Content curation / Veille informationnelle


Le blog de MISC 100% sécurité informatique

  • [À lire] Des traceurs GPS bien trop indiscrets
    par redaction le 8 octobre 2019 à 7 h 30 min

      Le suivi d’individus et de biens à forte valeur ajoutée est depuis plusieurs années réalisé par l’utilisation de traceurs GPS. Ces équipements ont pour fonction de transmettre les coordonnées de géolocalisation périodiquement à un serveur distant via un module radio mobile et une carte SIM. Il a été également constaté que certaines de ces

  • L’édito de MISC HS n°20 !
    par Aline Hof le 30 septembre 2019 à 7 h 00 min

    iOS ou Android ? Une mauvaise question… Les idéaux se succèdent, on les dépasse, ils tombent en ruines, et puisqu’il n’y a pas d’autre vie, c’est sur ces ruines encore qu’il faut fonder un idéal dernier – Dostoievski S’il y a bien quelque chose qui évolue dans le monde de la sécurité informatique, ce sont

  • Sécurisez vos systèmes Windows en environnement Active Directory !
    par Aline Hof le 27 septembre 2019 à 7 h 30 min

    Ce 20ème hors-série de MISC est dédié à la sécurité des systèmes Windows en environnement Active Directory avec leurs attaques et contre-mesures. Il vous permettra de vous initier aux techniques de sécurisation de votre Active Directory. Vous découvrirez également les attaques contre les mécanismes d’authentification de Windows et pourrez vous familiariser aux problèmes liés aux


    Feed has no items.

Hacking Articles Raj Chandel's Blog

  • HA Joker Vulnhub Walkthrough
    par Raj Chandel le 21 octobre 2019 à 12 h 55 min

    Today we are going to solve our Boot to Root challenge called “HA: Joker” We have developed this lab for the purpose of online penetration practices. Solving this lab is not that tough if you have proper basic knowledge of Penetration testing. Let’s start and learn how to breach it. Download Here Level: Intermediate Task:... Continue reading → The post HA Joker Vulnhub Walkthrough appeared first on Hacking Articles.

  • HA: ISRO Vulnhub Walkthrough
    par Raj Chandel le 19 octobre 2019 à 17 h 32 min

    Today we are going to solve our CTF challenge called “HA: ISRO” We have developed this lab for the purpose of online penetration practices. Solving this lab is not that tough if have proper basic knowledge of Penetration testing. Let’s start and learn how to breach it. Download Here Level: Intermediate Task: Find 4 Flags... Continue reading → The post HA: ISRO Vulnhub Walkthrough appeared first on Hacking Articles.

  • Docker Installation & Configuration
    par Raj Chandel le 19 octobre 2019 à 17 h 07 min

    Docker services are extensively used in IT operations, so it is very important that you start learning from docker basics. In this article, we will cover the installation and setup of the docker, along with its specific uses. Learn web application in Table of Content Introduction to docker Docker and its terminology Advantages of docker... Continue reading → The post Docker Installation & Configuration appeared first on Hacking Articles.

RSS - Actualité CNIL.fr Fil RSS des actualités de la Commission Nationale de L'Informatique et des Libertés (CNIL)


Internet Society Working for an Internet that is open, globally connected, and secure.

  • Securing the Internet: Introducing Oracle Internet Intelligence IXP Filter Check
    par Doug Madory le 23 octobre 2019 à 15 h 00 min

    Oracle is an Organization Member of the Internet Society. We welcome this guest post announcing a new tool that complements our work to improve the security of the Internet’s routing infrastructure. We are proud to announce the launch of the IXP Filter Check, which is designed to improve Internet routing security by monitoring route filtering The post Securing the Internet: Introducing Oracle Internet Intelligence IXP Filter Check appeared first on Internet Society.

  • Your Day with Encryption
    par Ryan Polk, April Froncek le 22 octobre 2019 à 14 h 59 min

    How often do you use encryption? It seems like the stuff of spy films, but you might be surprised to find out how often it touches your daily life. Encryption is the process of scrambling or enciphering data, and only someone with the key can read or access it. You can use it for things The post Your Day with Encryption appeared first on Internet Society.

  • The Week in Internet News: A Fight over Community Broadband in Missouri
    par Grant Gross le 21 octobre 2019 à 14 h 32 min

    Broadband battle: Missouri law prohibits cities from launching their own broadband services, but some groups are pushing again that policy, reports The Salem News Online, a newspaper in the south central area of the state. More than half of the rural residents of the state lack broadband with download speeds of 25 Mbps. Several electric The post The Week in Internet News: A Fight over Community Broadband in Missouri appeared first on Internet Society.


Security.NL maakt Nederland veilig Security.NL maakt Nederland veilig


Naked Security Computer Security News, Advice and Research


Security Weekly Security Market Validation

  • Investigating Phishing Emails and Domains Using DomainTools Iris
    par Paul Asadoorian le 27 septembre 2019 à 4 h 00 min

    This blog post is sponsored by DomainTools. For more information and product trials please visit https://securityweekly.com/domaintools. Investigation Time! You may be sitting at work early in the morning, enjoying your coffee and the peace and quiet that comes along with being the first one in the office. Like most, the first thing you do is The post Investigating Phishing Emails and Domains Using DomainTools Iris appeared first on Security Weekly.

  • Thwarting the Insider Threat with Network Traffic Analysis
    par Matt Alderman le 23 mai 2019 à 4 h 00 min

    For decades, anyone analyzing network traffic concentrated on external network traffic, known as north-south traffic, through the perimeter via firewalls.  Although firewalls evolved to better analyze this traffic, two primary trends emerged: 1) cloud adoption was causing the perimeter to become more porous, even to the point of extinction, and 2) as attackers gained sophistication, The post Thwarting the Insider Threat with Network Traffic Analysis appeared first on Security Weekly.

