ESET Nod32 Antivirus | Antispyware | Console d administration
Chercher :
Newsletter :  
Revues :
- Presse
- Presse FR
- Vidéos
- Twitter
- Secuobs



Abonnez vous � Nessus Professional Feed !

Sponsors :

Sommaires :
- Tendances
- Failles
- Virus
- Concours
- Reportages
- Acteurs
- Outils
- Breves
- Infrastructures
- Livres
- Tutoriels
- Interviews
- Podcasts
- Communiques
- Commentaires

Revue Presse:
- Tous
- Francophone
- Par mot clé
- Par site
- Le tagwall


Top bi-hebdo:
- Ensemble
- Articles
- Revue
- Videos
- Twitter
- Auteurs

Articles :
- Par mot clé
- Par auteur
- Par organisme
- Le tagwall


Videos :
- Toutes
- Par mot clé
- Par site
- Le tagwall


Twitter :
- Tous
- Par mot clé
- Par compte
- Le tagwall


Commentaires :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours
- Livres
- Communiques

Secumail :
- Secunia
- Full Disclosure
- Bugtraq
- DailyDave
- Vulnwatch
- Vulndiscuss
- FunSec
- Focus-IDS
- WebAppSec
- Security-Basis

RSS/XML :
- Articles
- Brèves
- Commentaires
- Revue
- Revue FR
- Videos
- Twitter
- Secunia
- Full Disclosure
- Bugtraq
- DailyDave
- Vulnwatch
- Vulndiscuss
- FunSec
- Focus-IDS
- WebAppSec
- Security-Basis

RSS SecuObs :
- sécurité
- exploit
- windows
- microsoft
- réseau
- attaque

RSS Revue :
- security
- microsoft
- windows
- hacker
- attack
- network

RSS Videos :
- vmware
- security
- virus
- biometric
- windows
- lockpicking

RSS Twitter :
- security
- linux
- botnet
- attack
- metasploit
- cisco

RSS Comments :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours
- Livres
- Communiques

RSS OPML :
- Français
- International

Abonnez vous � Nessus Professional Feed !


Revue de presse francophone :
- securite Nouvelle alerte au malware sur un HTC Magic
- securite Risc Group démarre mal l'année
- Noyau Linux déni de service via VDSO et 64 bits
- E-commerce le succès passe par une veille technologique constante
- Futurologie facile...
- securite McAfee s'engage pour la sécurité du cloud computing
- Prelude Pro 1.0 est lancé par EdenWall Technologies
- Vilig nce GNU tar, cpio, buffer overflow via rmt
- Avast Quels sont les points communs entre google.fr, la redoute.fr et 123people.fr Leurs publicités sont infectées de virus
- Doctor Web annonce la sortie de deux nouveaux produits dotés d'un firewall
- OpenTrust signe un contrat pour assurer la migration de la PKI d'un leader de la grande distribution aux USA
- La Croix-Rouge française choisit MailInBlack pour sécuriser son système de messagerie électronique
- Acronis lance un logiciel de sauvegarde pour les Netbooks
- Les médias sociaux bénéfiques aux commerçants
- L'informatique verte face au paradoxe de l'énergie grise

Dernier articles de SecuObs :
- VASTO une extension Metasploit dédiée à l'exploitation des infrastructures virtuelles
- Hogger automatise la création des tables d'attributs Snort à partir des scans Nmap
- Edenwall obtient une subvention de la DGA
- Imposter 0.9 une plateforme de phishing ciblant les navigateurs Web
- Une faille dans l’implémentation RSA de OpenSSL
- Flint un scanner pour simuler, vérifier et nettoyer les règles de filtrage
- SET 0.4.1 - Social Engineering Toolkit - une plateforme de Social Engineering
- 100 000 dollars pour le Pwn2own 2010
- Un botnet qui rapporte gros
- Webraider offre un reverse shell contre une simple injection SQL

Revue de presse internationale :
- SophosLabs The Movie
- secfil.exe
- wmagents.exe
- Nokia will launch music service in India
- Understanding social engineering
- Understanding social engineering
- Rogue software details DoubleVaccine
- Bogus Piracy Report Misleads EU Legislators
- Zeus malware weakens as ISP support is choked
- News Facebook password stealing viruses are back
- svobp.exe
- News Digital TV may lead to spying
- 1 in 4 kids have tried hacking
- Plum Island Animal Disease Center Sale EIS
- Gate automation industry continues to decline

