- Should vendors have to PAY a security research firm to receive detailed vulnerability disclosure? SecuObs - L'observatoire de la sécurite internet - Site d'informations professionnelles francophone sur la sécurité informatique

Should vendors have to PAY a security research firm to receive detailed vulnerability disclosure?

Les derniers commentaires publiés sur SecuObs (1-5):

- ESRT @devilok - Buck Security - Collection of security checks for Linux - WhatWeb v0.4 - released - SQLmap 0.8 has been Released - Video : Discovering CSRF with OWASP's CSRFTester Tool - How your email gets hacked Les derniers commentaires publiés sur SecuObs (6-25) Tous les commentaires publiés sur SecuObs avant les 5 derniers

Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS

Menu > Articles de la revue de presse : - l'ensemble [tous | francophone] - par mots clé [tous] - par site [tous] - le tagwall [voir] - Top bi-hebdo de la revue de presse [Voir]

S'abonner au fil RSS global de la revue de presse

Should vendors have to PAY a security research firm to receive detailed vulnerability disclosure?

Par Voice of VOIPSA
Le [2009-07-02] à 00:09:03

Présentation : This is a guest post from Andy Zmolek, Senior Manager, Security Planning and Strategy at Avaya, and past participant in VOIPSEC mailing list discussions and other VOIPSA activities. Andy asked if I could publicize this because he believes it is a discussion which we in the security community need to have. Text by Andy Zmolek of [...]

Les mots clés de la revue de presse pour cet article : security research vulnerability
Les videos sur SecuObs pour les mots clés : security research vulnerability
Les mots clés pour les articles publiés sur SecuObs : security
Les éléments de la revue Twitter pour les mots clé : security research vulnerability

Lire l'article complet sur le site d'origine

S'abonner au fil RSS Secuobs pour le site "Voice of VOIPSA"
Voir tous les articles du site "Voice of VOIPSA"

Les derniers articles du site "Voice of VOIPSA" :

- Damballa releases detailed analysis of Aurora botnet that attacked Google and others
- VoIP Fraudster and Fugitive Edwin Pena pleads guilty
- Dialstring injection vulnerability in Asterisk
- Internet-Draft out about ICMP attacks against TCP
- Cyber War
- The need for increased security awareness in small to medium business in 2010.
- Shodan Computer Search Engine and VoIP Devices
- Asterisk Security Advisory RTP Remote Crash Vulnerability
- Fugitive VoIP fraudster Edwin Pena extradited, to be arraigned today in NJ court
- Blue Box Podcast 86 out, with an update on the show

Voir tous les articles du site "Voice of VOIPSA"

S'abonner au fil RSS global de la revue de presse

Menu > Articles de la revue de presse : - l'ensemble [tous | francophone] - par mots clé [tous] - par site [tous] - le tagwall [voir] - Top bi-hebdo de la revue de presse [Voir]

Si vous voulez bloquer ce service sur vos fils RSS :
- avec iptables "iptables -A INPUT -s 88.191.75.173 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.191.75.173 to any 80"
- Nous contacter par mail

Les derniers commentaires publiés sur SecuObs (6-25):

- Sniff-n-Spit v1.0 - intercepting communications - RFID reader for iPhone - Fimap alpha v0.8 released - ESRT @Opexxx - Add IPv6 DNS Brute Forcing - Metasploit DNS Enum module - ESRT @nevdull77 - XSS demo steals password from password manager - Video : ESRT @SecurityTube - Video Internet Explorer Iepeers Pointer Exploit - ESRT @0x58 @packet_storm - Adobe PDF LibTiff Integer Overflow - Video : ESRT @TimelessP - Aurora Exploit with alternate payload passing throu - ESRT @ITVulnerability - PeerSec MatrixSSL - Embedded SSL and TLS implementati - ESRT @packet_storm - Nux Keylogger 0.0.1 - ESRT @threatpost - New capabilities are strengthening the ZeuS botnet allowin - Wireshark Display Filters cheatsheet v2.0 - tcpdump cheatsheet v2.0 - ESRT @virturity - Virtualization security assessment modules for Metasploit V - ESRT @opexxx - Meterpreter script for extracting information from Windows lnk - Update on Microsoft Security Advisory 981374 - SSD Tools Crack Passwords 100 Times Faster - phpMyAdmin version 3.3.0 suffers from a cross site scripting vulnerability - libcap-ng 0.6.3 - iScanner v0.4 released - Malicious codes scanner Les cinq derniers commentaires publiés sur SecuObs Tous les commentaires publiés sur SecuObs avant les 25 derniers

