—
Security researchers find serious exploitable flaws in 14 major Anti-Virus engines like AVG, Bitdefender, ESet, F-Secure
http://www.techworm.net/2014/07/security-researchers-find-serious.html
The Cyber Prosecutor Sending Nude-Photo Thieves To Prison
Wesley Hsu, head of the Cyber And Intellectual Property Crimes Section in the central district of California’s U.S. Attorneys’ OfficeFederal prosecutor Wesley Hsu has been working cybercrime cases for over a decade. Chief of the cyber crime unit at the U.S.
http://www.forbes.com/sites/kashmirhill/2014/07/31/federal-prosecutor-nude-photo-hackers/
NSA keeps low profile at hacker conventions despite past appearances
As hackers prepare to gather in Las Vegas for a pair of annual conventions, the leadership of the National Security Agency won’t make the trek.
http://www.theguardian.com/world/2014/jul/31/nsa-hacker-conventions-recruit-def-con-black-hat
Cyber Deterrence Is Working
Despite the mainstream view of cyberwar professionals and theorists, cyber deterrence is not only possible but has been working for decades. Cyberwar professionals are in the midst of a decades-old debate on how America could deter adversaries from attacking us in cyberspace.
http://www.defensenews.com/article/20140730/DEFFEAT05/307300017/Commentary-Cyber-Deterrence-Working
Spy of the Tiger
A recent report documents a group of attackers known as “PittyTiger” that appears to have been active since at least 2011; however, they may have been operating as far back as 2008. We have been monitoring the activities of this group and believe they are operating from China.
http://www.fireeye.com/blog/technical/threat-intelligence/2014/07/spy-of-the-tiger.html
U.S. Warns Retailers of ‘Backoff’ Malware
The U.S. Department of Homeland Security issued a notice Thursday indicating a new and virulent form of malware called “Backoff” has been used to infiltrate retailers’ computer systems. The alert from the U.S.
http://www.foxbusiness.com/technology/2014/07/31/us-warns-retailers-backoff-malware/
US requests $5b in extra funding to bolster cybercrime defences
US President Barack Obama’s defence agency is ramping up its efforts to fight cyber crime by requesting a $5 billion [£3 billion] package of extra funding for the upcoming year of activities.
http://www.itproportal.com/2014/07/31/us-requests-5b-extra-funding-bolster-cybercrime-defences/
Twitter acquiring password security manager startup Mitro Labs
Twitter password security could be changing, especially for corporate accounts staffed by multiple employees and teams. The San Francisco-headquartered company is acquiring Mitro Labs, a startup based in Lower Manhattan with a service designed for sharing passwords safely for a single account.
http://www.zdnet.com/twitter-acquiring-password-security-manager-startup-mitro-labs-7000032213/
InfoSecs Holy Grail: Data Sharing & Collaboration
Despite all the best intentions, cooperation around Internet security is a still a work in progress. Case in point: Microsoft’s unilateral action against No-IP.
http://www.darkreading.com/operations/infosecs-holy-grail-data-sharing-and-collaboration-/a/d-id/1297633
Review of Penetration Testing A Hands-On Introduction to Hacking
Helping train a computer security incident response team (CSIRT) comes with the territory when building out an enterprise incident response process. As I was reading No Starch’s recently released Penetration Testing A Hands-On Introduction to Hacking book by Georgia Weldman I saw an opportunity.
http://journeyintoir.blogspot.com/2014/07/review-of-penetration-testing-hands-on.html
Book Review:
I recently received a copy of The Art of Memory Forensics (thanks, Jamie!!), with a request that I write a review of the book. Being a somewhat outspoken proponent of constructive and thoughtful feedback within the DFIR community, I agreed.
http://windowsir.blogspot.com/2014/07/book-review-art-of-memory-forensics.html
Calculating IDS Signature Precision
While signature-based detection isn’t enough on its own to protect a network against structured attackers, it is one of the cornerstones of a successful network security monitoring capability.
http://www.appliednsm.com/calculating-ids-signature-precision/
Do CISOs deserve a seat at the leadership table?
ThreatTrack Security published a survey study of C-level executives that underscores a hotly-debated topic in executive circles: what is the role of the CISO? « The CISO’s role has become increasingly complex and demanding, yet the value of their contributions aren’t fully understood or appreciated b
http://www.net-security.org/secworld.php
Etude du rapport sur la cybercriminalité « Protéger les INTERNAUTES »
Ce rapport s’inscrit dans le cadre du groupe de travail interministériel sur la lutte contre la cybercriminalité.
http://securitedessystemesjuridiques.blogspot.fr/2014/08/etude-du-rapport-sur-la.html
GCHQ certifies six cyber security Master’s degree courses
GCHQ, the British intelligence agency, has certified six Master’s degrees in cyber security as the government bids to close the much-talked about cyber-security skills gap.
http://www.computing.co.uk/ctg/news/2358425/gchq-certifies-six-cyber-security-master-s-degree-courses
Army names new commander for cyber training center
Maj. Gen. Stephen Fogarty (left) is taking over the Army’s Cyber Center of Excellence while Maj. Gen. LaWarren Patterson moves to the Installation Management Command. Army Chief of Staff Gen. Ray Odierno announced a change in command at the Army’s main cybersecurity training center on Aug. 1.
http://fcw.com/blogs/fcw-insider/2014/08/army-names-new-commander-for-cyber-training-center.aspx
Bulletin d’actualité CERTFR-2014-ACT-031
Le deuxième mardi de chaque mois, Microsoft publie une série de correctifs de failles de sécurité affectant ses produits. Internet Explorer figure généralement dans la liste, et les corruptions mémoire représentent souvent un fort pourcentage des failles qui y sont corrigées.
http://www.cert.ssi.gouv.fr/site/CERTFR-2014-ACT-031/CERTFR-2014-ACT-031.html
Recent Hacking of Canadian Government Agency Has All the Hallmarks of Chinese Military Cyber Espionage Unit in Shanghai
The recent hacking attempt on a sensitive Canadian government computer network is similar to attacks mounted by an elite unit of the Chinese army based in Shanghai, according to a cybersecurity expert.
http://www.matthewaid.com/post/93486631451
—
Vous pouvez également vous abonner à cette veille #Cybersécurité via un flux RSS dédié : https://www.cyber-securite.fr/category/veille-cyber/feed