Annuaire des videos
- Vision x19 for Hak5
- Hak5 CES 2009 Day 1 Pow wow
- Catching up with Hak5 at CES 2010
- Homebrew Multitouch Hak5
- Free Application Sandbox Challenge and Top Ultra
- Airport WiFi Challenge and your Ultra Software Picks Hak5
- DHCP Exhaustion and DNS Man in the Middle Attacks Hak5
- Shmoocon 2010 Infrastructural Weaknesses in Distributed Wireless Communication Services 1 6
- Shmoocon 2010 Infrastructural Weaknesses in Distributed Wireless Communication Services 3 6
- ZyK Loader HTTP Botnet
- Die unsichersten Passw rter
- What is a Botnet
- Shmoocon 2010 Flying Instruments Only Legal and Privacy Issues in Cloud Computing
- Shmoocon 2010 Flying Instruments Only Legal and Privacy Issues in Cloud Computing
- Shmoocon 2010 Flying Instruments Only Legal and Privacy Issues in Cloud Computing

Revue Twitter
- Simple RFID slice ? FEN | Bar Code Information: Simple RFID sliceFENTURCK has released a Simple RFID (RFID-S) slic... http://bit.ly/9mZl1Y
- Machine-to-Machine (M2M) And RFID - New Market Report Published: by Press Office Machine-to-Machine (M2M) communic... http://bit.ly/9XPsN4
- RFID firm raises $12 million in funding: PARIS ? Tagsys, developer of RFID (Radio Frequency Identification) system... http://bit.ly/br6qXJ
- OWASP Fuzzing Code Database Updated! A lot new statements. Fuzzers Enjoy! - http://bit.ly/a3TRSE (via @welias)
- Botnet with integrated copy protection - http://security-sh3ll.blogspot.com/2010/03/botnet-with-integrated-copy-protection.html
- I am hiring PenTesters in Singapore and Hong Kong. #infosec (via @c7five)
- News Update: How to secure a Cisco router http://ow.ly/16PHsr
- News Update: heise Security - 21.07.09 - SSH vor Brute-Force-Angriffen schützen http://ow.ly/16PIuh
- RT @symantec: RT @2010NetThreat: Symantec says it has discovered a botnet set up to snag personal details from World Cup shoppers http:/ ...
- RT @helpnetsecurity: Rogue software details: DoubleVaccine - http://bit.ly/aUyTPS #malware

Mini-Tagwall
Revue de presse : security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone

+ de mots clés pour la revue de presse
Annuaires des videos : vmware, security, virus, biometric, windows, lockpicking, password, botnet, metasploit, tutorial, attack, crypt, linux

+ de mots clés pour les videos
Revue Twitter : security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall

+ de mots clés pour la revue Twitter



Top bi-hebdo des articles de SecuObs
- Apprendre à parler Skype pour mieux le faire taire !
- Une faille dans l’implémentation RSA de OpenSSL
- Imposter 0.9 une plateforme de phishing ciblant les navigateurs Web
- Flint un scanner pour simuler, vérifier et nettoyer les règles de filtrage
- VASTO une extension Metasploit dédiée à l'exploitation des infrastructures virtuelles
- Keimpx un outil d'audit pour les réseaux Microsoft Windows
- SET 0.4.1 - Social Engineering Toolkit - une plateforme de Social Engineering
- Des nouvelles du traité secret ACTA
- Webraider offre un reverse shell contre une simple injection SQL
- [Metasploit 2.x – Partie 1] Introduction et présentation

Top bi-hebdo de la revue de presse
- How to Jailbreak iPhone 3.1.3 IPSW with PwnageTool 3.1.5
- Sun Ray interception de données des DTU
- Dev Team Confirms iPhone 3.1.3 IPSW Jailbreak
- Rozlyn Papa sex tape rumours lead to malware
- FREE Kaspersky Internet Security 2010 Activation Code Valid for 6 Months
- installer backtrack 4 [tuto]
- Nouveau dictionnaire WPA Livebox
- La Face cachée de Facebook
- IIS 6 may stop responding after you install Microsoft update KB 973917
- Téléchargements Ados de mal en pis

