ESET Nod32 Antivirus | Antispyware | Console d administration
Chercher :
Newsletter :  
Revues :
- Presse
- Presse FR
- Vidéos
- Twitter
- Secuobs



Abonnez vous � Nessus Professional Feed !

Sponsors :

Sommaires :
- Tendances
- Failles
- Virus
- Concours
- Reportages
- Acteurs
- Outils
- Breves
- Infrastructures
- Livres
- Tutoriels
- Interviews
- Podcasts
- Communiques
- Commentaires

Revue Presse:
- Tous
- Francophone
- Par mot clé
- Par site
- Le tagwall


Top bi-hebdo:
- Ensemble
- Articles
- Revue
- Videos
- Twitter
- Auteurs

Articles :
- Par mot clé
- Par auteur
- Par organisme
- Le tagwall


Videos :
- Toutes
- Par mot clé
- Par site
- Le tagwall


Twitter :
- Tous
- Par mot clé
- Par compte
- Le tagwall


Commentaires :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours
- Livres
- Communiques

Secumail :
- Secunia
- Full Disclosure
- Bugtraq
- DailyDave
- Vulnwatch
- Vulndiscuss
- FunSec
- Focus-IDS
- WebAppSec
- Security-Basis

RSS/XML :
- Articles
- Brèves
- Commentaires
- Revue
- Revue FR
- Videos
- Twitter
- Secunia
- Full Disclosure
- Bugtraq
- DailyDave
- Vulnwatch
- Vulndiscuss
- FunSec
- Focus-IDS
- WebAppSec
- Security-Basis

RSS SecuObs :
- sécurité
- exploit
- windows
- microsoft
- réseau
- attaque

RSS Revue :
- security
- microsoft
- windows
- hacker
- attack
- network

RSS Videos :
- vmware
- security
- virus
- biometric
- windows
- lockpicking

RSS Twitter :
- security
- linux
- botnet
- attack
- metasploit
- cisco

RSS Comments :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours
- Livres
- Communiques

RSS OPML :
- Français
- International

Abonnez vous � Nessus Professional Feed !


Revue de presse francophone :
- securite RSF choisit Linagora pour sécuriser son site Internet
- CERTA-2010-ACT-010 Bulletin d'actualité numéro 010 de l'année 2010 12 mars 2010
- CERTA-2010-AVI-119 Vulnérabilité dans dpkg 12 mars 2010
- CERTA-2010-AVI-120 Vulnérabilités dans Apple Safari 12 mars 2010
- Le smart grid trouve lentement sa place dans le secteur énergétique public
- Acquisition de GE Security par United Technologies Corp.
- Les professionnels adoptent le cloud computing mobile
- Sur les réseaux sociaux, les tags font le lien entre utilisateurs
- Check Point ABRA tout son bureau sur clé USB
- Les services dans les nuages font-ils courir un risque à l'entreprise
- Citrix lance XenApp 6
- Deux nouveaux routeurs VPN gigabit DrayTek
- CA SiteMinder Cross Site Scripting via WebWorks Help
- Le marketing en ligne, une alternative crédible à l'achat d'argent virtuel
- Le code pour exploiter une vulnérabilité dans Internet Explorer 6 et 7 rendu public

Dernier articles de SecuObs :
- Edenwall obtient une subvention de la DGA
- Imposter 0.9 une plateforme de phishing ciblant les navigateurs Web
- Une faille dans l’implémentation RSA de OpenSSL
- Flint un scanner pour simuler, vérifier et nettoyer les règles de filtrage
- SET 0.4.1 - Social Engineering Toolkit - une plateforme de Social Engineering
- 100 000 dollars pour le Pwn2own 2010
- Un botnet qui rapporte gros
- Webraider offre un reverse shell contre une simple injection SQL
- Des nouvelles du traité secret ACTA
- Keimpx un outil d'audit pour les réseaux Microsoft Windows

Revue de presse internationale :
- Inspector Gadget Automated Extraction of Proprietary Gadgets from Malware Binaries PDF
- Seven Firefox Plug-ins That Improve Online Privacy
- Three new options emerge for managing smartphones in the enterprise
- British Airways IT worker charged for 'terrorism plot'
- dreamlive Auktionshaus script news.php id SQL Injection Vulnerability
- Apple Updates Safari for 16 Flaws
- Teaching Old Dogs New Tricks Why Both Pentesters and Business Management Must Adapt
- Good Artists Copy, Great Artists Steal What I Couldn't Say
- Friday s Food for Thought LifeLock s Exploiting Consumer Fears and Not Delivering Will Not Be Tolerated
- How It Works The Hurt Locker s Bomb-Fighting Suit
- Herding Cats March The Business of Security
- ????,????
- The threat landscape is changing, AV fails to adjust
- The Nature of Funded Threats
- Download SUPERAntiSpyware Free Edition Kill Tough Malware

