tous-les-internautes-en-danger-1027250.html

La NSA a pu déchiffrer les données secrètes d'entreprises pendant des années
http://www.01net.com/actualites/la-nsa-a-pu-dechiffrer-les-donnees-secretes-d-entreprises-pendant-des-annees-1027725.html

NSA zero days and encryption backdoors need clear disclosure policies
http://news.hitb.org/content/nsa-zero-days-and-encryption-backdoors-need-clear-disclosure-policies
http://www.networkworld.com/article/3109137/security/nsa-zero-days-and-encryption-backdoors-need-clear-disclosure-policies.html#tk.rss_security

Experts have two theories for how top secret NSA data was stolen — and both are equally disturbing
http://news.hitb.org/content/experts-have-two-theories-how-top-secret-nsa-data-was-stolen-—-and-both-are-equally
http://www.businessinsider.my/nsa-hacking-theories-2016-8/?r=US&IR=T#8gqwCV5lBq0R88tf.97


INSOLITE
--------

Woman brilliantly fools a phone scammer
http://www.cnet.com/news/woman-brilliantly-fools-a-phone-scammer/

UN PETIT GESTE POUR LA PLANETE
------------------------------

Microsoft's researchers want to 'solve' cancer within 10 years
http://news.hitb.org/content/microsofts-researchers-want-solve-cancer-within-10-years
http://www.neowin.net/news/microsofts-researchers-want-to-solve-cancer-within-10-years

FACEBOOK AND SOCIAL NETWORKS
----------------------------


A BOOKMARKER
------------

BANQUES
-------

HSBC uses facial recognition so customers can open new bank accounts with a selfie
http://news.hitb.org/content/hsbc-uses-facial-recognition-so-customers-can-open-new-bank-accounts-selfie
http://betanews.com/2016/09/05/hsbc-selfie-facial-recognition/

SALONS / CONFERENCES / EVENEMENTS
---------------------------------


PRODUITS
--------

HP lance les premiers PC portables avec écran "anti-regards", je veux ça, c'est avec activation à la demande
http://www.01net.com/actualites/hp-lance-les-premiers-pc-portables-avec-ecran-anti-regards-1029548.html

Ce boitier transforme n'importe quelle télé en système de visioconférence
http://www.01net.com/actualites/ce-boitier-transforme-n-importe-quelle-tele-en-systeme-de-visioconference-1034089.html

BON A SAVOIR
------------

Americans want passwords, not biometrics, survey finds
http://news.hitb.org/content/americans-want-passwords-not-biometrics-survey-finds
http://www.networkworld.com/article/3109245/security/americans-want-passwords-not-biometrics-survey-finds.html#tk.rss_security

Interestingly, new advice from some experts now suggests that changing passwords frequently might not be such a good idea: The more you change a password, the more likely you are to be lazy about it and choose something easy to crack, researchers from the Carleton University in Ottawa, Canada, say in their paper (PDF). http://people.scs.carleton.ca/~paulv/papers/expiration-authorcopy.pdf

Applis sur smartphones et données personnelles
http://www.les-infostrateges.com/actu/16082233/applis-sur-smartphones-et-donnees-personnelles

En harmonisant les points d'accès Wi-Fi, on peut faire tripler le débit
http://www.01net.com/actualites/en-harmonisant-les-points-d-acces-wi-fi-on-peut-faire-tripler-le-debit-1029576.html

Comment surveiller et analyser l’e-réputation de ses marques : quelques bonnes pratiques
http://www.les-infostrateges.com/actu/16092242/comment-surveiller-et-analyser-le-reputation-de-ses-marques-quelques-bonnes-pratiques
http://digimind.com/blog/fr/social-marketing-fr/surveiller-analyser-reputation-de-vos-marques-20-bonnes-pratiques-part-1/

Employees download new malware every four seconds
http://news.hitb.org/content/employees-download-new-malware-every-four-seconds
http://www.itproportal.com/news/employees-download-new-malware-every-four-seconds/
https://www.checkpoint.com/downloads/resources/2016-security-report.pdf

