==============================================================================================================================================
Cette semaine, il y a des sujets plus qu'intéressants.
- Un article qui démontre l'insensibilité à la sécurité de certains de nos "jeunes". Les "vieux" seraient au final mieux armés pour détecter les mails frauduleux. C'est probablement le fait que les "vieux" ont de l'expérience et sont plus méfiants vis-a-vis de la technologie.
- Un autre article traite de solutions simples et pas chères pour contourner un système de reconnaissance faciale
- Un sujet intéressant sur l'utilisation dans les devs de vieux SDK qui appellent des ressources sur des noms de domaines abandonnés. Mais le hic, c'est quand ces noms de domaines sont repris par des personnes aux intentions malveillantes.
- L'intelligence artificielle qui continue à faire peur, à juste titre à mon avis.
Et plein d'autres informations
Bonne lecture
Tristan
==============================================================================================================================================
A LIRE SECURITE
---------------
Five Ways That Good Guys Share More Than Bad Guys
https://taosecurity.blogspot.fr/2016/10/five-ways-that-good-guys-share-more.htmlKids today are so stupid they fall for security scams more often than greybeards
https://news.hitb.org/content/kids-today-are-so-stupid-they-fall-security-scams-more-often-greybeardshttp://www.theregister.co.uk/2016/10/20/millennials_easier_bait_for_tech_support_scams_than_baby_boomers/Facial recognition still can’t beat a 22 cent pair of sunglasses
https://news.hitb.org/content/facial-recognition-still-can’t-beat-22-cent-pair-sunglasseshttp://thenextweb.com/artificial-intelligence/2016/11/02/facial-recognition-still-cant-beat-a-22-cent-pair-of-sunglasses/Pourquoi les attaques DDoS prennent une ampleur inégalée
http://www.01net.com/actualites/pourquoi-les-attaques-ddos-prennent-une-ampleur-inegalee-1044130.htmlExpired domains present an opportunity for malicious activity [On n'y pense pas toujours aux vieux SDK qui pointent vers des domaines abandonnés réutilisés par des personnes malveillantes]
https://news.hitb.org/content/expired-domains-present-opportunity-malicious-activityhttp://searchsecurity.techtarget.com/news/450400703/Expired-domains-present-an-opportunity-for-malicious-activityRansomware Raises The Bar Again
https://news.hitb.org/content/ransomware-raises-bar-againhttp://www.darkreading.com/attacks-breaches/ransomware-raises-the-bar-again-/d/d-id/1327138?_mc=RSS_DR_EDTLe ransomware a bonne santé
https://www.lexsi.com/securityhub/ransomware-a-bonne-sante/Identifying hackers is harder than you think
https://news.hitb.org/content/identifying-hackers-harder-you-thinkhttp://betanews.com/2016/10/10/hackers-deception/https://securelist.com/analysis/publications/76273/wave-your-false-flags/https://securelist.com/files/2016/10/Bartholomew-GuerreroSaade-VB2016.pdfPour une révision du protocole SAML
http://www.orange-business.com/fr/blogs/securite/securite-applicative/pour-une-revision-du-protocole-samlBYPASSING ASLR IN 60 MILLISECONDS
https://threatpost.com/bypassing-aslr-in-60-milliseconds/121412/Researchers build undetectable rootkit for programmable logic controllers
https://news.hitb.org/content/researchers-build-undetectable-rootkit-programmable-logic-controllershttp://www.networkworld.com/article/3137420/security/researchers-build-undetectable-rootkit-for-programmable-logic-controllers.html#tk.rss_allDOSSIERS
--------
Yahoo’s CISO resigned in 2015 over secret e-mail search tool ordered by feds
http://news.hitb.org/content/yahoo’s-ciso-resigned-2015-over-secret-e-mail-search-tool-ordered-fedshttp://arstechnica.com/tech-policy/2016/10/report-fbi-andor-nsa-ordered-yahoo-to-build-secret-e-mail-search-tool/=> Neither the NSA nor the FBI have responded to Ars' request for comment.