Top bi-hebdo de l'annuaire des videos
- Comment creer un server botnet!!!!(Réseau de pc zombies)
- install MacOSX Snow Leopard in Windows PC using Vmware Workstation as virtual machine
- Ettercap Tutorial Man In The Middle Arp Attack
- vSphere 4 0 update 1 VMware Update Manager and EMC PowerPath VE
- Blaze botnet in action www opensc ws
- Windows XP Pro SP3 in VMWare off iSCSI Target using gPXE over 802.11n
- Running Wireshark on Mac OS X 10 6 Snow Leopard
- Avast Internet Security 5 0 396 Final Free Full Download Licensed with Serial Key
- Ch0ry Euro iPhone 3G 3GS 30 Hack WIFI key
- Shmoocon 2010 Firetalks SHODAN for Penetration Testers 1 2

Top bi-hebdo de la revue Twitter
- RT @manicode: Very interesting Java ESAPI-like library coming out of Apache : http://bit.ly/9poefg
- Wirshark + SSH = Wireshark Remote Capturing - http://www.howtoforge.com/wireshark-remote-capturing (via @welias)
- Nessus Scan through a Meterpreter Session (demo) http://vimeo.com/10203481 #PaulDotCom #nessus #meterpreter
- How to secure a Cisco router http://ping.fm/FkG7O
- Exploit for Apache mod_isapi = 2.2.14 Dangling Pointer (CVE2010-0425) vulnerability ported to Metasploit http://bit.ly/ctDQjk
- Nux Keylogger 0.0.1 http://packetstormsecurity.org/filedesc/nuxkeylogger0.0.1.c.html
- Collection of security checks for Linux http://bit.ly/a7IH7m
- RT @FrikiFeeds: The newbie's guide to hacking the Linux kernel | TuxRadar Linux http://dlvr.it/6sQp
- Discoverer: Automatic Protocol Reverse Engineering from Network Traces #pdf http://ow.ly/1gHd1
- RT @DidierStevens: cmd.dll reverse shell in memory payload used with PDF exploit: http://bit.ly/96thpF

Top des articles les plus commentés
- [Metasploit 2.x – Partie 1] Introduction et présentation
- Microsoft !Exploitable un nouvel outil gratuit pour aider les développeurs à évaluer automatiquement les risques
- Webshag, un outil d'audit de serveur web
- Les navigateurs internet, des mini-systèmes d’exploitation hors de contrôle ?
- CAINE un Live[CD|USB] pour faciliter la recherche légale de preuves numériques de compromission
- [Renforcement des fonctions de sécurité du noyau Linux – Partie 1] Présentation
- Microsoft Gazelle, mini-OS virtuel basé sur MashupOS pour une navigation Web sécurisée par isolation
- Yellowsn0w un utilitaire de déblocage SIM pour le firmware 2.2 des Iphone 3G
- Nessus 4.0 placé sous le signe de la performance, de l'unification et de la personnalisation
- GreenSQL un proxy MySQL pour filtrer les requêtes SQL et contrer les injections

Microsoft Security Essentials: Road Test
Les derniers commentaires publiés sur SecuObs (1-5):
- ESRT @opexxx - FireCAT v1.6.2 updated with BackendInfo
- sipwitch 0.7.4
- Oracle XDB FTP service UNLOCK buffer overflow exploit that spawns a reverse s
- XSSploit XSS scanner multiplatfom v0.5 available
- Network forensics in IRB xtractr Ruby gem
Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS

Menu > Articles de la revue de presse : - l'ensemble [tous | francophone] - par mots clé [tous] - par site [tous] - le tagwall [voir] - Top bi-hebdo de la revue de presse [Voir]
S'abonner au fil RSS global de la revue de presse


Microsoft Security Essentials: Road Test

Par Digital Soapbox Preaching Security to the Digital Masses
Le [2009-06-24] à 08:54:13


