Tootella
Les news du libre

Brèves HSC

• [84] Obtenir les clés SSL en mémoire d'un processus
• [83] Etendre les fonctionnalités de nmap et réaliser un scan au niveau applicatif
• [82] Brève sur les interfaces RPC Windows
• [81] Brève sur WMI (Windows Management Instrumentation)
• [80] Malwar(e)
• [79] Retour sur la vulnérabilité CVE-2008-1930 dans Wordpress
• [78] Rainbow Tables et support des caractères spéciaux sous Windows
• [77] SPA : Single Packet Authorization
• [76] Revisite de la configuration du client OpenSSH
• [75] Politique de mots de passe sous Solaris 10

News HSC

• Newsletter HSC N°73
• Newsletter HSC N°72
• Tip Description of a method for retrieving in-memory SSL private keys (SSH, Apache, OpenVPN ...).
• Newsletter HSC N°71
• Presentation ISO 27005 vs EBIOS, Mehari, RiskIT, ...
• Presentation Risk evolution for the SME/SMI
• Presentation JBoss AS: exploitation and reassure
• Presentation Voting Systems Security
• Newsletter HSC N°70
• Newsletter HSC N°69

Bugtraq

• Vuln: Novell Netware FTP Server Multiple Commands Remote Buffer Overflow Vulnerabilities
• Vuln: Todd Miller Sudo Runas Group Local Privilege Escalation Vulnerability
• Vuln: DynPage 'dynpage_load.php' Local File Disclosure Vulnerability
• Vuln: Weborf HTTP 'modURL()' Function Directory Traversal Vulnerability
• Bugtraq: [TEHTRI-Security Training + 0days] "Hunting Web Attackers" at HITBSecConf
• Bugtraq: [ GLSA 201009-03 ] sudo: Privilege Escalation
• Bugtraq: Re: KeePass version 2.12 <= Insecure DLL Hijacking Vulnerability (dwmapi.dll)
• Bugtraq: XSS in Horde Application Framework <=3.3.8, icon_browser.php
• More rss feeds from SecurityFocus

Cisco Security

• Insurer Delivers High-Touch Service to Exclusive Clients
• Cisco Midyear Security Report Surveys Network Security Landscape
• Cisco Security Survey Spotlights Consumers' Influence on Enterprise IT
• Cisco Works With Leading Vendors to Deliver Validated Secure Borderless Network Systems
• What You Can Do About Cloud Computing Security
• Cloud Computing Security: What Cisco and the Industry are Doing About It
• University Builds More Secure, Collaborative Campus
• Produce Importer Keeps Pace with Fast-Moving Marketplace
• Data Center Service Provider Reduces Costs, Improves Service
• Cisco Extends Security Leadership With Advances in Cloud Protection

ImperViews

• Russian hackers in action
• Risk Homeostasis and RSnake
• Hackers accidentally give Microsoft their code
• Web app vulns now 50% of flaws
• Responsible Disclosure: RIP?
• Religion and Log Files
• Intel + McAfee: what does it mean?
• HP picks up Fortify for ~$250M
• LIVE WEBINAR: Five Signs Your File Data is at Risk
• Spanish Password Security

Schneier on Security

• Consumerization and Corporate IT Security
• Terrorism Entrapment
• Friday Squid Blogging: Squid Car
• UAE Man-in-the-Middle Attack Against SSL
• Successful Attack Against a Quantum Cryptography System
• Cyber-Offence is the New Cyber-Defense
• Wanted: Skein Hardware Help
• More Skein News
• Eavesdropping on Smart Homes with Distributed Wireless Sensors
• High School Teacher Assigns Movie-Plot Threat Contest Problem

Vulnerabilite.com

• Intel s'offre McAfee pour 7,68 milliards de dollars
• Quartiers d'été pour SecurityVibes
• Black Hat : stars, paillettes et hackers à Vegas
• Trop sûr, le Blackberry ?
• Adobe joue le jeu de la sécurité avec Microsoft
• Assises de la Sécurité : l'analyse forensique à l'honneur
• Moins de vol de données en 2009
• WPA cassé ?
• Révisions d'été : l'attaque Pass the Hash
• RADIUS, ce traître

Liens:  Blog | Webmaster | Depuis 1999...