NSA Director Not Opposed To Splitting Cyber Command From Agency
https://news.hitb.org/content/nsa-director-not-opposed-splitting-cyber-command-agencyhttp://www.darkreading.com/threat-intelligence/nsa-director-not-opposed-to-splitting-cyber-command-from-agency/d/d-id/1327120?_mc=RSS_DR_EDTNSA spy details how to tap into webcam on Mac without user noticing
https://news.hitb.org/content/nsa-spy-details-how-tap-webcam-mac-without-user-noticinghttp://www.pcauthority.com.au/News/439082,nsa-spy-details-how-to-tap-into-webcam-on-mac-without-user-noticing.aspxGOOGLE HANDLES RECORD NUMBER OF GOVERNMENT REQUESTS FOR DATA
https://threatpost.com/google-handles-record-number-of-government-requests-for-data/121284/Shadow Brokers Releases Second Trove of Spying Tools
https://news.hitb.org/content/shadow-brokers-releases-second-trove-spying-toolshttp://www.pcmag.com/news/349227/shadow-brokers-releases-second-trove-of-spying-toolsINSOLITE
--------
Nantes: Une journée pour inventer des services stupides et inutiles
http://www.20minutes.fr/nantes/1950947-20161028-nantes-journee-inventer-services-stupides-inutilesINTELLIGENCE ARTIFICIELLE
-------------------------
Cinq géants de la high tech s’allient pour définir et encadrer l’intelligence artificielle
http://www.01net.com/actualites/cinq-geants-de-la-high-tech-s-allient-pour-definir-et-encadrer-l-intelligence-artificielle-1042482.htmlUN PETIT GESTE POUR LA PLANETE
------------------------------
Delete unused Android apps now, or risk a security nightmare
https://news.hitb.org/content/delete-unused-android-apps-now-or-risk-security-nightmarehttp://www.techrepublic.com/article/delete-unused-android-apps-now-or-risk-a-security-nightmare/Linux Foundation appoints two more women to its board of directors
https://news.hitb.org/content/linux-foundation-appoints-two-more-women-its-board-directorshttp://www.zdnet.com/article/linux-foundation-appoints-two-more-women-to-its-board-of-directors/FACEBOOK AND SOCIAL NETWORKS
----------------------------
FACEBOOK BUG BOUNTY PROGRAM PAYS OUT $5 MILLION IN FIVE YEARS
https://threatpost.com/facebook-bug-bounty-program-pays-out-5-million-in-five-years/121278/Twitter seeks a sale decision by October 27th
https://news.hitb.org/content/twitter-seeks-sale-decision-october-27thhttps://www.engadget.com/2016/10/05/twitter-seeks-sale-decision-by-october-27th/A BOOKMARKER
------------
SALONS / CONFERENCES / EVENEMENTS
---------------------------------
Retour sur les Assises de la sécurité 2016 : la réponse de l'ANSSI aux enjeux nationaux
http://www.orange-business.com/fr/blogs/securite/actualites/retour-sur-les-assises-de-la-securite-2016-la-reponse-de-l-anssi-aux-enjeux-nationauxPRODUITS
--------
Orosound, le casque intra-auriculaire qui vous fera oublier l'enfer de l'open space
http://www.01net.com/actualites/orosound-le-casque-intra-auriculaire-qui-vous-fera-oublier-l-enfer-de-l-open-space-1049261.htmlCe moniteur portable 24 pouces à emporter partout s’ouvre comme un parapluie
http://www.01net.com/actualites/ce-moniteur-portable-24-pouces-a-emporter-partout-s-ouvre-comme-un-parapluie-1055239.htmlBON A SAVOIR
------------
FREE SSL PROVIDERS SPARK UNPRECEDENTED GROWTH IN ENCRYPTED TRAFFIC
https://threatpost.com/free-ssl-providers-spark-unprecedented-growth-in-encrypted-traffic/121336/Une carte interactive pour savoir où sont les antennes mobiles près de chez vous
http://www.01net.com/actualites/une-carte-interactive-pour-savoir-ou-sont-les-antennes-mobiles-pres-de-chez-vous-1044092.htmlhttp://www.anfr.fr/gestion-des-frequences-sites/lobservatoire-en-carte/La France à la traîne de l’Europe en matière de débit
http://www.01net.com/actualites/la-france-a-la-traine-de-l-europe-en-matiere-de-debit-1042883.htmlhttps://www.akamai.com/fr/fr/our-thinking/state-of-the-internet-report/global-state-of-the-internet-connectivity-reports.jspSix nouveaux services alternatifs pour «dégoogliser» Internet
http://www.01net.com/actualites/six-nouveaux-services-alternatifs-pour-degoogliser-internet-1044239.htmlGoogle, première marque de système d'exploitation ?
