Content curation / Veille informationnelle


Le blog de MISC 100% sécurité informatique

  • [À lire] Revue de livres
    par redaction le 30 juillet 2019 à 7 h 30 min

      La littérature regorge de livres traitant le sujet de l’apprentissage automatique, le Machine Learning. Cet ensemble de livres peut être décomposé en deux parties : la première partie regroupe les livres traitant le sujet en abordant le côté pratique sans trop insister sur la théorie, ils misent sur la partie programmation en utilisant les différentes

  • L’édito de MISC n°104 !
    par Aline Hof le 1 juillet 2019 à 7 h 00 min

    Après s’être régalé des premières asperges généreusement arrosées de muscat alsacien, l’esthète de la sécurité a pu savourer les débats enflammés accompagnant la sortie de Tchap, la messagerie instantanée de l’État. Passée l’agitation probablement accrue par un printemps pluvieux, il n’est pas inintéressant de revenir brièvement sur cet évènement. Tout d’abord, il convient de s’interroger

  • [MISC n°104] Références de l’article « Fuddly : évaluation de la robustesse d’une cible »
    par Aline Hof le 28 juin 2019 à 8 h 00 min

    Retrouvez ci-dessous la liste des références qui accompagnent l’article « Fuddly : évaluation de la robustesse d’une cible », publié dans MISC n°104 : [1] Dépôt de Fuddly : https://github.com/k0retux/fuddly [2] https://connect.ed-diamond.com/MISC/MISC-103/Fuddly-introduction-de-l-outil-et-developpement-d-un-protocole [3] Documentation de Fuddly : https://fuddly.readthedocs.io/


    Feed has no items.

Hacking Articles Raj Chandel's Blog

  • Broken: Gallery Vulnhub Walkthrough
    par Raj Chandel le 18 août 2019 à 18 h 46 min

    We have another CTF challenges for CTF players that named as “Broken” and it can be download from vulnhub from here. The credit goes “Avraham Cohen” for designing this VM machine for beginners. This is a Linux based CTF challenge where you can use your basic pentest skill for Compromising this VM to escalate the... Continue reading → The post Broken: Gallery Vulnhub Walkthrough appeared first on Hacking Articles.

  • dpwwn:2 Vulnhub Walkthrough
    par Raj Chandel le 18 août 2019 à 12 h 27 min

    Today we will take another CTF challenge dpwwn2 from the series dpwwn. The credit for making this VM machine goes to “Debashish Pal” and it is a boot2root challenge where we have to root the machine and capture the flag dpwwn-02-FLAG.txt to complete the challenge. You can download this VM here. Security Level: Intermediate Penetrating Methodology: Scanning... Continue reading → The post dpwwn:2 Vulnhub Walkthrough appeared first on Hacking Articles.

  • Linux For Pentester: socat Privilege Escalation
    par Raj Chandel le 17 août 2019 à 14 h 08 min

    Welcome back, to grab knowledge of another command from “Linux for pentester” series. As we know there are many tools that can help the user to transfer data. Similarly, we are going to take advantage of another command i.e. “socat” which is a utility for data transfer between two addresses. So, now we will take... Continue reading → The post Linux For Pentester: socat Privilege Escalation appeared first on Hacking Articles.

RSS - Actualité CNIL.fr Fil RSS des actualités de la Commission Nationale de L'Informatique et des Libertés (CNIL)


Internet Society Working for an Internet that is open, globally connected, and secure.

  • Day Zero 2019: Bringing Together Young People to Talk about Internet Governance
    par Anna Higgins le 16 août 2019 à 14 h 56 min

    As we work to foster the multistakeholder model in Internet governance, we must include the voices of youth. They’ve grown up in the age of the Internet, where using connected devices is second nature and we’re beginning to have conversations around issues like encryption and privacy. Young people deserve not just a seat at the […] The post Day Zero 2019: Bringing Together Young People to Talk about Internet Governance appeared first on Internet Society.

  • Second Meeting of the Indian Network Operators’ Group Concludes Successfully
    par Natasha Rautela Saroha le 15 août 2019 à 13 h 19 min

    The Indian Network Operators’ Group (INNOG) organized their second meeting ( INNOG 2) in New Delhi on 1-4 July. The event, comprised of a conference and three workshops, was attended by more than 170 local and international participants. The event was supported by ISPAI, APNIC, NIXI, Internet Society, Tata Communications, Telestra, Spectra, Amazon Web Service, […] The post Second Meeting of the Indian Network Operators’ Group Concludes Successfully appeared first on Internet Society.

  • Preserving Native Cultures: Vote Now for the Internet Society’s Panel for SXSW 2020
    par Anna Higgins le 14 août 2019 à 14 h 26 min

    What benefits can Internet connectivity bring to Tribal and Indigenous communities – especially when it comes to language and culture preservation? That’s the topic of our panel proposal for South by Southwest (SXSW) 2020: “How Internet Access Can Preserve Native Cultures.” And we’re excited to announce that you can now vote for it! SXSW, is […] The post Preserving Native Cultures: Vote Now for the Internet Society’s Panel for SXSW 2020 appeared first on Internet Society.


