http://www.secuobs.com Observatoire de la securite Internet fr webmaster@secuobs.com 2015-06-19 02:51:08 - Matt Suiche : Few days ago, Wikipedia Founder s, Jimmy Wales, recently told CNBC The proportion of women working in technology is disastrous for the sector According to a recent article in CNET by Roger Cheng, the number of women in technical position at large tech companies range between 10pourcents and 20pourcents And as extracted from Paul Ford s What http://www.secuobs.com/revue/news/574612.shtmlhttp://www.secuobs.com/revue/news/574612.shtml Secuobs.com : 2015-03-29 21:19:11 - Matt Suiche - Most of you probably already know the Cyber Fast Track CFT program from DARPA, formely led by Peiter Zatko congrats again , that provides fast access to grants to US cyber security researchers In July 2013, France tried to launch a similar project but obviously applications are more complex and bureaucratic called Investissements d avenir pour la Continue reading La French Tech Cyber-Security Where is the money http://www.secuobs.com/revue/news/565233.shtmlhttp://www.secuobs.com/revue/news/565233.shtml Secuobs.com : 2015-03-09 15:02:25 - Matt Suiche - In March 2014, Le Monde journalists Martin Untersinger and Jacques Follorou, released an article providing documents from the Communications Security Establishment Canada CSEC accusing France of cyber-attacks against Iran between November 2009 and 2010 including the Atomic Energy Organization of Iran AEOI In July 2012, two years after the first discovery of Stuxnet, Meghan http://www.secuobs.com/revue/news/562657.shtmlhttp://www.secuobs.com/revue/news/562657.shtml Secuobs.com : 2014-12-20 03:48:48 - Matt Suiche - As the world is shaking because North Korea is intimidating American public companies with the most sophisticated cyber-attacks ever seen, I figured it would be a good timing to support intelligence agencies by open-sourcing my Windows Debugging Extension designed for Digital Forensics and Incident Response But also, I m unforuntely lacking of time to support that http://www.secuobs.com/revue/news/551182.shtmlhttp://www.secuobs.com/revue/news/551182.shtml Secuobs.com : 2014-10-13 07:03:55 - Matt Suiche - Here is a short-list of missing features for international mobile users Feel free to contact me on msuiche or over e-mail if there is any feature you think is missing but more necessary than changing the colors of your icons at every release 1 Smart address book There is no reason your contact book would http://www.secuobs.com/revue/news/539740.shtmlhttp://www.secuobs.com/revue/news/539740.shtml Secuobs.com : 2014-08-19 19:09:51 - Matt Suiche - CHANGELOG - UPDATE doc file - UPDATE Added DbgkpLkmdDataCollectionCallbacks support in ms_callbacks - ADD ms_exqueue more info - ADD ms_store more info - BUGFIX ms_idt Download Current version is v0620140819 19 August 2014 http://www.secuobs.com/revue/news/530551.shtmlhttp://www.secuobs.com/revue/news/530551.shtml Secuobs.com : 2014-08-01 12:35:44 - Matt Suiche - Pentagon Five-Year until 2018 Cybersecurity Plan Seeks 23 Billion cf 2015 Fiscal Year Budget request That is around 16x times 46 Bn Year the annual budget of DARPA 28 Bn Year France Five-Year until 2019 Cybersecurity plan is EUR 1 Billion This is around 133x times EUR 200M Year the budget allocated to the call for projects in http://www.secuobs.com/revue/news/527946.shtmlhttp://www.secuobs.com/revue/news/527946.shtml Secuobs.com : 2014-07-16 06:26:48 - Matt Suiche - SwishDbgExt is a Microsoft WinDbg debugging extension that expands the set of available commands by Microsoft WinDbg, but also fixes and improves existing commands Description This extension has been developed by Matt Suiche msuiche feel free to reach out on Twitter even better, on the mailing list to ask for more features, offer to http://www.secuobs.com/revue/news/525340.shtmlhttp://www.secuobs.com/revue/news/525340.shtml Secuobs.com : 2014-06-13 20:33:57 - Matt Suiche - Most of you probably already know the Cyber Fast Track CFT program from DARPA, formely led by Peiter Zatko congrats again , that provides fast access to grants to US cyber security researchers In July 2013, France tried to launch a similar project but obviously applications are more complex and bureaucratic called Investissements d avenir pour la http://www.secuobs.com/revue/news/518829.shtmlhttp://www.secuobs.com/revue/news/518829.shtml Secuobs.com : 2014-06-10 10:36:18 - Matt Suiche - Some of you may have ever used RtlQueryRegistryValues, and probably wondered what Microsoft meant by saying Starting with Windows 8, if an RtlQueryRegistryValues call accesses an untrusted hive, and the caller sets the RTL_QUERY_REGISTRY_DIRECT flag for this call, the caller must additionally set the RTL_QUERY_REGISTRY_TYPECHECK flag A hive is marked as untrusted using the 0 1 http://www.secuobs.com/revue/news/517979.shtmlhttp://www.secuobs.com/revue/news/517979.shtml Secuobs.com : 2014-04-28 13:19:59 - Matt Suiche - As part of my previous series of articles on developping WinDbg ExtEngCpp extension, I will cover through two examples how to use symbols efficiently while writing your extension In the past, I tried several