http://www.les-infostrateges.com/actu/16092252/google-premiere-marque-de-systeme-d-exploitationSamsung Galaxy Note 7 : et si les batteries n’avaient rien à voir avec tout ça ?
http://www.01net.com/actualites/samsung-galaxy-note-7-et-si-les-batteries-n-avaient-rien-a-voir-avec-tout-ca-1047098.htmlExclu : Samsung France annonce aux clients la désactivation à distance des Galaxy Note 7 [Info ou Intox ? Ca fait 2 fois que je vois la nouvelle]
http://www.01net.com/actualites/exclu-samsung-france-annonce-aux-clients-la-desactivation-a-distance-des-galaxy-note-7-1049815.htmlMITRE will give you $50,000 to 'fingerprint' rogue, dangerous IoT devices
https://news.hitb.org/content/mitre-will-give-you-50000-fingerprint-rogue-dangerous-iot-devicesNetflix reminds password re-users to run a reset
https://news.hitb.org/content/netflix-reminds-password-re-users-run-resetSCIENCES
--------
HIV researchers edge closer to a cure
http://news.hitb.org/content/hiv-researchers-edge-closer-curehttps://www.engadget.com/2016/10/02/hiv-cure-testing/Infiniment petit : le plus petit transistor du monde mesure 1 milliardième de mètre !
http://www.01net.com/actualites/infiniment-petit-le-plus-petit-transistor-du-monde-mesure-1-milliardieme-de-metre-1046720.htmlCONSOMMATION
------------
RACHAT / UNION
--------------
Samsung buys AI startup created by Siri co-cofounders
https://news.hitb.org/content/samsung-buys-ai-startup-created-siri-co-cofoundersDROIT
-----
AFCDP : 11ème université des Cil le 25 janvier prochain
http://www.les-infostrateges.com/actu/16102269/afcdp-11eme-universite-des-cil-le-25-janvier-prochainLa loi pour une République numérique adoptée définitivement
http://www.les-infostrateges.com/actu/16092254/la-loi-pour-une-republique-numerique-adoptee-definitivementCommerce, commerce électronique et Cnil : mise à jour de la norme simplifiée n°48
http://www.les-infostrateges.com/actu/16102255/commerce-commerce-electronique-et-cnil-mise-a-jour-de-la-norme-simplifiee-n48Géolocalisation des véhicules et cybersuveillance abusive des salariés
http://www.les-infostrateges.com/actu/16112271/geolocalisation-des-vehicules-et-cybersuveillance-abusive-des-salariesMARCHE DE L'INFORMATIQUE ET DES TELECOMS (MAIS PAS QUE)
-------------------------------------------------------
CARRIERE
--------
Experts en cybersécurité : comment trouver la perle ?
