http://www.secuobs.com Observatoire de la securite Internet fr webmaster@secuobs.com 2013-06-19 07:32:26 - Security Bloggers Network : The other day Apple released a privacy transparency statement discussing, among other things, how they can not decrypt iMessage content sent or Facetime sessions between two iOS devices See their full statement below There were some other interesting tidbits to consider in their statement as well For example regarding the recent PRISM leak, Apple does not mention anything about direct access to network gear versus just servers Who cares about servers if you have a direct tap into all the network traffic The statement also discusses the number of National Security Letters NSLs and other law enforcement LE requests from the last five months as being between 4,000 to 5,000 Seems high but not too bad if you consider the thousands of LE jurisdictions throughout the country Of course there could have also just been one of those other requests and 4,999 NSLs Finally, Apple closes with the comment about iMessage content mentioned above The way the statement reads it seems to only apply to messages in motion between two devices As most of us in security know protecting data in motion is only half of the solution Any system also needs to protect data at rest eg, files http://www.secuobs.com/revue/news/452289.shtmlhttp://www.secuobs.com/revue/news/452289.shtml 2013-06-19 02:29:50 - Symantec Connect Security Response Billets : For sports fans, the most exciting time of the year is the post season It is when the underdogs have a chance to topple the better teams in the league, or last year's champions are trying to win it again Depending on the sport, these events can draw a lot of viewers, whether it is a single event or a seven game series So, its no surprise there are sites that claim to offer fans the ability to watch these events online Right now, we are in the midst of the NBA finals pitting some of the finest players in the league against each other in their quest to win it all The series was just tied 2-2 before Game 5 on Sunday On that day, some Facebook users may have seen pages offering a free live stream of the game image1_2jpeg Figure 1 Free live NBA Finals stream posted on Facebook Facebook users may also see posts about NBA Finals live streams linking to a page hosted on Tumblr image2_1jpeg Figure 2 Free live NBA Finals stream page on Tumblr When a user selects YES I AGREE on the Tumblr page they are redirected back to Facebook and asked to install an NBAFinals Facebook application image3_0jpeg Figure 3 Scam NBAFinals Facebook app, permissions request This Facebook application requests access to your profile, friends list, and email address If a user grants permission, the application will request more permissions image4jpeg Figure 4 Scam NBAFinals Facebook app requests additional permissions In addition to posting to your friends on your behalf, the scam Facebook application requests more permissions that do not make any sense for an application to have in order to enjoy free live streaming, such as access to manage your Facebook pages Even worse, after the application installs, users are redirected to another Tumblr site and asked to spread the scam on Facebook before proceeding image5jpeg Figure 5 Scam NBA Finals site asks users to share on Facebook image6jpeg Figure 6 NBA Finals scam spreads on Facebook For the user, after all this, there is no live stream presented Instead, users will see a video player that doesn t work Clicks on the video player redirects users to a plugin install page that earns the scammers money through affiliate links image7jpeg Figure 7 NBA Finals scam page contains no live stream There are some references in the final page to other sites that claim to offer live streams of the game These pages are not official however, and these types of streaming sites are prohibited For the scammers, getting the user to install their Facebook application keeps the scam going because the application posts messages to your timeline on your behalf image8jpeg Figure 8 Scam NBAFinals app timeline post on Facebook In cooperation with Symantec, Tumblr has removed the sites associated with this scam and we have reported the application to Facebook Users should be aware which applications they install on Facebook, especially when looking for special features or access to websites that offer live sport streams If it seems suspicious, most likely it is http://www.secuobs.com/revue/news/452267.shtmlhttp://www.secuobs.com/revue/news/452267.shtml 2013-06-19 00:35:10 - New RFCs : 102KB The purpose of this document is to provide applicability of the Access Node Control Mechanism to broadband access based on Passive Optical Networks PONs The need for an Access Node Control Mechanism between a Network Access Server NAS and an Access Node Complex, composed of a combination of Optical Line Termination OLT and Optical Network Termination ONT elements, is described in a multi-service reference architecture in order to perform QoS-related, service-related, and subscriber-related operations The Access Node Control Mechanism is also extended for interaction between components of the Access Node Complex OLT and ONT The Access Node Control Mechanism will ensure that the transmission of information between the NAS and Access Node Complex ANX and between the OLT and ONT within an ANX does not need to go through distinct element managers but rather uses direct device-to-device communication and stays on net This allows for performing access-link-related operations within those network elements to meet performance objectives http://www.secuobs.com/revue/news/452209.shtmlhttp://www.secuobs.com/revue/news/452209.shtml 2013-06-19 00:07:28 - Network Security Podcast : After a week off, Rich and Zach take the helm again to discuss anything-other-than-PRISM-NSA-SNOWDEN-SECURITY-GOVERNMENT-SURVEILLANCE-OMG-gate Network Security Podcast, Episode 316, June 18, 2013 Time 33 35 Show notes Scores of vulnerable SAP deployments uncovered Zamfoo Critical Security Vulnerabilities They Don t Seem To Care Zeus Money Mule Recruiting Scam Targets Job Seekers 37 critical Java holes to http://www.secuobs.com/revue/news/452200.shtmlhttp://www.secuobs.com/revue/news/452200.shtml 2013-06-18 23:24:50 - SANS Internet Storm Center InfoCON green : more http://www.secuobs.com/revue/news/452197.shtmlhttp://www.secuobs.com/revue/news/452197.shtml 2013-06-17 23:30:22 - 4sysops : A picture of Michael PietroforteMVP Michael Pietroforte - 0 comments Michael Pietroforte is a Microsoft Most Valuable Professional MVP with more than 28 years of experience in system administration Michael Pietroforte - 0 comments Michael Pietroforte is a Microsoft Most Valuable Professional MVP with more than 28 years of experience in system