Annuaire des videos
- US to Use Immigration to Push National Biometric ID
- smartphone botnet article
- Understanding botnet
- Official sqlmap video demonstration 10
- Official sqlmap video demonstration 12
- Creating running and deleting files with Device File names
- Using SSLStrip to proxy an SSL connection and sniff it
- FIREWALL LINUX IPTABLES Disquete de Boot do BrazilFW www professorramos com
- RSA Conference USA 2010 Opening Ceremony
- Shmoocon 2010 Blackberry Mobile Spyware The Monkey Steals the Berries 4 6
- RSA Conference USA 2010 Remarks from Secretary Janet Napolitano US Homeland Security 1
- Shmoocon 2010 GPU vs CPU Supercomputing Security Shootout 1 3
- RSA Conference USA 2010 Shifts in the Security Paradigm What Cloud and Collaboration Demand
- Malware Analyzis Sandbox and PC Remote Control over Twitter Hak5
- Biometric ID Card Storm Troopers Raid Philly Bars

Revue Twitter
- Mmm, Western Union phishing. Of course I'll give you all my info to get 200K!
- [Video] Finding Linux Rootkits using Rkhunter http://securitytube.net/Finding-Linux-Rootkits-using-Rkhunter-video.aspx
- [Video] HNNCast for the first week of September, 2009 http://securitytube.net/HNNCast-for-the-first-week-of-September,-2009-video.aspx
- [Video] BTCrack (Bluetooth Pass Phrase Bruteforcer) http://securitytube.net/BTCrack-(Bluetooth-Pass-Phrase-Bruteforcer)-video.aspx
- [Video] USB Beer ( Funny Video ) http://securitytube.net/USB-Beer-(-Funny-Video-)-video.aspx
- [Video] Backtrack Series 7 (Cracking APless WEP Protected Network Using Hirte Attack) http://bit.ly/pNP5d
- [Video] W3af Basics (Web Application Attack and Audit Framework) http://bit.ly/5lzqQK
- [Video] Reverse Engineering 101 http://securitytube.net/Reverse-Engineering-101-video.aspx
- http://bit.ly/95OLyJ [Blog Spam] Teaching Old Dogs New Tricks Why Both Pentesters and Business Management Must Adapt , and yes it is a rant
- RT @fseek Real reason why most companies don?t waste their time with Linux: http://bit.ly/dbxEek (good point on binary compatibility..)

Mini-Tagwall
Revue de presse : security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone

+ de mots clés pour la revue de presse
Annuaires des videos : vmware, security, virus, biometric, windows, lockpicking, password, botnet, metasploit, tutorial, attack, crypt, linux

+ de mots clés pour les videos
Revue Twitter : security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall

+ de mots clés pour la revue Twitter



Top bi-hebdo des articles de SecuObs
- Apprendre à parler Skype pour mieux le faire taire !
- Des nouvelles du traité secret ACTA
- Une faille dans l’implémentation RSA de OpenSSL
- SET 0.4.1 - Social Engineering Toolkit - une plateforme de Social Engineering
- Keimpx un outil d'audit pour les réseaux Microsoft Windows
- 100 000 dollars pour le Pwn2own 2010
- Webraider offre un reverse shell contre une simple injection SQL
- Les acteurs de la lutte contre la cybercriminalité
- Keimpx un outil d'audit pour les réseaux Microsoft Windows
- Imposter 0.9 une plateforme de phishing ciblant les navigateurs Web

Top bi-hebdo de la revue de presse
- Sea World killer whale attack video leads to malware
- How to Jailbreak iPhone 3.1.3 IPSW with PwnageTool 3.1.5
- Dev Team Confirms iPhone 3.1.3 IPSW Jailbreak
- Rozlyn Papa sex tape rumours lead to malware
- FREE Kaspersky Internet Security 2010 Activation Code Valid for 6 Months
- Bajolet a-t-il dénoncé des agents de la DGSE
- installer backtrack 4 [tuto]
- Nouveau dictionnaire WPA Livebox
- Windows 7 browser choice screen March 1 Office 2010 ballot screen Highly critical Firefox vulnerability Google CEO Schmidt knows everything about you
- Flight simulator, c est périmé