http://www.orange-business.com/fr/blogs/securite/actualites/experts-en-cybersecurite-comment-trouver-la-perle-
5 applications pour trouver un job sur iPhone et Android
http://www.01net.com/astuces/5-applications-pour-trouver-un-job-sur-iphone-et-android-1055321.htmlMICROSOFT
---------
Windows Server 2016 could rattle the competition
http://news.hitb.org/content/windows-server-2016-could-rattle-competitionhttp://arstechnica.com/information-technology/2016/10/hands-on-with-windows-server-2016-the-os-with-its-foot-in-everything/Windows 10, on pourra bientôt enfin désinstaller les applications inutiles de Microsoft
http://www.01net.com/actualites/windows-10-on-pourra-bientot-enfin-desinstaller-les-applications-inutiles-de-microsoft-1045435.htmlGet to know the security features in the Edge browser
https://news.hitb.org/content/get-know-security-features-edge-browserhttps://www.cnet.com/uk/how-to/get-to-know-the-security-features-in-edge/It came from Redmond: Windows Server 2016 could rattle the competition
http://arstechnica.com/information-technology/2016/10/hands-on-with-windows-server-2016-the-os-with-its-foot-in-everything/GOOGLE
------
En décembre, Chrome consommera moins de mémoire
http://www.01net.com/actualites/en-decembre-chrome-consommera-moins-de-memoire-1046434.htmlGOOGLE TO MAKE CERTIFICATE TRANSPARENCY MANDATORY BY 2017
https://threatpost.com/google-to-make-certificate-transparency-mandatory-by-2017/121651/GOOGLE TO DISTRUST WOSIGN, STARTCOM CERTS IN 2017
https://threatpost.com/google-to-distrust-wosign-startcom-certs-in-2017/121709/APPLE / IPHONE
--------------
PALM / PRE
----------
FREE
----
GEEK POWER
----------
LIBRE / OPEN SOURCE
-------------------
Firefox : découvrez ses trois nouvelles fonctions expérimentales à essayer d’urgence…
http://www.01net.com/actualites/firefox-propose-trois-nouvelles-fonctions-experimentales-a-essayer-d-urgence-1048537.htmlVers une version de Firefox encore plus puissante en 2017
http://www.01net.com/actualites/bientot-un-moteur-de-rendu-de-nouvelle-generation-dans-firefox-1053359.htmlMicrosoft open-sources P language for IoT
https://news.hitb.org/content/microsoft-open-sources-p-language-iotATTAQUES, PHISHING, PIRATAGE, VERS, VIRUS, ETC....
--------------------------------------------------
Nuke plant has been hacked, says Atomic Energy Agency director
https://news.hitb.org/content/nuke-plant-has-been-hacked-says-atomic-energy-agency-directorhttp://www.theregister.co.uk/2016/10/11/nuke_plant_has_been_hacked_says_atomic_energy_agency_director/Piratage informatique chez IKEA : fuite possible ?
http://www.zataz.com/piratage-informatique-fuite-donnees/#ixzz4MQWYY7kJAmazon reset user passwords to protect accounts
https://news.hitb.org/content/amazon-reset-user-passwords-protect-accountshttp://tamebay.com/2016/10/amazon-reset-user-passwords-to-protect-accounts.htmlVENDETTA BROTHERS CYBER CROOKS ADOPT REAL WORLD TACTICS
https://threatpost.com/vendetta-brothers-cyber-crooks-adopt-real-world-tactics/120955/DYN DDOS WORK OF SCRIPT KIDDIES, NOT POLITICALLY MOTIVATED HACKERS
https://threatpost.com/dyn-ddos-work-of-script-kiddies-not-politically-motivated-hackers/121537/Icarus, le hacker qui permet de pirater un drone
http://www.zataz.com/icarus-drone-hacker/#MK4R2wbs1wmMXPrB.99SUNDOWN EXPLOIT KIT ‘LARGER THREAT THAN PEOPLE REALIZE’
https://threatpost.com/sundown-exploit-kit-larger-threat-than-people-realize/121718/Three hospitals in England cancel operations over computer virus