times to report issues eg reg subkeylist , but I never had a response from the WinDbg team Same thing when I http://www.secuobs.com/revue/news/510639.shtmlhttp://www.secuobs.com/revue/news/510639.shtml Secuobs.com : 2014-04-22 20:07:19 - Matt Suiche - I recently had the chance to travel through Iran and to meet cool folks like Arash during my trip I will comment more later In the meantime enjoy the pictures below and access to the full album on Flickr here Kid from a nomad tribe near Pasargad Angry Birds Hijab Nasīr al-Mulk Mosque in Shiraz http://www.secuobs.com/revue/news/509649.shtmlhttp://www.secuobs.com/revue/news/509649.shtml Secuobs.com : 2014-04-11 16:09:34 - Matt Suiche - tl dr Just a reminder that Heartbleed is not a one-time event and that companies have much more bugs partly written by themselves They need to be aware that their developers don t have the expertise to write safe code, and that they should invest in people who have the right skill-set In my previous article, I http://www.secuobs.com/revue/news/507792.shtmlhttp://www.secuobs.com/revue/news/507792.shtml Secuobs.com : 2014-04-10 10:36:39 - Matt Suiche - Heartbleed CVE-2014-0160 is a bug found in OpenSSL due to a misimplementation of the Heartbeat functionality, and found by Neel Mehta Google Security Team A lot of people Existentialize, IOActive, etc already provided an analysis of the CVE-2014-0160 bug, widely known under the name Heartbleed , but nobody as analyzed the fix yet I had a http://www.secuobs.com/revue/news/507463.shtmlhttp://www.secuobs.com/revue/news/507463.shtml Secuobs.com : 2014-04-09 13:55:59 - Matt Suiche - This is a picture I took a morning few days ago in Dubai http://www.secuobs.com/revue/news/507245.shtmlhttp://www.secuobs.com/revue/news/507245.shtml Secuobs.com : 2014-03-15 06:45:30 - Matt Suiche - Access to the full album here I recently had the chance to travel across Yemen, which is a not well known but beautiful country with a unique ecosystem Even through the country is listed as high security level threat, the areas I ve been visited were relatively safe and I didn t experience any troubles during my http://www.secuobs.com/revue/news/503084.shtmlhttp://www.secuobs.com/revue/news/503084.shtml Secuobs.com : 2014-02-22 14:44:40 - Matt Suiche - Today, Apple released an important patch where Secure Transport SSL TLS failed to validate the authenticity of secure connections This issue was addressed by restoring missing validation steps This translates as potential man-in-middle interception and manipulation of encrypted data weaknesses as highlighted by Apple An attacker with a privileged network position may capture or modify data http://www.secuobs.com/revue/news/499297.shtmlhttp://www.secuobs.com/revue/news/499297.shtml Secuobs.com : 2014-01-20 20:22:48 - Matt Suiche - In the previous articles, we have seen the basics of the functionalities and architecture of writing a WinDbg ExtEngCpp extension We now gonna move forward with additional functionalities Debugger Data Values A useful function is IDebugDataSpaces ReadDebuggerData which retrieves data from the KDDEBUGGER_DATA64 structure nt KdDebuggerDataBlock if g_Ext-m_Data-ReadDebuggerData DEBUG_DATA_KernBase, Data, sizeof Data , NULL S_OK http://www.secuobs.com/revue/news/492880.shtmlhttp://www.secuobs.com/revue/news/492880.shtml Secuobs.com : 2014-01-15 14:19:34 - Matt Suiche - In my previous post, we started to get familiar with ExtEngCpp types and functions Now we gonna see how to use more low-level functions part of the COM interface As we can see blow, there is a total of 27 interfaces as part of the base class ExtExtension accessible by g_Ext ExtCheckedPointer IDebugAdvanced http://www.secuobs.com/revue/news/491717.shtmlhttp://www.secuobs.com/revue/news/491717.shtml Secuobs.com : 2014-01-12 22:01:14 - Matt Suiche - WinDbg Software Development Kit is a very powerful resource to have, especially if you know how to use it But there is a fairly low amount of publicly available resources regarding it, and the official documentation doesn t provide enough examples in my opinion Furthermore, if you search online for common class from the SDK you http://www.secuobs.com/revue/news/491151.shtmlhttp://www.secuobs.com/revue/news/491151.shtml Secuobs.com : 2014-01-08 15:05:30 - Matt Suiche - First, I think I was probably like most of you now when reading about Internet Of Things IoT and Make It Wearable What is this This is basically about things implying devices, clothes, etc that would be connected wirelessly to Internet In other words, not only laptops, computers and smartphones have access to internet http://www.secuobs.com/revue/news/490397.shtmlhttp://www.secuobs.com/revue/news/490397.shtml Secuobs.com : 2014-01-06 00:58:45 - Matt Suiche - Two majors events happened in the past few weeks The first one is the release of additional documents by Jacob Appelbaum during his 30C3 talk and Der Spiegel about the NSA Catalog dated 2007-2008 And the second one is the acquisition of Mandiant by FireEye for 1 billion dollars There are few documents from the http://www.secuobs.com/revue/news/489842.shtmlhttp://www.secuobs.com/revue/news/489842.shtml