in

Veille #Cybersécurité du 31/07/2014

Tout ce qu’il ne fallait pas manquer aujourd’hui dans votre veille #Cybersécurité. Bonne lecture ! —

Kaspersky Lab : Crouching Yeti, une campagne d’espionnage en cours visant plus de 2800 cibles connues à travers le monde

La campagne Crouching Yeti, alias Energetic Bear, se caractérise entre autres par de nouveaux outils malveillants et une liste étendue de victimes. Le texte complet de l’étude est disponible sur le site securelist.com http://www.globalsecuritymag.fr/Kaspersky-Lab-Crouching-Yeti-une,20140731,46671.html

China slams Canada for irresponsible hacking accusations : The West Australian

BEIJING (Reuters) – China’s foreign ministry accused Canada on Thursday of making irresponsible accusations lacking any credible evidence after Canada singled out Chinese hackers for attacking a key computer network and lodged a protest with Beijing. https://au.news.yahoo.com/thewest/business/technology/a/24602370/china-slams-canada-for-irresponsible-hacking-accusations/

PCI compliance contributes to false sense of security

Despite industry data to the contrary, a new Tripwire retail cybersecurity survey indicates that organizations that rely on PCI compliance as the core of their information security program were twice as confident that they could detect rogue applications, such as those used to exfiltrate data. http://www.net-security.org/secworld.php

Canadian intelligence sweeps often intercept private data, spy document reveals Add to …

In its fight against Chinese espionage and other cyberthreats, Canada’s electronic-intelligence agency intercepts citizens’ private messages without judicial warrants. http://www.theglobeandmail.com/news/politics/canadian-intelligence-sweeps-often-intercept-private-data/article19868523/

Why the Security of USB Is Fundamentally Broken

Computer users pass around USB sticks like silicon business cards. Although we know they often carry malware infections, we depend on antivirus scans and the occasional reformatting to keep our thumbdrives from becoming the carrier for the next digital epidemic. http://www.wired.com/2014/07/usb-security/

The Information Security Hierarchy of Needs

I was inspired by my fellow blogger after reading his latest article, “The Sea of Information Security”, to write a post on information security hierarchy of needs. Dave Shackleford wrote on this topic back in 2009, so I thought it would be good to re-energize the discussion. http://www.tripwire.com/state-of-security/security-data-protection/security-controls/the-information-security-hierarchy-of-needs/

Is Cyber Insurance a Channel Threat or Opportunity?

The growing buzz around cybersecurity insurance is polarising channel opinion, with some viewing it as a threat and others a lucrative sales opportunity. Demand for cyber cover is rising rapidly as end users look to guard themselves against the potential fallout of a data breach. http://channelnomics.com/2014/07/24/cyber-insurance-channel-threat-opportunity/#.U9ozutkazCR

A new cyber exercise: Test your security team’s incident response capabilities

There is a place called Alphaville. It is like many other towns all over the world – with a city hall, library, school, power plant and more. You can even watch this short video about Alphaville here. http://www.govtech.com/blogs/lohrmann-on-cybersecurity/A-new-cyber-exercise-Test-your-security-teams-incident-response-capabilities.html

Hacking Washington DC traffic control systems

By Cesar Cerrudo @cesarcer I am frustrated with Sensys Networks (vulnerable devices vendor) lack of cooperation, but I realize that I should be thankful. http://blog.ioactive.com/2014/07/hacking-washington-dc-traffic-control.html

Huge data breach at Paddy Power bookmakers – details of over 649,000 customers stolen

There has been a huge data breach at Irish bookmakers Paddy Power, with the personal details of over 649,000 customers having been stolen. About 120,000 of the customers are based in Ireland. http://www.belfasttelegraph.co.uk/life/technology-gadgets/huge-data-breach-at-paddy-power-bookmakers-details-of-over-649000-customers-stolen-30474666.html

Évolutions et pratiques sécuritaires : zones de confiance et de confort

« La cyber-guerre entre la Russie et l’Ukraine » et « Target refond en totalité sa sécurité informatique et évince sa DSI » : Quel est le point commun entre ces deux histoires et en quoi cela vous concerne-t-il ? L’excès de confiance des protagonistes. http://www.journaldunet.com/solutions/expert/58116/evolutions-et-pratiques-securitaires—zones-de-confiance-et-de-confort.shtml

Portrait-robot du Responsable de la Sécurité des Systèmes d’Information

Les attaques informatiques se multiplient . En première ligne, le Responsable de la Sécurité des Systèmes d’Information entretient les défenses de l’entreprise. http://business.lesechos.fr/directions-numeriques/0203670003717-portrait-robot-du-responsable-de-la-securite-des-systemes-d-information-102045.php#xtor=CS1-35

orWall, une app Android qui utilise TOR et bloque le trafic en dehors

Client open source disponible sur Android, Orbot sert de proxy pour acheminer le trafic à travers le réseau TOR afin de renforcer l’anonymat de l’usager. Depuis un mobile, il peut gérer la navigation web, la consultation des mails ou l’accès des applications au net. http://www.numerama.com/magazine/30153-orwall-une-app-android-qui-utilise-tor-et-bloque-le-trafic-en-dehors.html

Russian government asks Apple to hand over source code amid spying concerns

Russia’s Ministry of Communications and Mass Media has suggested that Apple should open its source code for government inspection to ensure that the iPhone maker is not complicit in enabling U.S. intelligence services to spy on the world’s largest country. http://appleinsider.com/articles/14/07/30/russian-government-asks-apple-to-hand-over-source-code-amid-spying-concerns

U.S. Intelligence Community Has a New ‘Int”: Identity Intelligence

The term began to appear a few years ago and was included, for example, in a 2012 Defense Intelligence Agency briefing package. Since then it has quickly propagated throughout U.S. military and intelligence operations. Identity intelligence (or I2) was included for the first time in published U.S. http://www.matthewaid.com/post/93309160401

«Si nous ne maîtrisons pas le cyberespace, nous ne maîtrisons aucune capacité opérationnelle».

La cyberdéfense est l’une des priorités du nouveau Livre Blanc. Il est aujourd’hui indispensable de faire évoluer les unités de la Marine en cohérence avec  des systèmes d’information toujours plus durcis. http://www.colsbleus.fr/articles/2697

Inside Citizen Lab, the “Hacker Hothouse” protecting you from Big Brother

It was May of 2012 at a security conference in Calgary, Alberta, when professor Ron Deibert heard a former high-ranking official suggest he should be prosecuted. This wasn’t too surprising. http://arstechnica.com/security/2014/07/inside-citizen-lab-the-hacker-hothouse-protecting-you-from-big-brother/

New study measures economic impact of NSA’s spying

A new study from the New America Foundation shows that personal privacy and U.S. credibility were not the only thing damaged by the NSA’s activities – American tech companies are also being hurt. http://www.tgdaily.com/enterprise/122161-new-study-measures-economic-impact-of-nsas-spying — Vous pouvez également vous abonner à cette veille #Cybersécurité via un flux RSS dédié : https://www.cyber-securite.fr/category/veille-cyber/feed

Vous aimerez aussi cet article:

Newsletter

Envie de ne louper aucun de nos articles ? Abonnez vous pour recevoir chaque semaine les meilleurs actualités avant tout le monde.

Laisser un commentaire

Votre adresse e-mail ne sera pas publiée. Les champs obligatoires sont indiqués avec *