Présentation : What better way to test the effectiveness of a malware scanner than to go download random binaries from the dirtiest part of the Internet... the P2P networks. Even worse, to really test Microsoft's Security Essentials I decided I would download, install and run LimeWire... and download binaries (.exe files) that I would normally avoid like the plague. It's simple to find malware on the 'net these days... pop open LimeWire and search for something like "Photoshop crack" or "{random app here} keygen"... you'll find all the malware testing you could ever want. As a control to Microsoft's Security Essentials I used VirusTotal.com. If you've never used VirusTotal it's a service that uses the major scanners out there (~40'ish or so) to scan your uploaded file and give you a verdict... pretty neat utility. Since not every Anti-Malware (A/M) program catches all threats it's best to run the binaries I've harvested through this handy-dandy little tool to ensure that I have a good idea of what the competitive products are finding on the binaries I'm working with. I will admit the results are a little... shocking, even for Microsoft's standards. Let the games begin! ----- Testing Method: Download random [suspect] binaries from LimeWire Keyword Search: "keygen" "crack" File Types: Windows .exe files Control: VirusTotal.com ----- 1. Name: "Office Mac Keygen" | Verdict: Obvious | VirusTotal Link: Here ( 89.47%) | MS SecEssentials: Fail 2. Name: "All Sony Products KeyGen 1.2" | Verdict: Obvious | VirusTotal Link: Here ( 92.69% ) | MS SecEssentials: Detected - TrojanDownloader:Win32/Tonick.gen (removed) 3. Name: "ALL_Xilisoft_Products_Keygen_v_1" | Verdict: Obvious | VirusTotal Link: Here ( 90.25% ) | MS SecEssentials: Detected - TrojanDownloader: Win32/Tonick.gen (removed) 4. Name: "berry white incl keygen by REVENGE" | Verdict: Obvious | VirusTotal Link: Here ( 87.81% ) | MS SecEssentials: Detected - 2 Threats (in 2 files) TrojanDownloader: Win32/Tracur.A et Tracur.B (removed) 5. *Name: "conficker_including_keymaker_by_T" | Verdict: Average | VirusTotal Link: Here ( 66.67% ) | MS SecEssentials: Detected - TrojanDownloader: Win32/Tracur.A 6. Name: "solo_le_pido_dios__including_crack" | Verdict: Obvious | VirusTotal Link: Here ( 92.31% ) | MS SecEssentials: Detected - TrojanDownloader: Win32/Tracur.A 7. Name: "umidimmi_var_KeyGen.All_Versions.zip" | Verdict: Average | VirusTotal Link: Here ( 74.36% ) | MS SecEssentials: Fail 8. Name: "SRS_Audio_SandBox_1.9.0.4_with_Keygen.zip" | Verdict: Obvious | VirusTotal Link: Here ( 90.25% ) | MS SecEssentials: Detected - TrojanDownloader: Win32/Tonick.gen 9. Name: "y_hubo_alguin_crack-serial-keygen.zip" | Verdict: Average | VirusTotal Link: Here ( 70.74% ) | MS SecEssentials: Fail 10. Name: "registry_clearner_from_TSRh_team (cracked).zip" | Verdict: Average | VirusTotal Link: Here ( 60.53% ) | MS SecEssentials: Fail Looking at the results, one could conclude that Microsoft's SecurityEssentials did not fare well compared to other anti-malware scanning engines. That being said the Security Essentials detection engine broke down on 1 obvious piece of malware (90% detection rate) and then choked on another 3 pieces of malware that had 60%, 70%, and 74% detection rates respectively. Ordinarily that's pretty bad but when you consider that Microsoft Security Essentials is free... one has to wonder. Overall some things that I noticed is that the engine's real time protection is a little lacking, as it rarely (only once) caught the piece of malware as it was being unzipped, and typically only when I attempted to actually run the file. This obviously isn't optimal, but not an entirely show-stopping failure given that most of the active pieces of malware require you to activate them somehow... such as double-clicking to execute the file. --- Bottom Line: The verdict, unfortuntaely folks... is that Microsoft's Security Essentials is essentially lacking on the detection front. In a world where Internet-borne threats are polymorphic, stealth, and ever-changing the Security Essentials tool fails to deliver real protection against the nasty things that go bump on the 'net. Even when compared against other freeware detection engines (such as AVG) Microsoft's engine still competes poorly, since every single piece of malware that Security Essentials missed, AVG's scanner caught. Sorry to say - but I recommend spending the cash for a decent anti-malware scanner boys and girls, "Code-name Morro" (Microsoft Security Essentials) isn't up to the task of protecting your computer. Interestingly enough - Steve Ragan over at The Tech Herald had exactly the opposite results. Odd... not sure what to make of this yet... but rest assured more analysis is happening as you read this. Check out Steve's absolutely comprehensive analysis (complete with video!) here... http://www.thetechherald.com/article.php/200926/3926/Review-Microsoft-Security-Essentials [][] [] [][]