Security.NL maakt Nederland veilig Security.NL maakt Nederland veilig


Naked Security Computer Security News, Advice and Research


Security Weekly Security Market Validation


Liquidmatrix Security Digest Bringing Fire To The Village: Your Source For Computer, Network & Information Security News

  • We Don’t Take Vendor Pitches
    par Dave Lewis le 14 juillet 2019 à 5 h 51 min

    This site has been online for more than a couple decades now. I removed all advertising from the site a couple years ago to maintain as impartial of an approach as I can. The post We Don’t Take Vendor Pitches appeared first on Liquidmatrix Security Digest.

  • War Stories: Just Shut Off Telnet
    par Dave Lewis le 14 juillet 2019 à 5 h 26 min

    Years ago I was working on a project that had a rather interesting premise. It was a way to send a file between two parties that was stamped as verified by a third party intermediary. Pretty basic stuff but, in the 90s it was rather neat. One of the things that I discovered was that […] The post War Stories: Just Shut Off Telnet appeared first on Liquidmatrix Security Digest.

  • Having The Security Rug Pulled Out From Under You
    par Larry Cashdollar le 18 octobre 2018 à 19 h 24 min

    Apache .htaccess changes led to arbitrary file upload vulnerabilities in jQuery project I attended the Messaging, Malware and Mobile Anti-Abuse Working Group (m3aawg.org) meeting in Brooklyn, NY.   I expected better weather to wander around the city while enjoying the conference and the neighborhood’s wide selection of food. I had been so confident of clear skies […] The post Having The Security Rug Pulled Out From Under You appeared first on Liquidmatrix Security Digest.


  • Blind ROP ARM - ECSC Préquals 2019 - Secure Vault - Writeup
    par Geluchat le 22 mai 2019 à 16 h 00 min

    Dans le cadre des préqualifications de l'ECSC, j'ai eu l'occasion de tester un challenge original dans la catégorie pwn : le challenge Secure Vault. La mention "aucun binaire n'est fourni avec ce challenge" nous indique que le challenge va être intéressant ! Pour commencer, on se connecte au challenge : root@Miaou:/# nc

  • Exploitation d'un programme 64 bits sous Windows 10
    par Geluchat le 15 mai 2018 à 12 h 30 min

    Introduction Lorsque l'on débute dans le domaine de l'exploitation de binaire, notre choix se tourne le plus souvent vers Linux. En effet, beaucoup de challenges ont été développés sous Linux et la documentation sur l'exploitation Linux ne manque pas. Néanmoins, créer des exploits pour Linux n'a pas le même impact

  • Les Server Side Request Forgery : Comment contourner un pare-feu
    par Geluchat le 15 septembre 2017 à 22 h 40 min

    Qu'est ce que les Server Side Request Forgery ? Les Server Side Request Forgery, ou en abrégé SSRF, sont des vulnérabilités Web permettant de lire des fichiers sur le serveur local. Il ne faut pas les confondre avec les CSRF (Cross Site Request Forgery), qui, elles, ont pour but l'exécution d'une


IT Security Guru The Site for our Community

  • CyCognito Platform
    par The Gurus le 16 août 2019 à 17 h 06 min

    Supplier: CyCognito Website: www.cycognito.com Price: Based on number of assets Scores Performance 5/5 Features 5/5 Value for Money 5/5 Ease of Use 5/5 Overall 5/5 Verdict: With data protection regulations getting ever stricter, failure is not an option. CyCognito is a new breed of security assessment platform that can keep you one step ahead of […] The post CyCognito Platform appeared first on IT Security Guru.

  • 70% Of Financial Companies Suffered A Cyber Security Incident In The Last 12 Months.
    par The Gurus le 15 août 2019 à 16 h 37 min

    New research by data security company, Clearswift, reveals that 70% of financial companies have experienced a cyber security incident in the past year, highlighting the serious threat that both data breaches and malicious attacks pose to the UK’s financial sector. The research, which surveyed senior business decision makers within enterprise financial organisations in the UK, […] The post 70% Of Financial Companies Suffered A Cyber Security Incident In The Last 12 Months. appeared first on IT Security Guru.

  • Kaspersky To Open First Transparency Center In APAC.
    par The Gurus le 15 août 2019 à 16 h 37 min

    In line with its drive towards building trust in the cybersecurity industry, Kaspersky today announces the opening of its first Transparency Center in Asia Pacific, to be hosted by CyberSecurity Malaysia – Malaysia’s national cybersecurity specialist agency. The company’s third code review facility will be located at Menara Cyber Axis, Cyberjaya, alongside key cyber-related government […] The post Kaspersky To Open First Transparency Center In APAC. appeared first on IT Security Guru.


    Feed has no items.

    Feed has no items.

    Feed has no items.

CERT-FR Centre gouvernemental de veille, d'alerte et de réponse aux attaques informatiques