Cisco Talos: Spam at levels not seen since 2010
http://news.hitb.org/content/cisco-talos-spam-levels-not-seen-2010
http://www.networkworld.com/article/3123065/security/cisco-talos-spam-at-levels-not-seen-since-2010.html#tk.rss_all
http://blog.talosintel.com/2016/09/the-rising-tides-of-spam.html

IPv4 apocalypse means we just can't measure the internet any more
http://news.hitb.org/content/ipv4-apocalypse-means-we-just-cant-measure-internet-any-more
http://www.theregister.co.uk/2016/09/19/ipv4_hampering_net_metrics/
http://arxiv.org/abs/1606.00360

Une étude révèle les usages vidéos des 6-14 ans
http://www.les-infostrateges.com/actu/16092247/une-etude-revele-les-usages-videos-des-6-14-ans

SCIENCES
--------



CONSOMMATION
------------



RACHAT / UNION
--------------

Cisco ContainerX buy a step toward readying ACI for the cloud
http://searchnetworking.techtarget.com/news/450303604/Cisco-ContainerX-buy-a-step-toward-readying-ACI-for-the-cloud

DROIT
-----

Le Safe Harbor est mort, vive le Privacy Shield !
https://www.lexsi.com/securityhub/safe-harbor-mort-vive-privacy-shield/

Nouvelle application judiciaire du délit d'usurpation d'identité
http://www.les-infostrateges.com/actu/16092240/nouvelle-application-judiciaire-du-delit-d-usurpation-d-identite

Information juridique : les fiches de synthèse de l'Assemblée nationale
http://www.les-infostrateges.com/actu/16092244/information-juridique-les-fiches-de-synthese-de-l-assemblee-nationale
http://www2.assemblee-nationale.fr/decouvrir-l-assemblee/role-et-pouvoirs-de-l-assemblee-nationale#node_2361

Information juridique : l'Assemblée nationale en 8 leçons
http://www.les-infostrateges.com/actu/16092246/information-juridique-l-assemblee-nationale-en-8-lecons

MARCHE DE L'INFORMATIQUE ET DES TELECOMS (MAIS PAS QUE)
-------------------------------------------------------

CARRIERE
--------


MICROSOFT
---------

Windows 10 : le contrôle parental va bloquer automatiquement Chrome et Firefox
http://www.01net.com/actualites/windows-10-le-controle-parental-va-bloquer-automatiquement-chrome-et-firefox-1033795.html

NEW WINDOWS PATCH POLICY AT ODDS WITH ACCEPTABLE RISK
https://threatpost.com/new-windows-patch-policy-at-odds-with-acceptable-risk/120491/

GOOGLE
------

Lancement du nouveau système d'exploitation Android 7.0 Nougat
http://www.les-infostrateges.com/actu/16082237/lancement-du-nouveau-ysteme-d-exploitation-android-70-nougat

APPLE / IPHONE
--------------

macOS 10.12 Sierra: The Ars Technica review
http://news.hitb.org/content/macos-1012-sierra-ars-technica-review
http://arstechnica.com/apple/2016/09/macos-10-12-sierra-the-ars-technica-review/

PALM / PRE
----------

FREE
----

GEEK POWER
----------

LG dévoile des vidéoprojecteurs de poche vraiment malins
http://www.01net.com/actualites/lg-devoile-des-videoprojecteurs-de-poche-vraiment-malins-1027352.html

LIBRE / OPEN SOURCE
-------------------

Linux a 25 ans : la folle histoire d'un logiciel qui a changé le monde
http://www.01net.com/actualites/linux-a-25-ans-la-folle-histoire-d-un-logiciel-qui-a-change-le-monde-1029586.html

Le Firefox multi-processus serait jusqu'à 700 % plus rapide
http://www.01net.com/actualites/le-firefox-multi-processus-serait-jusqu-a-700-percent-plus-rapide-1033680.html

Firefox 49 est là, voici ses principales améliorations
http://www.01net.com/actualites/firefox-49-est-la-voici-ses-principales-ameliorations-1039404.html

