Veille #Cybersécurité du 20/07/2014

Tout ce qu'il ne fallait pas manquer aujourd'hui dans votre veille #Cybersécurité. Bonne lecture !

U.S. Cyber Command Completes Major Cyber Defense Exercise at Fort Meade

http://www.matthewaid.com/post/92076764956

CyberTalk Episode 11: Face à la Cybermenace: La stratégie d'Europol

Michel QUILLE, Directeur adjoint d'EUROPOL, nous parle des enjeux que représente la cybercriminalité pour une institution de coopération internationale telle que la sienne et nous expose ses missions dans le cadre de la lutte contre cette menace en pleine expansion et transfrontalière.Retrouvez-

http://www.youtube.com/watch

Bulletin d'actualité CERTFR-2014-ACT-029

Afin de camoufler ces opérations illégitimes auprès des différents équipements de sécurité réseau, une majorité de ces codes chiffrent leurs communications au moyen de protocoles standards comme le procotole HTTPS.

http://www.cert.ssi.gouv.fr/site/CERTFR-2014-ACT-029/CERTFR-2014-ACT-029.html

Meet Executive Order 12333: The Reagan rule that lets the NSA spy on Americans

John Napier Tye served as section chief for Internet freedom in the State Department’s Bureau of Democracy, Human Rights and Labor from January 2011 to April 2014. He is now a legal director of Avaaz, a global advocacy organization.

http://m.washingtonpost.com/opinions/meet-executive-order-12333-the-reagan-rule-that-lets-the-nsa-spy-on-americans/2014/07/18/93d2ac22-0b93-11e4-b8e5-d0de80767fc2_story.html

Nasdaq Hack Attribution Questioned

Two zero-day vulnerabilities were exploited by the attackers who hacked NASDAQ's systems in October 2010. A senior U.S. legislator claims the hackers had "nation-state" backing.

http://www.bankinfosecurity.co.uk/nasdaq-hack-attribution-questioned-a-7080

Execute Shellcode, Bypassing Anti-Virus…

I am going to demonstrate a little trick to allow you to bypass anti-virus and execute shellcode, this is a publicly known trick that I did not discover.

http://penturalabs.wordpress.com/2014/07/18/execute-shellcode-bypassing-anti-virus/

Critoni Ransomware on sale for $3000 in underground forum, uses Tor Anonymity Network to communicate with its C & C server

http://www.techworm.net/2014/07/critoni-ransomware-on-sale-for-3000-in.html

Some reservations about SpiderOak security.

I am looking for a secure cloud service. One of the options I considered was SpiderOak. However, after reading the following explanation about how the mobile version works, I started to get worried. [..

http://blog.xot.nl/2013/12/08/some-reservations-about-spideroak-security/

Edward Snowden: easy-to-use technologies can subvert surveillance

Edward Snowden, a former US spy agency contractor who leaked details of major US surveillance programs, called on supporters at a hacking conference to spur development of easy-to-use technologies to subvert government surveillance programs around the globe.

http://www.theguardian.com/world/2014/jul/20/edward-snowden-nsa-encourages-technology-development-hacking

PhishMe reveals source and metrics behind new phishing attack

Researchers at PhishMe uncovered a new malware threat dubbed “Dyre” about a month ago. Now, a new blog post from PhishMe provides intricate details about a new variation on Dyre that provide a look at the potential source and impact of the threat. Dyre is a RAT (root access Trojan).

http://www.csoonline.com/article/2455555/malware-cybercrime/phishme-reveals-source-and-metrics-behind-new-phishing-attack.html

---

Vous pouvez également vous abonner à cette veille #Cybersécurité via un flux RSS dédié : http://www.cyber-securite.fr/category/veille-cyber/feed

Laisser un commentaire

Votre adresse de messagerie ne sera pas publiée. Les champs obligatoires sont indiqués avec *

This site uses Akismet to reduce spam. Learn how your comment data is processed.