—
Kaspersky Lab : Crouching Yeti, une campagne d’espionnage en cours visant plus de 2800 cibles connues à travers le monde
La campagne Crouching Yeti, alias Energetic Bear, se caractérise entre autres par de nouveaux outils malveillants et une liste étendue de victimes. Le texte complet de l’étude est disponible sur le site securelist.com
http://www.globalsecuritymag.fr/Kaspersky-Lab-Crouching-Yeti-une,20140731,46671.html
China slams Canada for irresponsible hacking accusations : The West Australian
BEIJING (Reuters) – China’s foreign ministry accused Canada on Thursday of making irresponsible accusations lacking any credible evidence after Canada singled out Chinese hackers for attacking a key computer network and lodged a protest with Beijing.
https://au.news.yahoo.com/thewest/business/technology/a/24602370/china-slams-canada-for-irresponsible-hacking-accusations/
PCI compliance contributes to false sense of security
Despite industry data to the contrary, a new Tripwire retail cybersecurity survey indicates that organizations that rely on PCI compliance as the core of their information security program were twice as confident that they could detect rogue applications, such as those used to exfiltrate data.
http://www.net-security.org/secworld.php
Canadian intelligence sweeps often intercept private data, spy document reveals Add to …
In its fight against Chinese espionage and other cyberthreats, Canada’s electronic-intelligence agency intercepts citizens’ private messages without judicial warrants.
http://www.theglobeandmail.com/news/politics/canadian-intelligence-sweeps-often-intercept-private-data/article19868523/
Why the Security of USB Is Fundamentally Broken
Computer users pass around USB sticks like silicon business cards. Although we know they often carry malware infections, we depend on antivirus scans and the occasional reformatting to keep our thumbdrives from becoming the carrier for the next digital epidemic.
http://www.wired.com/2014/07/usb-security/
The Information Security Hierarchy of Needs
I was inspired by my fellow blogger after reading his latest article, “The Sea of Information Security”, to write a post on information security hierarchy of needs. Dave Shackleford wrote on this topic back in 2009, so I thought it would be good to re-energize the discussion.
http://www.tripwire.com/state-of-security/security-data-protection/security-controls/the-information-security-hierarchy-of-needs/
Is Cyber Insurance a Channel Threat or Opportunity?
The growing buzz around cybersecurity insurance is polarising channel opinion, with some viewing it as a threat and others a lucrative sales opportunity. Demand for cyber cover is rising rapidly as end users look to guard themselves against the potential fallout of a data breach.
http://channelnomics.com/2014/07/24/cyber-insurance-channel-threat-opportunity/#.U9ozutkazCR
A new cyber exercise: Test your security team’s incident response capabilities
There is a place called Alphaville. It is like many other towns all over the world – with a city hall, library, school, power plant and more. You can even watch this short video about Alphaville here.
http://www.govtech.com/blogs/lohrmann-on-cybersecurity/A-new-cyber-exercise-Test-your-security-teams-incident-response-capabilities.html
Hacking Washington DC traffic control systems
By Cesar Cerrudo @cesarcer I am frustrated with Sensys Networks (vulnerable devices vendor) lack of cooperation, but I realize that I should be thankful.
http://blog.ioactive.com/2014/07/hacking-washington-dc-traffic-control.html
Huge data breach at Paddy Power bookmakers – details of over 649,000 customers stolen
There has been a huge data breach at Irish bookmakers Paddy Power, with the personal details of over 649,000 customers having been stolen. About 120,000 of the customers are based in Ireland.
http://www.belfasttelegraph.co.uk/life/technology-gadgets/huge-data-breach-at-paddy-power-bookmakers-details-of-over-649000-customers-stolen-30474666.html
Évolutions et pratiques sécuritaires : zones de confiance et de confort
« La cyber-guerre entre la Russie et l’Ukraine » et « Target refond en totalité sa sécurité informatique et évince sa DSI » : Quel est le point commun entre ces deux histoires et en quoi cela vous concerne-t-il ? L’excès de confiance des protagonistes.
http://www.journaldunet.com/solutions/expert/58116/evolutions-et-pratiques-securitaires—zones-de-confiance-et-de-confort.shtml
Portrait-robot du Responsable de la Sécurité des Systèmes d’Information
Les attaques informatiques se multiplient . En première ligne, le Responsable de la Sécurité des Systèmes d’Information entretient les défenses de l’entreprise.
http://business.lesechos.fr/directions-numeriques/0203670003717-portrait-robot-du-responsable-de-la-securite-des-systemes-d-information-102045.php#xtor=CS1-35
orWall, une app Android qui utilise TOR et bloque le trafic en dehors
Client open source disponible sur Android, Orbot sert de proxy pour acheminer le trafic à travers le réseau TOR afin de renforcer l’anonymat de l’usager. Depuis un mobile, il peut gérer la navigation web, la consultation des mails ou l’accès des applications au net.
http://www.numerama.com/magazine/30153-orwall-une-app-android-qui-utilise-tor-et-bloque-le-trafic-en-dehors.html
Russian government asks Apple to hand over source code amid spying concerns
Russia’s Ministry of Communications and Mass Media has suggested that Apple should open its source code for government inspection to ensure that the iPhone maker is not complicit in enabling U.S. intelligence services to spy on the world’s largest country.
http://appleinsider.com/articles/14/07/30/russian-government-asks-apple-to-hand-over-source-code-amid-spying-concerns
U.S. Intelligence Community Has a New ‘Int”: Identity Intelligence
The term began to appear a few years ago and was included, for example, in a 2012 Defense Intelligence Agency briefing package. Since then it has quickly propagated throughout U.S. military and intelligence operations. Identity intelligence (or I2) was included for the first time in published U.S.
http://www.matthewaid.com/post/93309160401
«Si nous ne maîtrisons pas le cyberespace, nous ne maîtrisons aucune capacité opérationnelle».
La cyberdéfense est l’une des priorités du nouveau Livre Blanc. Il est aujourd’hui indispensable de faire évoluer les unités de la Marine en cohérence avec des systèmes d’information toujours plus durcis.
http://www.colsbleus.fr/articles/2697
Inside Citizen Lab, the “Hacker Hothouse” protecting you from Big Brother
It was May of 2012 at a security conference in Calgary, Alberta, when professor Ron Deibert heard a former high-ranking official suggest he should be prosecuted. This wasn’t too surprising.
http://arstechnica.com/security/2014/07/inside-citizen-lab-the-hacker-hothouse-protecting-you-from-big-brother/
New study measures economic impact of NSA’s spying
A new study from the New America Foundation shows that personal privacy and U.S. credibility were not the only thing damaged by the NSA’s activities – American tech companies are also being hurt.
http://www.tgdaily.com/enterprise/122161-new-study-measures-economic-impact-of-nsas-spying
—
Vous pouvez également vous abonner à cette veille #Cybersécurité via un flux RSS dédié : https://www.cyber-securite.fr/category/veille-cyber/feed