administration New in the 4sysops forum The hosted network couldn t be started after netsh wlan start hostednetwork New in the 4sysops forum Accidentally sent email Copyright 2006-2013, 4sysops, Digital fingerprint 3db371642e7c3f4fe3ee9d5cf7666eb0 Copyright 2006-2013, 4sysops, Digital fingerprint 3db371642e7c3f4fe3ee9d5cf7666eb0 http://www.secuobs.com/revue/news/451963.shtmlhttp://www.secuobs.com/revue/news/451963.shtml 2013-06-17 19:03:40 - Security Bloggers Network : The focus should be on making it much easier to report attacks to those who will take action against predators and those who have aided and abetted them, not to regulators who will merely penalise the messenger The only mandatory requirements should be on those to whom attacks are reported This should include acting as a first stop shop and passing reports to those who may be in a better position to take action http://www.secuobs.com/revue/news/451900.shtmlhttp://www.secuobs.com/revue/news/451900.shtml 2013-06-17 18:11:53 - Security Bloggers Network : As we wrap up Network-based Malware Detection 20, the areas of most rapid change have been scalability and accuracy That said, getting the greatest impact on your security posture from NBMD requires a number of critical decisions You need to determine how the cloud fits into your plans Early NBMD devices evaluated malware within the device on-box sandbox , but recent advances and new offerings have moved some or all the analysis to cloud compute farms You also need to figure out whether to deploy the device inline, in order to block malware before it gets in Blocking whatever you can may sound like an easy decision, but there are trade-offs to consider as there always are To Cloud or Not to Cloud ------------------------- On-box or in-cloud malware analysis has become one of those religious battlegrounds vendors use to differentiate their offerings from one another Each company in this space has a 70-slide deck to blow holes in the competition s approach But we have no use for technology religion so let s take an objective look at the options Since the on-box analysis of early devices, many recent offerings have shifted to cloud-based malware analysis The biggest advantage to local analysis is reduced latency you don t need to send the file anywhere so you get a quick verdict But there are legitimate issues with on-device analysis, starting with scalability You need to evaluate every file that comes in through every ingress point unless you can immediately tell that it s bad from a file hash match That require an analysis capability on every Internet connection to avoid missing something Depending on your network architecture this may be a serious problem, unless you have centralized both ingress and egress to a small number of locations But for distributed networks with many ingress points the on-device approach is likely to be quite expensive In the previous post we presented the 2nd Derivative Effect 2DE , whereby customers benefit from the network effect of working with a vendor who analyzes a large quantity of malware across many customers The 2DE affects the cloud analysis choice two ways First, with local analysis, malware determinations need to be sent up to a central distribution point, normalized, de-duped, and then distributed to the rest of the network That added step extends the window of exposure to the malware Second, the actual indicators and tests need to be distributed to all on-premise devices so they can take advantage of the latest tests and data Cloud analysis effectively provides a central repository for all file hashes, indicators, and testing significantly simplifying data management We expect cloud-based malware analysis to prevail over time But your internal analysis may well determine that latency is more important than cost, scalability, and management overhead and we re fine with that Just make sure you understand the trade-offs before making a decision Inline versus out-of-band ------------------------- The next deployment crossroads is deciding where NMBD devices sits in the network flow Is the device deployed inline so it can block traffic Or will it be used more as a monitor, inspecting traffic and sending alerts when malware goes past We see the vast majority of NBMD devices currently deployed out-of-band delaying the delivery of files during analysis whether on-box or in the cloud tends to go over like a lead balloon with employees They want their files or apps now, and they show remarkably little interest in how controlling malware risk may impact their ability to work All things being equal, why wouldn t you go inline, for the ability to get rid of malware before it can infect anything Isn t that the whole point of NBMD It is, but inline deployment is a high wire act Block the wrong file or break a web app and there is hell to pay If the NBMD device you championed goes down and fails closed blocking everything you may as well start working on your resume That s why most folks deploy NBMD out-of-band for quite some time, until they are comfortable it won t break anything important But of course out-of-band deployment has its own downsides, well beyond a limited ability to block attacks before it s too late The real liability with out-of-band deployment is working through the alerts Remember each alert requires someone to do something The alert must be investigated, and the malware identified quickly enough to contain any damage Depending on staffing, you may be cleaning up a mess even when the NBMD device flags a file as malware That has serious ramifications for the NMBD value proposition In the long run we don t see much question NBMD will reside within the perimeter security gateway That s our term for the single box that encompasses NGFW, NGIPS, web filter, and other capabilities We see this consolidation already, and it will not stop So NMBD will inherently be inline Then you get a choice of whether or not to block certain file types or malware attacks Architecture goes away as a factor, and you get a pure choice blocking or alerting Deploying the device inline gives the best of both worlds and the choice The Egress Factor ----------------- This series focuses on the detection part of the malware lifecycle But we need to at least touch on preventative techniques available to ensure bad stuff doesn t leave your network, even if the malware gets in Remember the Securosis Data Breach Triangle If you break the egress leg and stop exfiltration you have stopped the breach It s simple to say, but not to do Everything is now encapsulated on port 80 or 443, and we have new means of exfiltration We have seen tampering with consumer storage protocols Google Drive Dropbox to slip files out of a network, as well as exfiltration 140 characters at a time through