Top bi-hebdo de l'annuaire des videos
- Comment creer un server botnet!!!!(Réseau de pc zombies)
- install MacOSX Snow Leopard in Windows PC using Vmware Workstation as virtual machine
- Blaze botnet in action www opensc ws
- Windows Backtrack 4 in Virtualbox Part 1
- Basic Squid Proxy Server Tutorial Part 3 of 3
- Running Wireshark on Mac OS X 10 6 Snow Leopard
- Ch0ry Euro iPhone 3G 3GS 30 Hack WIFI key
- Windows XP Pro SP3 in VMWare off iSCSI Target using gPXE over 802.11n
- SSLstrip wmv
- Avast Internet Security 5 0 396 Final Free Full Download Licensed with Serial Key

Top bi-hebdo de la revue Twitter
- Wirshark + SSH = Wireshark Remote Capturing - http://www.howtoforge.com/wireshark-remote-capturing (via @welias)
- RT @FrikiFeeds: The newbie's guide to hacking the Linux kernel | TuxRadar Linux http://dlvr.it/6sQp
- RT @manicode: Very interesting Java ESAPI-like library coming out of Apache : http://bit.ly/9poefg
- Exploit for Apache mod_isapi = 2.2.14 Dangling Pointer (CVE2010-0425) vulnerability ported to Metasploit http://bit.ly/ctDQjk
- Watching Metasploit Tricks 1 from @mubix - http://vimeo.com/9695470
- Discoverer: Automatic Protocol Reverse Engineering from Network Traces #pdf http://ow.ly/1gHd1
- RT @InfoSec208: The Virtual USB Analyzer: http://bit.ly/dpXc5F
- RT @damienmiller: Help test the new OpenSSH release (it's a big one): http://bit.ly/avLI9B #openbsd #openssh
- Product Watch: Free Tool Cleans Up Rusty, Unsafe Firewall Settings - Dark Reading http://bit.ly/d8hGhS #Security
- Apache releases version 2.2.15 with 5 security fixes including OpenSSL issue. http://bit.ly/9OGP6H

Top des articles les plus commentés
- [Metasploit 2.x – Partie 1] Introduction et présentation
- Microsoft !Exploitable un nouvel outil gratuit pour aider les développeurs à évaluer automatiquement les risques
- Webshag, un outil d'audit de serveur web
- Les navigateurs internet, des mini-systèmes d’exploitation hors de contrôle ?
- CAINE un Live[CD|USB] pour faciliter la recherche légale de preuves numériques de compromission
- [Renforcement des fonctions de sécurité du noyau Linux – Partie 1] Présentation
- Microsoft Gazelle, mini-OS virtuel basé sur MashupOS pour une navigation Web sécurisée par isolation
- Yellowsn0w un utilitaire de déblocage SIM pour le firmware 2.2 des Iphone 3G
- Nessus 4.0 placé sous le signe de la performance, de l'unification et de la personnalisation
- [Hacking Hardware - Partie 1] - Introduction et présentation

Online system for MPs' expenses sounds like recipe for disaster
Les derniers commentaires publiés sur SecuObs (1-5):
- Skype - URI Handler Input Validation
- OWASP CSRFTester Test Applications for CSRF
- ESRT @MarioVilas @DidierStevens - Added shellcode to Tweet to my library
- ESRT @ThisIsHNN @th3j35t3r - releases 2nd video of enhanced XerXeS attack - i
- plecost v0.2.2-7 Beta Update
Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS

Menu > Articles de la revue de presse : - l'ensemble [tous | francophone] - par mots clé [tous] - par site [tous] - le tagwall [voir] - Top bi-hebdo de la revue de presse [Voir]
S'abonner au fil RSS global de la revue de presse