ATTAQUES, PHISHING, PIRATAGE, VERS, VIRUS, ETC....
--------------------------------------------------

NEW BRAZILIAN BANKING TROJAN USES WINDOWS POWERSHELL UTILITY
https://threatpost.com/new-brazilian-banking-trojan-uses-windows-powershell-utility/120016/

Researcher uses Apple’s ‘Live Photos’ feature to hack into two mobile banking apps
http://news.hitb.org/content/researcher-uses-apple’s-‘live-photos’-feature-hack-two-mobile-banking-apps
http://bgr.com/2016/08/18/ios-live-photos-hack-facial-recognition/

MAMBA RANSOMWARE ENCRYPTS HARD DRIVES RATHER THAN FILES
https://threatpost.com/mamba-ransomware-encrypts-hard-drives-rather-than-files/120730/

Ce hacker aurait pu pirater (presque) n'importe quel compte Facebook
http://www.01net.com/actualites/ce-hacker-aurait-pu-pirater-presque-n-importe-quel-compte-facebook-1031146.html

Thousands of Australian computer log-ins up for sale on dark web
http://news.hitb.org/content/thousands-australian-computer-log-ins-sale-dark-web

Freemium phishing service makes stealing passwords dead simple
http://news.hitb.org/content/freemium-phishing-service-makes-stealing-passwords-dead-simple
http://thenextweb.com/security/2016/09/06/russian-phishing-service-makes-stealing-passwords-easy-sharing-link/
https://blog.fortinet.com/2016/08/31/fake-game-the-emergence-of-a-phishing-as-a-service-platform
=> hxxp://fakeg.ru/admin/

Une clé USB pirate suffit à voler vos identifiants Windows ou macOS
http://www.01net.com/actualites/une-cle-usb-pirate-suffit-a-voler-vos-identifiants-windows-ou-macos-1034836.html

ATTACK LEVERAGES WINDOWS SAFE MODE
https://threatpost.com/attack-leverages-windows-safe-mode/120622/

FBI ENCOURAGING RANSOMWARE VICTIMS TO REPORT INFECTIONS
https://threatpost.com/fbi-encouraging-ransomware-victims-to-report-infections/120656/

Dark Web drug sales dominated by organised crime
http://news.hitb.org/content/dark-web-drug-sales-dominated-organised-crime
http://www.cbronline.com/news/cybersecurity/business/dark-web-drug-sales-dominated-by-organised-crime-5009316

Malicious Android Apps Due To Increase By 400 Percent In 2016
http://news.hitb.org/content/malicious-android-apps-due-increase-400-percent-2016
http://www.techweekeurope.co.uk/security/malicious-android-apps-increase-by-400-percent-198004
https://www.webroot.com/us/en/business/resources/threat-trends/sept-2016
https://webroot-cms-cdn.s3.amazonaws.com/3714/7388/4216/September-2016_Webroot_Quarterly_Threat_Trends_us.pdf

Some Cisco Customers Are Being Hacked With NSA's Exploit Tools
http://news.hitb.org/content/some-cisco-customers-are-being-hacked-nsas-exploit-tools


FAILLES
-------

Xiaomi, le fabricant chinois, a installé une énorme backdoor dans vos smartphones
http://www.01net.com/actualites/xiaomi-le-fabricant-chinois-a-installe-une-enorme-backdoor-dans-vos-smartphones-1037750.html

ORACLE PATCHES RECORD 276 VULNERABILITIES WITH JULY CRITICAL PATCH UPDATE
https://threatpost.com/oracle-patches-record-276-vulnerabilities-with-july-critical-patch-update/119373/

Le nombre de correctifs dépasse le précédent chiffre le plus haut, 248 patches qui avait eu lieu en Janvier 2016. Il représente également plus du double de vulnérabilités que celles remontées lors du dernier et marques plus que doubler le montant des vulnérabilités traitées par la société dans son dernier Critical Patch Update en Avril. 159 au total, peuvent être exploitées à distance sans authentification. Oracle Fusion Middleware est le logiciel le plus touché avec 35 vulnérabilités sur 40 exploitables à distance affectant le logiciel.
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