Twitter Attackers can be pretty slick So what to do Get back to aggressive egress filtering on your perimeter and block the unknown If you cannot identify an application in the outbound stream, block it This requires NGFW-type application inspection and classification capabilities and a broad application library, but ultimately you should be able to take an egress default deny posture This allows certain applications to send data out of your network, while everything else is blocked As we discussed in Network-based Threat Intelligence, you can block traffic to known bad websites as well You use a list of known malware sites and other places you don t want employees communicating with, and set your egress filter to block traffic to that IP blacklist Of course keep in mind that this approach still has all the standard blacklist limitations, so you need to be selective about what you block versus merely alerting , and keeping the list current can be challenging Combining a whitelist of approved applications with a blacklist of bad locations can increase the effectiveness of egress filtering to stop exfiltration before it s too late With that we put a bow on our NBMD 20 series We will assemble this into a paper over the next few weeks, so if you have any last minute comments please let us know and keep your eyes peeled for the final product - Mike Rothman 0 Comments Subscribe to our daily email digest http://www.secuobs.com/revue/news/451888.shtmlhttp://www.secuobs.com/revue/news/451888.shtml 2013-06-17 14:30:40 - Network World on Security : Hackers have found a devious new way to disseminate malware They're using peer-to-peer networks http://www.secuobs.com/revue/news/451842.shtmlhttp://www.secuobs.com/revue/news/451842.shtml 2013-06-17 13:11:19 - SANS Internet Storm Center InfoCON green : more http://www.secuobs.com/revue/news/451825.shtmlhttp://www.secuobs.com/revue/news/451825.shtml 2013-06-14 18:00:59 - Dark Reading All Stories : New solution combines SIEM data with other critical security data http://www.secuobs.com/revue/news/451489.shtmlhttp://www.secuobs.com/revue/news/451489.shtml 2013-06-14 01:25:33 - Computer Security News : The explosion of smartphone and mobile application usage is having a dramatic impact on network infrastructure requirements, as more users access networks via apps than the mobile web http://www.secuobs.com/revue/news/451351.shtmlhttp://www.secuobs.com/revue/news/451351.shtml 2013-06-13 22:26:39 - Security Bloggers Network : IMAGE http://www.secuobs.com/revue/news/451329.shtmlhttp://www.secuobs.com/revue/news/451329.shtml 2013-06-13 21:13:10 - Global Security Mag Online : Exclusive Networks Group, le SuperVAD paneuropéen, a renforcé sa stratégie de croissance agressive en nommant Neil Ledger au nouveau poste de directeur d'exploitation à compter du 1er juillet Aux côtés d'Ian Morris, M Ledger dirige Exclusive Networks UK depuis l'acquisition de VADition en juin 2011, et est à l'origine d'une augmentation de son chiffre d'affaires, qui a atteint plus de 90 millions d'euros au cours du dernier exercice financier Graham Jones, ancien directeur général d'Integralis - Business http://www.secuobs.com/revue/news/451317.shtmlhttp://www.secuobs.com/revue/news/451317.shtml 2013-06-13 19:50:59 - Security Bloggers Network : IMAGE Network Security Management -- it s all about Operational Efficiency --------------------------------------------------------------------- Junos Space Juniper recently launched the next version of its security management offering, Junos Space Security Director When we talk to our customers about what they expect from such a product, we hear time and time again that what matters most to them is 1 Security management is easy, not burdensome 2 Security management shouldn t hinder business operations As a case in point, one of Juniper s Ambassadors shared his view of the latest Junos Space Security Director software release Scott Ware, a Security Engineer who manages hundreds of SRX firewalls, shares the following I must say, with the 131 release I am extremely pleased and impressed The added features functionality in this release had even further been able to save us so much time when deploying all of our SRX Series Services Gateways, along with day-to-day functions The ability to now import variable definitions is HUGE I cannot tell you how happy I am that now all I have to do is import a spreadsheet instead of spend time manually defining everything What Scott describes was made possible with the support in Junos Space Security Director 131 of read write APIs, enabling automatic configuration of firewall policies By using Junos Space Security Director to efficiently deploy security policies for multiple firewall devices SRX Series Services Gateways , Scott and his co-workers are able to realize cost savings in the forms of time and labor As they grow their network and add more firewall devices, they can rest assured that pertinent security policies will easily be applied to the new devices --------------------------------------------------------------------- Copyright 1996-2013 Juniper Networks, Inc All rights reserved Update preferences IMAGE IMAGE IMAGE IMAGE submit to reddit IMAGE IMAGE http://www.secuobs.com/revue/news/451295.shtmlhttp://www.secuobs.com/revue/news/451295.shtml 2013-06-13 18:59:08 - Security Bloggers Network : When it comes to network security, IT administrators often miss the forest for the trees Far too often, they focus on specific silos rather than how each component connects holistically, as Rainer Enders, NCP s CTO, Americas, mentioned to TMCnet at this year s Interop Las Vegas For example, a VPN will keep your network safe from http://www.secuobs.com/revue/news/451279.shtmlhttp://www.secuobs.com/revue/news/451279.shtml 2013-06-13 17:43:11 - Global Security Mag Online : - Événements http://www.secuobs.com/revue/news/451259.shtmlhttp://www.secuobs.com/revue/news/451259.shtml 2013-06-12 18:35:51 - Ars Technica Risk Assessment : Attackers can exploit behavior to collect passwords and other sensitive data http://www.secuobs.com/revue/news/451003.shtmlhttp://www.secuobs.com/revue/news/451003.shtml 2013-06-12 18:11:27 - Dark Reading All Stories : Tufin research shows network security teams deploy applications based on incomplete or inaccurate connectivity data http://www.secuobs.com/revue/news/451000.shtmlhttp://www.secuobs.com/revue/news/451000.shtml 2013-06-12 01:14:23 - Security Bloggers Network : As we resume our Network-based Malware Detection NBMD 20 series, we need to dig into the malware detection analysis lifecycle to provide some context on where network-based malware analysis fits in and what a NBMD device needs to integrate with to provide protection against advanced threats We ve already done exhaustive research on the malware