  • Domain Investigations Using Open-Source Tools And DomainTools Iris
    par Paul Asadoorian le 2 mai 2019 à 4 h 00 min

    This blog post is sponsored by DomainTools. For more information and product trials please visit https://securityweekly.com/domaintools.  Malicious or Not? The above question runs through the brains of SOC analysts across the world multiple times per day. When you are analyzing security events looking for the “bad” things, you often come across a domain that requires The post Domain Investigations Using Open-Source Tools And DomainTools Iris appeared first on Security Weekly.


Liquidmatrix Security Digest Bringing Fire To The Village: Your Source For Computer, Network & Information Security News

  • We Don’t Take Vendor Pitches
    par Dave Lewis le 14 juillet 2019 à 5 h 51 min

    This site has been online for more than a couple decades now. I removed all advertising from the site a couple years ago to maintain as impartial of an approach as I can. The post We Don’t Take Vendor Pitches appeared first on Liquidmatrix Security Digest.

  • War Stories: Just Shut Off Telnet
    par Dave Lewis le 14 juillet 2019 à 5 h 26 min

    Years ago I was working on a project that had a rather interesting premise. It was a way to send a file between two parties that was stamped as verified by a third party intermediary. Pretty basic stuff but, in the 90s it was rather neat. One of the things that I discovered was that The post War Stories: Just Shut Off Telnet appeared first on Liquidmatrix Security Digest.

  • Having The Security Rug Pulled Out From Under You
    par Larry Cashdollar le 18 octobre 2018 à 19 h 24 min

    Apache .htaccess changes led to arbitrary file upload vulnerabilities in jQuery project I attended the Messaging, Malware and Mobile Anti-Abuse Working Group (m3aawg.org) meeting in Brooklyn, NY.   I expected better weather to wander around the city while enjoying the conference and the neighborhood’s wide selection of food. I had been so confident of clear skies The post Having The Security Rug Pulled Out From Under You appeared first on Liquidmatrix Security Digest.


  • Blind ROP ARM - ECSC Préquals 2019 - Secure Vault - Writeup
    par Geluchat le 22 mai 2019 à 16 h 00 min

    Dans le cadre des préqualifications de l'ECSC, j'ai eu l'occasion de tester un challenge original dans la catégorie pwn : le challenge Secure Vault. La mention "aucun binaire n'est fourni avec ce challenge" nous indique que le challenge va être intéressant ! Pour commencer, on se connecte au challenge : root@Miaou:/# nc …

  • Exploitation d'un programme 64 bits sous Windows 10
    par Geluchat le 15 mai 2018 à 12 h 30 min

    Introduction Lorsque l'on débute dans le domaine de l'exploitation de binaire, notre choix se tourne le plus souvent vers Linux. En effet, beaucoup de challenges ont été développés sous Linux et la documentation sur l'exploitation Linux ne manque pas. Néanmoins, créer des exploits pour Linux n'a pas le même impact …

  • Les Server Side Request Forgery : Comment contourner un pare-feu
    par Geluchat le 15 septembre 2017 à 22 h 40 min

    Qu'est ce que les Server Side Request Forgery ? Les Server Side Request Forgery, ou en abrégé SSRF, sont des vulnérabilités Web permettant de lire des fichiers sur le serveur local. Il ne faut pas les confondre avec les CSRF (Cross Site Request Forgery), qui, elles, ont pour but l'exécution d'une …


IT Security Guru The Site for our Community

  • U.S Superior Court systems have hacked to spread phishing emails
    par Alicia Gregorian le 23 octobre 2019 à 9 h 11 min

    A Texas man was sentenced today to 145 months in federal prison for hacking the Los Angeles Superior Court (LASC) computer system and using its servers to deliver around 2 million malspam emails. 33-year-old Oriyomi Sadiq Aloba “was found guilty of one count of conspiracy to commit wire fraud, 15 counts of wire fraud, one count of attempted wire fraud, The post U.S Superior Court systems have hacked to spread phishing emails appeared first on IT Security Guru.

  • UK cyber-centre targets card payment fraud
    par Alicia Gregorian le 23 octobre 2019 à 9 h 10 min

    Britain’s cyber-defence centre has thwarted more than one million cases of suspected payment card fraud in the last year, its annual review reveals. The National Cyber Security Centre (NCSC) said a dedicated anti-fraud effort stopped the cards being abused. It said it had stopped more than 1,800 cyber-attacks aimed at UK citizens and businesses in The post UK cyber-centre targets card payment fraud appeared first on IT Security Guru.

  • Scammers arrested in Spain who were behind €10 Million BEC Fraud
    par Alicia Gregorian le 23 octobre 2019 à 9 h 10 min

    Three people, part of a Business Email Compromise (BEC) scammer group that stole roughly €10.7 million ($11,900,000) from 12 companies, were arrested in Spain by the Guardia Civil as part of Operation Lavanco. BEC (otherwise known as Email Account Compromise, CEO fraud, or CEO impersonation) fraud schemes are scams that allow crooks to trick a company’s employees to wire out funds to The post Scammers arrested in Spain who were behind €10 Million BEC Fraud appeared first on IT Security Guru.


    Feed has no items.

    Feed has no items.

    Feed has no items.

CERT-FR Centre gouvernemental de veille, d'alerte et de réponse aux attaques informatiques