SecuToolBox :

Bluetooth Stack Smasher v0.6 / Bluetooth Stack Smasher v0.8 / Slides Bluetooth Eurosec 2006 / Exposé vidéo Windows Shellcode - Kostya Kortchinsky / Exposé audio Reverse Engineering - Nicolas Brulez / Exposé vidéo Securitech - Pierre Betouin / WEP aircrack + Ubiquiti (MadWifi) 300 mW + Yagi / Secure WIFI WPA + EAP-TLS + Freeradius / Audit Windows / Captive Password Windows / USBDumper / USBDumper 2 / Hacking Hardware / WishMaster backdoor / DNS Auditing Tool / Ettercap SSL MITM / Exploit vulnérabilités Windows / Memory Dumper Kernel Hardening / Reverse Engineering / Scapy / SecUbuLIVE CD / Metasploit / eEye Blink Sec Center / eEye Retina Scanner + d'outils / + de tutoriels

Mini-Tagwall des articles publiés sur SecuObs :

sécurité, exploit, windows, microsoft, réseau, attaque, outil, vulnérabilité, audit, systčme, virus, internet, données, présentation, linux, metasploit, bluetooth, protocol, vista, réseaux, shell, scanner, engineering, rootkit, wishmaster, trames, conférence, source, paquet, téléphone, mobile, sysun, noyau, rapport, botnet, téléphones, mémoire, https, navigateur, intel, patch, reverse, libre, scapy, securitech + de mots clés avec l'annuaire des articles publiés sur SecuObs

Archives Failles Secunia :

- SA38905 Debian update for linux-2.6 - SA38927 Fedora update for cups - SA38932 Apple Safari Multiple Vulnerabilities - SA38900 Eros Webkatalog id SQL Injection Vulnerability - SA38888 Unbound Memory Alignment Denial of Service + d'archives failles avec Secunia et SecuMail

Archives Mailing Full Disclosure :

- Full-disclosure Claude Mercier/CLSC-CHSLD BVLV/Reg03/SSSS est absent(e). - Re: Full-disclosure HITB-Announce HITBSecConf2010 - Dubai Agenda Released - Full-disclosure HITB-Announce HITBSecConf2010 - Dubai Agenda Released - Re: Full-disclosure SecurityFocus to partially shut down - Re: Full-disclosure SecurityFocus to partially shut down + d'archives Full Disclosure avec SecuMail

Archives Mailing Bugtraq :

- VUPEN Security Research - Apple Safari ColorSync Profile Integer Overflow Vulnerability - XSS I found a xss in phpmyadmin 3.3.0 when we create new database in interface! - SECURITY DSA 2014-1 New moin packages fix several vulnerabilities - USN-911-1 MoinMoin vulnerabilities - iDefense Security Advisory 03.11.10: Multiple Vendor WebKit HTML Element Use After Free Vulnerability - SECURITY DSA 2013-1 New egroupware packages fix several vulnerabilities + d'archives Bugtraq avec SecuMail

Mini-Tagwall de l'annuaire video :

vmware, security, virus, biometric, windows, lockpicking, password, botnet, metasploit, tutorial, attack, crypt, linux, network, iphone, server, exploit, wimax, conficker, virtu, virtual, engineering, cisco, reverse, ettercap, wireshark, shmoocon, hacker, firewall, internet, knoppix, rootkit, arduino, conference, source, wireless, backtrack, openbsd, brucon, systm, overflow, openssh, buffer, access, remote + de mots clés avec l'annuaire des videos

Mini-Tagwall des articles de la revue de presse :

security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité + de mots clés avec l'annuaire de la revue de presse

Mini-Tagwall des Tweets de la revue Twitter :

security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack + de mots clés avec l'annuaire de la revue Twitter