Online system for MPs' expenses sounds like recipe for disaster

Par security_watchdog
Le [2009-06-10] à 18:04:24


Présentation : Gordon Brown has turned to web pioneer Tim Berners-Lee as he struggles to take control of the expenses scandal that has rocked his government for what feels like years already. Brown and the rest of Parliament is getting ready for its summer holidays so in the midst of scurrying around looking for passports and toothbrushes he has somehow found the time to come up with the idea of publishing all MPs' expense claims online - in the next few days. It is thought that by making MPs more accountable in this way they may stop claiming for things like funeral wreaths and duck habitats. Doing anything in the 'next few days' doesn't sound like a good idea to us. It has the ring of a rush around it and given the sensitivity of the information involved it really ought to come with the sort of protection that Danielle Lloyd rolls with these days. And that is likely to take a bit more time than the quoted few days. Unlike the old system, the fact that this one is online will make it open to abuse from both internal and external sources, whether that's admin staff accidentally leaving a USB stick containing expenses details on the train, or attackers trying to hack into the system. And given that the old system couldn't cope with internal abuse we can't help but worry how it will handle a nation full of disgruntled voters and a million sweaty keyboards. Anyway, like most government backed online initiatives it is bound to run years over schedule, cost billions, and then fall over due to demand on launch - maybe they could use an extra few days to actually make sure that it works.




AddThis Social Bookmark Widget



Les derniers articles du site "security_watchdog" :

- Adobe Reader now targeted more than Microsoft
- Financial services firms found wanting on security
- Twitter attacks snare senior politicians
- What to do when your social networking account gets hacked
- Webroot says that Web 2.0 terrifies businesses
- Iceman hacker gets 13 years
- Fake Firefox site pushing out adware
- Microsoft plays down IE flaw risk
- Haiti earthquake disaster exploited by cyber criminals
- How to spot malware the old-fashioned way



S'abonner au fil RSS global de la revue de presse
Menu > Articles de la revue de presse : - l'ensemble [tous | francophone] - par mots clé [tous] - par site [tous] - le tagwall [voir] - Top bi-hebdo de la revue de presse [Voir]

Si vous voulez bloquer ce service sur vos fils RSS :
 - avec iptables "iptables -A INPUT -s 88.191.75.173 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.191.75.173 to any 80"
- Nous contacter par mail





Les derniers commentaires publiés sur SecuObs (6-25):
- cookiemonster v1.6
- Automatic Reverse Engineering of Data Structures from Binary Execution
- Samhain v2.6.3 Beltane v2.3.19 released
- Social-Engineering Ninja v0.1 Beta - PHP scripts
- Botan 1.9.4
- The Beginning of the End of Data Retention
- A Notepad PoC for the remote CHM help file hijack MS vulnerability
- What's New in Chanalyzer 34
- gnupg 2.0.15
- fwbuilder 4.0.0
- ESRT @sbrabez - w3af 10-rc2 updated on FreeBSD
- ESRT @MarioVilas - gnupgpy is a Python API which wraps the GNU Privacy Guard
- ESRT @mosesrenegade @JoelEsler - How to make Snort Attribute tables using Nma
- ESRT @Trancer00t - Metasploit exploit module for the new MSIE 0day vuln
- ESRT @ToolsWatch - FireCAT v1.6.2 updated with 4 Firebug add-ons
- ESRT @komeilipour - Discoverer: Automatic Protocol Reverse Engineering from N
- BeEF Key Logging
- SubSeven v2.3.2010 released
- OpenSCAP v0.5.7 released
- Building a Linux Incident Response Forensic Disk


SecuToolBox :

Mini-Tagwall des articles publiés sur SecuObs :

Archives Failles Secunia :
- SA38868 Debian update for tdiary
- SA38890 NUs Newssystem id SQL Injection Vulnerability
- SA38876 Fedora update for samba
- SA38912 Kandidat CMS contentcenter Cross-Site Scripting Vulnerability
- SA38893 Jevci Siparis Formu Database Disclosure Security Issue

Archives Mailing Full Disclosure :
- Full-disclosure Claude Mercier/CLSC-CHSLD BVLV/Reg03/SSSS est absent(e).
- Full-disclosure ZDI-10-027: Skype Protocol Handler datapath Argument Injection Remote Code Execution Vulnerability
- Full-disclosure ZDI-10-028: Skype URI Processing Arbitrary XML File Deletion Vulnerability
- Re: Full-disclosure credit union phishing scam
- Re: Full-disclosure credit union phishing scam

Archives Mailing Bugtraq :
- USN-909-1 dpkg vulnerability
- Skype URI Handler Input Validation
- MDVSA-2010:060 squid
- Vulnerabilities in Abton
- Multiple vulnerabilities in SUPERAntiSpyware and Super Ad Blocker
- SECURITY DSA 2011-1 New dpkg packages fix path traversal

Mini-Tagwall de l'annuaire video :

Mini-Tagwall des articles de la revue de presse :

Mini-Tagwall des Tweets de la revue Twitter :