Les mots clés de la revue de presse pour cet article : microsoft security
Les videos sur SecuObs pour les mots clés : microsoft security
Les mots clés pour les articles publiés sur SecuObs : microsoft security
Les éléments de la revue Twitter pour les mots clé : microsoft security



AddThis Social Bookmark Widget



Les derniers articles du site "Digital Soapbox Preaching Security to the Digital Masses" :

- How NOT To Do a Security Advisory
- Internet Surveillance... for your Credit/Debit Cards?
- RANT Forget SSNs
- Fun PDF Stuffing Feature... hack
- SecurityMetrics - Another Site Security Certification Seal
- RANT Call Me a Realist
- OWASP Podcast #27 - Security Skeletor
- What ever happened to...
- Microsoft Security Essentials: Road Test
- Microsoft Security Essentials: First Impressions
- Bring on the KY
- OWASP 2009 AppSecDC Thoughts
- The iPhone worm ... SRSLY
- Completely Missing the Point
- CSI Annual 2009
- Fox News Bring Your Toddler To Work Day
- Hell in a Handbasket ...
- The Jihad Job ... recruiting via email
- What privacy I use Google ...
- Infosec is Rotten



S'abonner au fil RSS global de la revue de presse
Menu > Articles de la revue de presse : - l'ensemble [tous | francophone] - par mots clé [tous] - par site [tous] - le tagwall [voir] - Top bi-hebdo de la revue de presse [Voir]

Si vous voulez bloquer ce service sur vos fils RSS :
 - avec iptables "iptables -A INPUT -s 88.191.75.173 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.191.75.173 to any 80"
- Nous contacter par mail





Les derniers commentaires publiés sur SecuObs (6-25):
- GreenPois0n Possible Jailbreak Software for iPad OS 32
- Blazing fast password recovery with new ATI cards
- ESRT @wireheadlance - How to secure a Cisco router
- Device Fingerprinting to Fight Real-time Transaction Fraud
- Penetrating Intranets through Adobe Flex Applications
- Updated the OWASP Fuzzing Code Database
- ESRT @jcran - how to convert a NASL check to a NeXpose check
- The New Disclosure Debate and the Evil Mr. Moore
- Charlie Miller Will Expose 20 Hackable Apple Security Flaws
- Digital Forensics Framework v0.5 released
- OSSIM v2.2 Multiple Vulnerabilities
- Virtual PC Hypervisor Memory Protection Vulnerability
- Virtual machines being used to obfuscate malware
- Implement the SSH-2 protocol in pure Java
- Video : ESRT @securityshell - Nessus Scan through a Meterpreter Session
- ESRT @Jhaddix Man-Just-Left-of-Middle MJLM XSS Phishing Attack Tool
- An Analysis of the Skype IMBot Logic and Functionality
- sipwitch 0.7.3
- Saint Vulnerability Scanner v7.3 on the wild
- JBroFuzz 2.0 Fuzzer Released


SecuToolBox :

Mini-Tagwall des articles publiés sur SecuObs :

Archives Failles Secunia :
- SA38986 Red Hat update for cpio
- SA38936 Red Hat update for cpio
- SA39002 Fedora update for viewvc
- SA38923 Red Hat update for cpio
- SA38997 Web Wiz Forums Cross-Site Request Forgery

Archives Mailing Full Disclosure :
- Full-disclosure Claude Mercier/CLSC-CHSLD BVLV/Reg03/SSSS est absent(e).
- Re: Full-disclosure SecurityFocus to partially shut down
- Full-disclosure Wordpad Command line argument vulnerability is it known ?
- Full-disclosure Decrypting MPPE / PPTP network traffic
- Full-disclosure USN-914-1 Linux kernel vulnerabilities

Archives Mailing Bugtraq :
- Miranda IM silent TLS failure
- Vulnerabilities in VXDate for Joomla
- CORELAN-10-13 - Windisc Local Stack BOF
- security bulletin HPSBGN02511 SSRT100022 rev.2 - HP Small Form Factor or Microtower PC with Broadcom Integrated NIC Firmware, Remote Execution of Arbitrary Code
- CORE-2010-0311 - eFront-learning PHP file inclusion vulnerability
- CORE-2009-0803: Virtual PC Hypervisor Memory Protection Vulnerability

Mini-Tagwall de l'annuaire video :

Mini-Tagwall des articles de la revue de presse :

Mini-Tagwall des Tweets de la revue Twitter :