Tootella
Les news du libre

Brèves HSC

• [84] Obtenir les clés SSL en mémoire d'un processus
• [83] Etendre les fonctionnalités de nmap et réaliser un scan au niveau applicatif
• [82] Brève sur les interfaces RPC Windows
• [81] Brève sur WMI (Windows Management Instrumentation)
• [80] Malwar(e)
• [79] Retour sur la vulnérabilité CVE-2008-1930 dans Wordpress
• [78] Rainbow Tables et support des caractères spéciaux sous Windows
• [77] SPA : Single Packet Authorization
• [76] Revisite de la configuration du client OpenSSH
• [75] Politique de mots de passe sous Solaris 10

News HSC

• Tip Description of a method for retrieving in-memory SSL private keys (SSH, Apache, OpenVPN ...).
• Newsletter HSC N°71
• Presentation ISO 27005 vs EBIOS, Mehari, RiskIT, ...
• Presentation JBoss AS: exploitation and reassure
• Presentation Voting Systems Security
• Newsletter HSC N°70
• Newsletter HSC N°69
• Presentation Security and industrial computing
• Presentation ISO 27005 risk management methodology
• Tool : Tunnel over DNS v0.5. - Dns2tcp

Bugtraq

• Vuln: Wireshark 0.8.20 through 1.2.8 Multiple Vulnerabilities
• Vuln: PHP Traverser 'mp3_id.php' Remote File Include Vulnerability
• Vuln: Serenity Audio Player '.m3u' File Buffer Overflow Vulnerability
• Vuln: Mundi Mail Multiple Remote Command Execution Vulnerabilities
• Bugtraq: [SECURITY] [DSA 2077-1] New openldap packages fix potential code execution
• Bugtraq: [HITB-Ann] Reminder: HITB2010 Malaysia Call for Papers Closing August 9th
• Bugtraq: [security bulletin] HPSBUX02556 SSRT100014 rev.2 - HP-UX Running rpc.ttdbserver, Remote Execution of Arbitrary Code
• Bugtraq: CFP NcN 2010
• More rss feeds from SecurityFocus

Cisco Security

• Cisco Midyear Security Report Surveys Network Security Landscape
• Cisco Security Survey Spotlights Consumers' Influence on Enterprise IT
• Cisco Works With Leading Vendors to Deliver Validated Secure Borderless Network Systems
• What You Can Do About Cloud Computing Security
• Cloud Computing Security: What Cisco and the Industry are Doing About It
• University Builds More Secure, Collaborative Campus
• Produce Importer Keeps Pace with Fast-Moving Marketplace
• Data Center Service Provider Reduces Costs, Improves Service
• Cisco Extends Security Leadership With Advances in Cloud Protection
• Administrative City in Minas Gerais Installs One of the Most Advanced IT Infrastructures in Brazil

ImperViews

• Behind any great SCADA breach stands an even greater database breach
• Anatomy of an XSS Attack
• Top 10 Database Security Threats and How to Stop Them
• Imperva finds master hacker who dupes thousands into phishing army
• WEBINAR: The Industrialization of Hacking: How to Stop Organized, Automated, and Mass Produced Bots
• MSFT Guillotines SP2
• Imperva Launches File Security Product
• Security Concerns with Google App Builder
• MSFT Stealth Patch?
• Botorama

Schneier on Security

• Security Vulnerabilities of Smart Electricity Meters
• DNSSEC Root Key Split Among Seven People
• Pork-Filled Counter-Islamic Bomb Device
• WPA Cracking in the Cloud
• 1921 Book on Profiling
• Technology is Making Life Harder for Spies
• Friday Squid Blogging: Squidbillies
• The Washington Post on the U.S. Intelligence Industry
• Internet Worm Targets SCADA
• More Research on the Effectiveness of Terrorist Profiling

Vulnerabilite.com

• Adobe joue le jeu de la sécurité avec Microsoft
• Assises de la Sécurité : l'analyse forensique à l'honneur
• Moins de vol de données en 2009
• WPA cassé ?
• Révisions d'été : l'attaque Pass the Hash
• RADIUS, ce traître
• Siemens : "Ne changez pas notre mot de passe codé en dur"
• Adobe va renforcer son Reader
• Visa vole au secours des marchands
• La tokenization, pilule magique de la conformité PCI

Liens:  Blog | Webmaster | Depuis 1999...