analysis process The process diagram below was built as part of the Malware Analysis Quant research initiative Malware Analysis Quant -- Process Map v3 Looking at the process, NBMD provides the analyze malware phase of activities, including building the testbed, static analysis, various dynamic analysis tests, and finally packaging everything up as part of a malware profile All of these functions happen either on the device or in some cloud-based sandbox to analyze the malware files That s the reason scalability is so important, as we discussed in the last post You basically need to analyze every file that comes through, since you don t want to wait for an employee s device to be compromised before you start the analysis process There are some other aspects of this lifecycle that bear mentioning Ingress analysis is not enough As much as we believe in the importance of detecting and blocking malware on the perimeter, no NBMD capability will be 100pourcents accurate and catch everything You ll need other controls on the endpoint and to supplement that with aggressive egress filtering Intelligence drives accuracy With the speed malware evolves and the new tactics emerging from adversaries, the analysis techniques using on the analysis devices need to evolve as well This requires a concerted and significant investment in threat research and intelligence sharing to keep pace The Securosis Data Breach TrianglePrior to digging in to these two points, let s point out some other relevant research we ve done on these topics to provide additional context The Securosis Data Breach Triangle shows that you have a number of opportunities to interrupt a data breach You can either protect the data very hard , detect stop the exploit, and or catch data via egress filtering Any one of these successful activities stops a data breach And since putting all of your eggs in one basket is ill-advised, you re best suited to work towards all three Getting into more specifics about detecting stopping the exploit, you can refer to our recent CISO Guide to Advanced Attackers, where our post Breaking the Kill Chain is very applicable to the activity required to stop an attack Remember, even if a device is compromised until critical data is exfiltrated, it s not a breach The best case is to detect the malware before it hurts anything and why NBMD is a very interesting technology to do this , but you ll also need to rely heavily on your incident response process to ensure you can contain the damage of the imminent attack Ingress Accuracy ---------------- As with most detection activities, accuracy is critical A false positive, where you flag a file incorrectly as malware, interrupts work and consumes resources investigating a malware outbreak that never happened Obviously you want to avoid these, putting a premium on accuracy Similarly damaging is the false negative, where you basically miss detecting malware and letting it through So how can you verify the accuracy of the NBMD device There is no accepted detection accuracy benchmark available, so you ll need to do some homework Start by asking tough questions of the vendor providing the device to understand their threat intelligence and threat research capabilities Read their threat research reports and decide if they are on the leading edge of research, or just a fast follower using other company s research innovations Security research provides the content used in the analysis of malware samples on the device or in the cloud So you need to understand the depth and breadth of a potential vendor s research capability Dig deep and understand how many researchers they have focused on malware analysis Learn how they aggregate the millions of samples in the wild and isolate patterns using fancy terms like big data analytics Scrutinize how they take that research and turn it into detection rules and tests on the devices You ll also want to understand how the vendor shares information with the broader security research community No one company can do it all, so while you want leadership and to see serious investment in research, you also need to understand how they collaborate with other groups and what alternative data sources they leverage in their analysis For particularly advanced malware samples, do they have a process to undertake manual analysis of the sample You need to be particularly sensitive to research diversity Many NBMD devices use the same handful of threat intelligence services to populate their devices That doesn t really provide you with the diversity of intelligence to detect fast moving, advanced attacks Make sure you check out some of the lab tests of the devices to ensure comparable accuracy These tests are flawed, since it s not possible to truly model a real world environment using live ammunition, but the tests can be helpful to get an apples to apples comparison between devices The 2nd Derivative Effect ------------------------- As part of a proof of concept, you may also want to route your ingress traffic to 2 or 3 of the devices, deployed as simple monitors to both test comparative accuracy and scalability of the devices on your real traffic That s usually a pretty good indicator of how well the device will perform once deployed Finally, you ll want to leverage The 2nd Derivative Effect 2DE of malware analysis When new malware is found, profiled, and determined to be bad, there is an opportunity to inoculate all of the devices in use This involves uploading the indicators, behaviors, and rules to identify and block the malware on the way in to a central repository and then distributing that intelligence back out to all devices The network effect in action here The more devices in use, the more likely the malware will show up somewhere and be profiled, and the more likely you ll have protection before it hits you Not always, but this is as good a bet as any Unfortunately it sucks to be the first company infected because you ll miss the attack on the way in But everyone else in the network will benefit from your misfortune This ongoing feedback loop requires extensive automation with clear checks and balances to reduce bad updates to accelerate the distribution of these new indicators to devices in the field Plan B when you re wrong -------------------------- As mentioned above, you will be wrong and malware will get through your perimeter That means you will have to rely on the other security controls in use within your environment When they fail, you ll want to make sure you don t get popped by the same attack over and over again This requires some level of integration between the NBMD device and the other controls deployed in your environment including endpoint protection to block indicators discovered through your incident response at the perimeter Remember