https://news.hitb.org/content/three-hospitals-england-cancel-operations-over-computer-virushttp://www.reuters.com/article/britain-cyber-hospitals-idUSL8N1D268W?rpc=401FAILLES
-------
ADOBE FIXES 81 VULNERABILITIES IN ACROBAT, READER, FLASH
https://threatpost.com/adobe-fixes-81-vulnerabilities-in-acrobat-reader-flash/121206/GOOGLE PLUGS 21 SECURITY HOLES IN CHROME
https://threatpost.com/google-plugs-21-security-holes-in-chrome/121289/JPEG 2000 – Researchers find security hole in image codec
http://news.hitb.org/content/jpeg-2000-–-researchers-find-security-hole-image-codechttp://www.theregister.co.uk/2016/10/04/jpeg_2000_security_hole/Recevoir une image JPEG suffit parfois pour se faire pirater
http://www.01net.com/actualites/recevoir-une-image-jpeg-suffit-parfois-pour-se-faire-pirater-1045102.htmlVULNERABILITIES IN INSULIN PUMPS CAN LEAD TO OVERDOSE
https://threatpost.com/vulnerabilities-in-insulin-pumps-can-lead-to-overdose/121064/CISCO WARNS OF CRITICAL FLAWS IN NEXUS SWITCHES
https://threatpost.com/cisco-warns-of-critical-flaws-in-nexus-switches/121164/PowerShell's admin-lite scheme is an open door
https://news.hitb.org/content/powershells-admin-lite-scheme-open-doorhttp://www.theregister.co.uk/2016/10/10/security_bod_to_microsoft_your_powershell_jea_feature_isnt_a_barrier_its_an_open_door/Android : une vieille faille Linux permet de rooter tous les smartphones
http://www.01net.com/actualites/android-une-vieille-faille-linux-permet-de-rooter-tous-les-smartphones-1051930.htmlCisco patches critical authentication flaw in conferencing servers
https://news.hitb.org/content/cisco-patches-critical-authentication-flaw-conferencing-serversComment le Wi-Fi des opérateurs mobiles permet de pister les abonnés
http://www.01net.com/actualites/comment-le-wi-fi-des-operateurs-mobiles-permet-de-pister-les-abonnes-1055430.htmlOUTLOOK WEB ACCESS TWO-FACTOR AUTHENTICATION BYPASS EXISTS
https://threatpost.com/outlook-web-access-two-factor-authentication-bypass-exists/121777/OUTILS
------
Beat the bad guys at their own game with SafeBreach’s simulated cyberattacks
https://news.hitb.org/content/beat-bad-guys-their-own-game-safebreach’s-simulated-cyberattackshttp://www.networkworld.com/article/3135724/security/beat-the-bad-guys-at-their-own-game-with-safebreach-s-simulated-cyberattacks.html#tk.rss_allhttps://safebreach.comLa messagerie Caramail revient en force avec des emails chiffrés de bout en bout
http://www.01net.com/actualites/la-messagerie-caramail-revient-en-force-avec-des-emails-chiffres-de-bout-en-bout-1044279.htmlFive EFF Tools to Help You Protect Yourself Online
http://news.hitb.org/content/five-eff-tools-help-you-protect-yourself-onlinehttps://www.eff.org/deeplinks/2016/09/five-eff-tools-help-you-protect-yourself-onlineFACEBOOK DEBUTS OPEN SOURCE DETECTION TOOL FOR WINDOWS
https://threatpost.com/facebook-debuts-open-source-detection-tool-for-windows/120897/https://osquery.ioFREE TOOL PROTECTS MAC USERS FROM WEBCAM SURVEILLANCE
https://threatpost.com/free-tool-protects-mac-users-from-webcam-surveillance/121154/https://objective-see.com/products/oversight.htmlMeet Apache Spot, a new open source project for cybersecurity
https://news.hitb.org/content/meet-apache-spot-new-open-source-project-cybersecurityDISAPPEARING MESSAGES ADDED TO SIGNAL APP
https://threatpost.com/disappearing-messages-added-to-signal-app/121237/NEW GOOGLE TOOLS HELP DEVS IMPROVE CONTENT SECURITY POLICY PROTECTION