DRUPAL PATCHES THREE VULNERABILITIES IN CORE ENGINE
https://threatpost.com/drupal-patches-three-vulnerabilities-in-core-engine/120816/

Une faille dans Tor et Firefox met en danger l'anonymat de l'utilisateur
http://www.01net.com/actualites/une-faille-dans-tor-et-firefox-met-en-danger-l-anonymat-de-l-utilisateur-1038623.html

OUTILS
------

Le navigateur Opera et son VPN gratuit sont enfin accessibles à tous
http://www.01net.com/actualites/le-navigateur-opera-et-son-vpn-gratuit-sont-enfin-accessibles-a-tous-1038979.html


------------

01net. Actualités || http://feediz.01net.com/synd/2203.xml
01net. Les actualites Entreprise || http://feediz.01net.com/synd/2205.xml
A Day in the Life of an Information Security Investigator || http://rss.ittoolbox.com/rss/security-investigator.xml
Actualités intrusion/hacking || http://feeds.feedburner.com/idg_fr/rt2/intrusion-hacking/rss
Actualités Open Source || http://feeds.feedburner.com/idg_fr/rt2/open-source/rss
Actualités satellite || http://feeds.feedburner.com/idg_fr/rt2/satellite/rss
Black Hat Announcements || https://www.blackhat.com/BlackHatRSS.xml
Ciscomag || http://feeds.feedburner.com/ciscomag
Finjan MCRC Blog: Posts || http://www.finjan.com/MCRCblog_RSS_feed.aspx
Hack In The Box || http://www.hackinthebox.org/backend.php
Infosecurity Magazine || http://www.infosecurity-magazine.com/RSS/LiveFeed.xml
Latest Security Advisories || http://www.microsoft.com/technet/security/advisory/RssFeed.aspx?securityadvisory
Le blog des experts || http://expert.01net.com/expert/feed/rss2
Ma petite parcelle d'Internet... || http://sid.rstack.org/blog/rss.php
McAfee Avert Labs || http://feeds.feedburner.com/McafeeAvertLabsBlog
Microsoft Security Bulletins || http://www.microsoft.com/technet/security/bulletin/secrss.aspx
OSVDB Most Recent Stable Entries || http://osvdb.org/backend/rss.php
Seb's guide || http://www.smtechnologie.com/backend.php
SecuriTeam.com || http://www.securiteam.com/securiteam.rss
SecurityFocus News || http://www.securityfocus.com/rss/news.xml
SecurityFocus Vulnerabilities || http://www.securityfocus.com/rss/vulnerabilities.xml
SecurityTracker Vulnerability Headlines || http://news.securitytracker.com/server/affiliate?61D319BD39309004
silicon.com : || http://feeds.silicon.com/0,39025093,40000024,00.htm
TaoSecurity || http://taosecurity.blogspot.com/atom.xml
TechNet Magazine RSS Feed || http://www.microsoft.com/technet/technetmag/rss/newrss.aspx?issue=true
Toute l'actualité sécurité informatique || http://feeds.vulnerabilite.com/vuln-actu
Toutes les actualités || http://www.reseaux-telecoms.net/rss/rss.xml
ZATAZ News || http://feeds.feedburner.com/ZatazNews
(ISC)2 Blog || http://feeds.feedburner.com/isc2Blog
Following The white Rabbit Blog || http://feeds.feedburner.com/RafalLos
Sécurité des réseaux et des Si - Orange Business Services || http://blogs.orange-business.com/securite/atom.xml
Les-infostrateges.com : flux général || http://www.les-infostrateges.com/rss/cat/?num=1
moxie's blog | http://blog.thoughtcrime.org/rss.xml

Partager cet article

Repost 0
Published by pseudonyme
commenter cet article

commentaires

Présentation

  • : Veille
  • Veille
  • : Un petit blog sans prétention (enfin j'espère) sur ce qui retient mon attention en matière de sécurité informatique....mais pas que.
  • Contact

Recherche

Liens