advanced malware detection requires an integrated and coordinated response within multiple levels of security controls Finally, you need to ensure proper egress filtering to potentially break the third leg of the Data Breach Triangle exfiltration when deploying the device But we don t want to get the cart in front of the malware horse here, and we ll defer this discussion to our next post when we talk about deployment options and choosing rules for both the ingress and egress protection - Mike Rothman 0 Comments Subscribe to our daily email digest http://www.secuobs.com/revue/news/450870.shtmlhttp://www.secuobs.com/revue/news/450870.shtml 2013-06-11 18:31:12 - Security Bloggers Network : This past weekend, Security Week ran a byline I wrote regarding Long Term Evolution LTE Although this brings the promise of relieving traffic jams for mobile operators, it also brings new security risks As traffic generated by smartphones grow, LTE networks fast mobile broadband will assist handling the increased traffic However, mobile operators will have http://www.secuobs.com/revue/news/450770.shtmlhttp://www.secuobs.com/revue/news/450770.shtml 2013-06-11 17:40:10 - Security Bloggers Network : How hard is it for you to prove that you are performing vulnerability scans, network monitoring and log analysis for 100pourcents of your network If your organization hasn t automated this process, or it is relying on periodic manual processes, chances are you are blind in some areas and don t know it IMAGE http://www.secuobs.com/revue/news/450746.shtmlhttp://www.secuobs.com/revue/news/450746.shtml 2013-06-11 14:09:00 - Computer Security News : Security specialist Sourcefire has announced enhancements to its FirePOWER network security platform http://www.secuobs.com/revue/news/450696.shtmlhttp://www.secuobs.com/revue/news/450696.shtml 2013-06-11 11:42:31 - Computer Security News : The new update includes Feature Select With one-click, customers can choose from a variety of security configuration options, including High Speed Firewall, NGFW, ATP, Web Filtering, UTM and others Eric Ahlm, research director at Gartner, commented Security buyers may seek a combination of firewall options, such as NGFW, unified threat more http://www.secuobs.com/revue/news/450658.shtmlhttp://www.secuobs.com/revue/news/450658.shtml 2013-06-11 07:48:32 - Computer Security News : Applied Communication Sciences today announced the release and first deployment of its innovative mobile Field Area Network monitoring probes for utility Smart Grid security monitoring and operations of Advanced Metering Infrastructure and Distribution Automation networks http://www.secuobs.com/revue/news/450642.shtmlhttp://www.secuobs.com/revue/news/450642.shtml 2013-06-10 21:40:16 - Dark Reading All Stories : Palo Alto Networks WF-500 appliance offers sandbox detection and analysis capabilities http://www.secuobs.com/revue/news/450559.shtmlhttp://www.secuobs.com/revue/news/450559.shtml 2013-06-10 19:55:18 - Dark Reading All Stories : Unveils new features within FortiOS 5 operating system http://www.secuobs.com/revue/news/450542.shtmlhttp://www.secuobs.com/revue/news/450542.shtml 2013-06-10 07:59:58 - Integriography A Journal of Broken Locks Ethics and Computer Forensics : I attended a superb class on OSINT the other week One of the topics covered using geolocation data in digital photographs found on social networking sites to gather intelligence on suspects Geolocation is all the rage, and numerous complaints and even lawsuits have been directed towards companies collecting and mis using geolocation data Despite this, the http://www.secuobs.com/revue/news/450385.shtmlhttp://www.secuobs.com/revue/news/450385.shtml 2013-06-09 20:57:08 - Office of Inadequate Security : Katie Nelson reports The Raley s supermarket chain warned customers Thursday that part of the company s http://www.secuobs.com/revue/news/450309.shtmlhttp://www.secuobs.com/revue/news/450309.shtml 2013-06-08 12:23:26 - securitystream.info : With a whole world now devoted to main changes, usually the best breaking get free microsoft points here thing to ones own representation when attempting to find job will be your very own levels using the web Increasing numbers of corporations are utilizing Facebook, Google ,Read more http://www.secuobs.com/revue/news/450188.shtmlhttp://www.secuobs.com/revue/news/450188.shtml 2013-06-08 10:01:26 - SecurityTube.Net : Network Forensics Understand some of the methodologies used in network forensics Provide an in-depth understanding of the key network protocols, including IP, TCP, ARP, ICMP, DNS, Application Layer protocols and so on Define a range of audit sources for network activity IMAGE http://www.secuobs.com/revue/news/450177.shtmlhttp://www.secuobs.com/revue/news/450177.shtml 2013-06-07 10:06:19 - SecurityTube.Net : In this video Philippe Langlois from P1 Security, Inc Presentes Telecom Signaling attacks on 3G and LTE networks Telecom Security Intro SIP, PBX Periphery, customer side Long gone world of blue box sometime hear about Roaming frauds Rarely hear the core network horror stories IMAGE http://www.secuobs.com/revue/news/449983.shtmlhttp://www.secuobs.com/revue/news/449983.shtml 2013-06-07 09:43:08 - adafruit industries blog : This weekend Eyebeam alum Sarah Grant is holding a workshop called Creating Your Own Subnode Networking with the Raspberry Pi Nodejs Creating Your Own Subnode Networking with the Raspberry Pi Nodejs Learn how to create your own offline local area network for anonymous communication with those around you In this workshop, you will http://www.secuobs.com/revue/news/449978.shtmlhttp://www.secuobs.com/revue/news/449978.shtml 2013-06-06 17:15:58 - Security Bloggers Network : IMAGE http://www.secuobs.com/revue/news/449828.shtmlhttp://www.secuobs.com/revue/news/449828.shtml 2013-06-06 14:36:45 - CYBER ARMS Computer Security : Have you ever wished for some supernatural powers to secure your organization Perhaps longing for some extraterrestrial abilities to defend your sensitive data, or hoped to get help from outer space to get you through that compliance project Meet John Powers, the CISO so good at securing his network that co-worker Clint knows that there http://www.secuobs.com/revue/news/449801.shtmlhttp://www.secuobs.com/revue/news/449801.shtml 2013-06-06 14:33:09 - Computer Security News : Turkish hacker network RedHack gave tips to protesters to avoid being charged with sharing provocative messages on social media, as 29 people were detained for their tweets relating to the Taksim Gezi Park protests on June 5 If these tips failed to work, Users The first thing you need to do is choose a news reader, if you already don't have more http://www.secuobs.com/revue/news/449800.shtmlhttp://www.secuobs.com/revue/news/449800.shtml 2013-06-06 13:39:44 - Network