https://threatpost.com/new-google-tools-help-devs-improve-content-security-policy-protection/120894/Mooltipass Mini, le gestionnaire de mots de passe qui tient dans la poche
http://www.01net.com/actualites/mooltipass-mini-le-gestionnaire-de-mots-de-passe-qui-tient-dans-la-poche-1052939.htmlLastPass Becomes Free On Mobile, Eliminates Last Excuse For Not Using A Password Manager
https://news.hitb.org/content/lastpass-becomes-free-mobile-eliminates-last-excuse-not-using-password-managerMicrosoft’s IFTTT-like Flow is now out of beta
https://news.hitb.org/content/microsoft’s-ifttt-flow-now-out-betahttp://arstechnica.com/information-technology/2016/11/microsofts-ifttt-like-flow-is-now-out-of-beta/https://flow.microsoft.com/en-us/------------
01net. Actualités ||
http://feediz.01net.com/synd/2203.xml01net. Les actualites Entreprise ||
http://feediz.01net.com/synd/2205.xmlA Day in the Life of an Information Security Investigator ||
http://rss.ittoolbox.com/rss/security-investigator.xmlActualités intrusion/hacking ||
http://feeds.feedburner.com/idg_fr/rt2/intrusion-hacking/rssActualités Open Source ||
http://feeds.feedburner.com/idg_fr/rt2/open-source/rssActualités satellite ||
http://feeds.feedburner.com/idg_fr/rt2/satellite/rssBlack Hat Announcements ||
https://www.blackhat.com/BlackHatRSS.xmlCiscomag ||
http://feeds.feedburner.com/ciscomagFinjan MCRC Blog: Posts ||
http://www.finjan.com/MCRCblog_RSS_feed.aspxHack In The Box ||
http://www.hackinthebox.org/backend.phpInfosecurity Magazine ||
http://www.infosecurity-magazine.com/RSS/LiveFeed.xmlLatest Security Advisories ||
http://www.microsoft.com/technet/security/advisory/RssFeed.aspx?securityadvisoryLe blog des experts ||
http://expert.01net.com/expert/feed/rss2Ma petite parcelle d'Internet... ||
http://sid.rstack.org/blog/rss.phpMcAfee Avert Labs ||
http://feeds.feedburner.com/McafeeAvertLabsBlogMicrosoft Security Bulletins ||
http://www.microsoft.com/technet/security/bulletin/secrss.aspxOSVDB Most Recent Stable Entries ||
http://osvdb.org/backend/rss.phpSeb's guide ||
http://www.smtechnologie.com/backend.phpSecuriTeam.com ||
http://www.securiteam.com/securiteam.rssSecurityFocus News ||
http://www.securityfocus.com/rss/news.xmlSecurityFocus Vulnerabilities ||
http://www.securityfocus.com/rss/vulnerabilities.xmlSecurityTracker Vulnerability Headlines ||
http://news.securitytracker.com/server/affiliate?61D319BD39309004silicon.com : ||
http://feeds.silicon.com/0,39025093,40000024,00.htmTaoSecurity ||
http://taosecurity.blogspot.com/atom.xmlTechNet Magazine RSS Feed ||
http://www.microsoft.com/technet/technetmag/rss/newrss.aspx?issue=trueToute l'actualité sécurité informatique ||
http://feeds.vulnerabilite.com/vuln-actuToutes les actualités ||
http://www.reseaux-telecoms.net/rss/rss.xmlZATAZ News ||
http://feeds.feedburner.com/ZatazNews(ISC)2 Blog ||
http://feeds.feedburner.com/isc2BlogFollowing The white Rabbit Blog ||
http://feeds.feedburner.com/RafalLosSécurité des réseaux et des Si - Orange Business Services ||
http://blogs.orange-business.com/securite/atom.xmlLes-infostrateges.com : flux général ||
http://www.les-infostrateges.com/rss/cat/?num=1moxie's blog |
http://blog.thoughtcrime.org/rss.xml
/https%3A%2F%2Fassets.over-blog.com%2Ft%2Fcedistic%2Fcamera.png)
/image%2F0999431%2F20171231%2Fob_01a7bc_dsys3jsueaawem3.jpg)
/image%2F0999431%2F20170101%2Fob_6af365_c1affncxaaa9biq.jpg)