World on Security : Microsoft and the US Federal Bureau of Investigation have taken aim at a botnet network based on malware called Citadel that is held responsible for stealing people's online banking information and personal identities http://www.secuobs.com/revue/news/449787.shtmlhttp://www.secuobs.com/revue/news/449787.shtml 2013-06-06 11:06:26 - Global Security Mag Online : L'avenir des technologies de l'information sera façonné autour du BYOD, c'est-à-dire l'utilisation de produits électroniques personnels pour un usage professionnel, du Cloud et de la virtualisation, avec pour corollaire une transformation du rôle des DSI Selon une nouvelle étude publiée par Aruba Networks, les DSI vont en effet cesser d'être des techniciens pour devenir des communicants au cœur de l'entreprise Les informaticiens professionnels estiment ainsi à une majorité écrasante de 89 pourcents que la - Investigations http://www.secuobs.com/revue/news/449747.shtmlhttp://www.secuobs.com/revue/news/449747.shtml 2013-06-06 06:45:22 - Security Bloggers Network : In the mid-nineties, I used to have a technology column that ran in the Intranet of the bank where I started my career The first article introduced the concept of the DMZ and suggested using the 3rd network interface of the Servers hosting our half-a-dozen brand new TIS Gauntlet Firewalls The idea was not particularly Read More IMAGE IMAGE http://www.secuobs.com/revue/news/449713.shtmlhttp://www.secuobs.com/revue/news/449713.shtml 2013-06-05 18:41:26 - Security Bloggers Network : network securityIn our first blog on improving network security with what you already have, we examined some tips around logging for certain types of alerts as well as tips to detect bad guys in the network But we saved the best for last the IPS and firewall Read more The post Practical Tips to Improve Network Security with What You Already Have Part 2 of 2 appeared first on Security Management at the Speed of Business - AlgoSec Blog http://www.secuobs.com/revue/news/449562.shtmlhttp://www.secuobs.com/revue/news/449562.shtml 2013-06-05 15:51:41 - Global Security Mag Online : Palo Alto Networks , spécialiste de la sécurité des réseaux, a annoncé la disponibilité de l'appliance Palo Alto Networks WF-500, la toute première plate-forme conçue pour délivrer une solution cloud privée de détection, d'analyse et de prévention rapide et complète des menaces persistantes avancées APT Advance Persistent Threats Spécialement conçue pour répondre aux besoins des clients dont les obligations réglementaires empêchent l'accès aux infrastructures cloud publiques, l'appliance Palo Alto - Produits http://www.secuobs.com/revue/news/449512.shtmlhttp://www.secuobs.com/revue/news/449512.shtml 2013-06-05 10:32:11 - Slashdot Your Rights Online : Bismillah writes Following the example of the Dutch, who enacted laws supporting network neutrality, the European Union is now looking at doing the same They are pushing for an end to the throttling and blocking of services such as Skype and Whatsapp by providers hoping to drive users to their own competing services The EU also wants a service transparency requirement for ISPs, so people know what they're buying like minimum speed It'll be interesting to see how this pans out IMAGE IMAGE Share on Google Read more of this story at Slashdot IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/449444.shtmlhttp://www.secuobs.com/revue/news/449444.shtml 2013-06-05 02:12:59 - Network Security Podcast : By the grace of the Flying Spaghetti Monster, Rich and Zach pull of something resembling a podcast without their fearless , soon-to-be-expat leader Martin Somewhere between the rants and the lolz lie some actual stories and content Network Security Podcast, Episode 315, June 04, 2013 Time 41 30 Show notes Why we need to stop cutting http://www.secuobs.com/revue/news/449379.shtmlhttp://www.secuobs.com/revue/news/449379.shtml 2013-06-04 14:18:13 - Network World on Security : Plugging network security leaks is an essential responsibility for companies, private organizations and technology professionals Achieving that goal requires discovery tools that scour every asset, including those not currently under management, and also map connectivity between institutions involved with an organization's sensitive information around IT compliance, corporate security, product development, critical infrastructure protection and other relevant issues http://www.secuobs.com/revue/news/449239.shtmlhttp://www.secuobs.com/revue/news/449239.shtml 2013-06-04 11:19:39 - Help Net Security News : A new McAfee Labs report shows a significant spike in instances of the Koobface social networking worm and a dramatic increase in spam McAfee Labs also saw continued increases in the number and compl http://www.secuobs.com/revue/news/449210.shtmlhttp://www.secuobs.com/revue/news/449210.shtml 2013-06-04 05:24:17 - Computer Security News : McAfee Labs on Monday reported a surge early this year in malicious software aimed at stealing passwords at social networks such as Facebook and Twitter http://www.secuobs.com/revue/news/449145.shtmlhttp://www.secuobs.com/revue/news/449145.shtml 2013-06-04 03:50:27 - Security Bloggers Network : I chat with Jeff Bellamy, F5 Director Business Development, about the new F5 network virtualization and cloud solutions announced at Microsoft s North America TechEd We discuss the F5 Microsoft Partnership along with the benefits customers realize in combining F5 application delivery services with the flexibility of Microsoft Windows Server 2012 and System Center 2012 offerings F5 http://www.secuobs.com/revue/news/449135.shtmlhttp://www.secuobs.com/revue/news/449135.shtml 2013-06-03 19:55:14 - Security Bloggers Network : Last week it looks like Electronic Privacy Information Center EPIC , through a Freedom of Information Request FOIA , forced the Department of Homeland Security DHS to release a list of keywords used to monitor social networks The keywords are divided into groups for Domestic Security, HAZMAT Nuclear, Health Concern H1N1, Infrastructure Security, Southwest Border Violence, Terrorism, Weather Disaster Emergency, and last but not least Cyber Security The Cyber Security list included some interesting ones, including Cyber Security itself along with Phreaking what is this the 70s , Social media really nothing to do with infosec there , and Cyber Command And of course the list includes a new acronym called DDOS note the capital O that spells out to dedicated denial of service I ve heard that dedicated attacks are even worse than the distributed ones Cyber security 2600 Hacker Botnet Spammer China DDOS dedicated Phishing Conficker denial of service Rootkit Worm Denial of service Phreaking Scammers Malware Cain and abel Social media Virus Brute forcing Trojan Mysql injection Keylogger Cyber attack Cyber Command Cyber terror Personally, I do not see keyword monitoring lists working too well The signal-to-noise ratio would just be too low It s just another form of blacklisting and http://www.secuobs.com/revue/news/449082.shtmlhttp://www.secuobs.com/revue/news/449082.shtml 2013-06-03 19:55:14 - Security Bloggers Network : While network performance challenges are often addressed by adding additional bandwidth, there are ways to yield more good-put good net payload throughput out of the same network infrastructure In this blog post, I ll discuss five improvements related to how a good application delivery solution can help 1 It s in the protocol The 30-year-old TCP Transmission http://www.secuobs.com/revue/news/449081.shtmlhttp://www.secuobs.com/revue/news/449081.shtml 2013-06-03 15:30:21 - Security Bloggers Network : IMAGE http://www.secuobs.com/revue/news/449037.shtmlhttp://www.secuobs.com/revue/news/449037.shtml 2013-05-31 23:58:08 - Security Bloggers Network : As we return to the Network-based Malware Detection NBMD 20 series, we ve already covered how the attack space has changed over the past 18 months, and how you can detect malware on the network Now let s turn our attention to yet another challenge for this quickly evolving technology and that s scalability Much of this scale problem has to do with the increasing sophistication of both the attackers and the tools they are using Even unsophisticated attackers can use pretty sophisticated malware purchased on the Internet There is clearly a market for packaged malware, and there are folks capitalizing on that market Market-based economies are a double edges sword, eh And that doesn t even factor in advanced attackers, who routinely discover and weaponize 0-day attacks to gain a foothold in their victim s network This adds up to a scalability being one of the top requirements of a network-based malware detection device To get a little more specific, why is it hard to scale up this capability Let s examine a few of the issues 1 Operating systems Unless you have a homogenous operating system environment, you need to test each malware sample against numerous vulnerable operating systems So it s becomes a one to many testing requirement, meaning for every malware sample, you ll need to spin up 3-4 if not more virtual machines running different operating systems to adequately test the file 2 VM-awareness Even better, the attackers now check whether the file is executing within a virtual machine If so, the malware either goes dormant or waits for a couple of hours assuming the sandbox test will time out and the file will be determined to be safe Thus to fully test malware, the sandbox needs to let the malware cook for a little while to catch VM-aware samples So not only are you spinning up multiple VMs, you need to let them run for a while Yes, this is very resource intensive 3 Network impact Analyzing malware isn t just about determining the file is malicious You also need to understand how the malware uses the network to connect to command and control infrastructure, as well as do internal reconnaissance for lateral movement That requires watching the network stack on every VM and parsing the network traffic patterns 4 Analyze everything You can t restrict your heavy analysis to only files that look bad, based on simple file characteristics With the advanced obfuscation techniques in use today, you need to analyze ALL unknown files Given the number of files entering a typical enterprise network daily, and you can see how the analysis requirements can scale up pretty quickly So as you can see, the computing requirements to fully test inbound files are significant and grow exponentially To be clear, there is nothing saying you need to do analysis on all of the files You could certainly make a risk-based decision to not detect VM-aware malware, and just make an instant determination You could decide not to analyze documents or spreadsheets with active macros You could not worry about the network characteristics of the malware All of these are legitimate options to allow a network-based malware detection device to scale without adding a lot more iron But with each compromise, you weaken your ability to detect the malware Everything gets back to managing risk for your organization, so we didn t want to just ignore the fact that you don t have to test for everything We just don t think skipping tests is a very good idea Scaling the Malware Analysis Mountain ------------------------------------- Historically, the answer to most scaling problems has been to add more computing power, which usually means more boxes and or bigger boxes The vendors selling boxes love that answer, by the way Enterprise customers, not so much When dealing with malware detection, scale by adding boxes introduces two significant issues One is cost We aren t just referring to the cost of the product, but don t forget that each box requires a threat update subscriptions and annual maintenance The second is the increasing operational cost of managing more devices Setting policies on multiple boxes can be challenging and ensuring the device is operational, configured properly and patched creates more overhead You also need to keep each device within the farm up to date New malware indicators appear pretty much daily and those need to be loaded to each device to ensure defenses and the inspection algorithms that run on the devices remain current It seems that we ve seen this movie before There was a time when organizations ran anti-spam devices within their own networks, using enterprise-class meaning expensive equipment When the volume of spam mushroomed, the enterprise would need to add more devices to keep up with the compute requirements to analyze all the inbound mail and keep the email flowing Again, this was great for the vendors, but made customers pretty cranky Can you see the similarities to the issues around network-based malware detection We won t keep you in suspense, rather tell you the anti-spam story ends in the cloud Organizations realized they could make scaling someone else s problem by using a managed email security service So they did, in mass This put the onus on the provider to keep pace with the flood of spam and to keep the devices operational and updated appropriately We expect a similar end to the NBMD game We understand many organizations have already committed to deploy on-premise devices If you are one of them, then you need to figure out how to scale the existing infrastructure This involves both relying on a central management from your vendor and a clear operational process to update the devices daily At this point, the customer premise NBMD devices are mature enough to have decent central management capabilities, allowing you to configure policies and deploy updates to the devices running throughout the enterprise Keeping the devices up to date will require a strong operational process Some vendors offer the ability to have each device phone home and automatically download updates Or you could use the central management console to update all of the devices Either way you ll want to have some manual oversight on policy updates, as many organizations remain uncomfortable with having policies and other device configurations managed and changed by a vendor or service provider With good reason for these concerns as although it doesn t happen often, when an endpoint protection provider bungles a signature update, it can brick devices Obviously a network device isn t going to brick devices, but can block the flow of critical external traffic Both of which impacts your organization s ability to do business As we mentioned above, we believe many organizations will increasingly consider cloud-based analysis engines, used in tandem with a customer premise device to act as an enforcement point, providing the collection and blocking capabilities This means scaling up the infrastructure isn t the organization s concern anymore, nor is keeping the devices up to date, as these issues are handled by the provider in the background That being said, organization cannot outsource accountability, so you ll need to ensure both the accuracy of detection which we ll discuss in the next post and reasonable turnaround to get a determination on an unknown malware samples So make sure you bake this kind of oversight into your processes Another benefit of the cloud-based approach is the ability to share intelligence, which basically means any malicious file found in any protected customer network can then be used by every other company in the network This provides tremendous leverage especially to smaller organizations, given that any security provider is going to see a lot more malware files than the typical enterprise organization Benefiting from other s misfortune makes good business sense, at least when talking about threat intelligence Cloud Concerns -------------- As great as this cloud stuff sounds, there are some legitimate concerns with using cloud-based malware analysis Let s start with latency Since the laws of physics have not been overturned, it takes time to send a malware file to the cloud, have it analyzed, and then have a determination sent back to the device This adds a window of potential exploit that must be managed Basically you need to make an organizational decision about whether to hold the file until a determination is made, or whether to let it go and to clean up the mess if the file turns out to be malicious In reality, our research indicates that users can be understanding if they are notified a potentially malicious file is undergoing analysis before being sent to the user They don t want their devices to be compromised assuming you ve trained them as to why it s bad and then have to be reimaged causing them downtime, so we expect they ll largely accept a delay in delivery, as long it s a reasonable delay But to just add the latency without any kind of notification will result in a bunch of calls to the help desk as to why the network is so slow That makes for unhappy help desk folks and even unhappier users Remember the key to success in most things involves effectively managing expectations This is an opportunity to do so Another issue is information sharing Some environments like military or other high security situations remain reluctant to share information and have malware sent outside of its corporate boundaries These environments will never be comfortable with the cloud, so they basically must default to a customer-premise based option We expect vendors espousing a cloud-based approach to eventually get religion about the need to address this use case and roll out a customer-prem option of their cloud technology These malware-analysis private clouds provide a central analysis device and interact with enforcement points throughout the network This provides the leverage of not having to deploy NBMD devices at all ingress points, as well as facilitating internal sharing of intelligence You d also expect the vendor to provide a one-way update of new indicators to the customer-premise device In fact, we d expect customer-premise based vendors to adopt a hybrid approach moving some capabilities to the cloud as well, since there is no way a smaller company can afford to deploy big expensive hardware in their environment, and malware attacks do not discriminate by size of company But unbounded scalability doesn t really help if the device can t identify the malware So in the next post, we ll talk about accuracy, as both false positives and false negatives create exposure for customers and given the increasingly sophisticated attacks require an evolution in detection - Mike Rothman 0 Comments Subscribe to our daily email digest http://www.secuobs.com/revue/news/448847.shtmlhttp://www.secuobs.com/revue/news/448847.shtml 2013-05-31 07:05:03 - SecurityTube.Net : In this video you will learn how to bypass MAC Filtering on a wireless network We are using MAC filtering for making our connection more secure so that particular selected user will join to our network but the funny fact is using Aircrack-ng we can also see the MAC addresses of the connected users and what next - we just need to change the Mac address using some MAC Changer utility and there we go we can access the network if we have correct password IMAGE http://www.secuobs.com/revue/news/448700.shtmlhttp://www.secuobs.com/revue/news/448700.shtml 2013-05-31 06:07:27 - Computer Security News : TAIPEI, Taiwan, May 30, 2013 PRNewswire via COMTEX -- Wedge Networks joins forces to offer radical Security Operations Cloud A strategic partnership between Accton Technology and leading Canadian network security specialist Wedge Networks was signed today and will be formally announced in a press reception on Wednesday, June 5th, at 2 00pm in the more http://www.secuobs.com/revue/news/448691.shtmlhttp://www.secuobs.com/revue/news/448691.shtml 2013-05-31 00:39:52 - 4sysops : A picture of Michael PietroforteMVP Michael Pietroforte - 0 comments Michael Pietroforte is a Microsoft Most Valuable Professional MVP with more than 28 years of experience in system administration Michael Pietroforte - 0 comments Michael Pietroforte is a Microsoft Most Valuable Professional MVP with more than 28 years of experience in system administration New in the 4sysops forums How to change the network profile for an Unidentified network New features in the 4sysops forums Tapatalk support iOS, Android , WYSIWG editor, image uploads Windows 81 Copyright 2006-2013, 4sysops, Digital fingerprint 3db371642e7c3f4fe3ee9d5cf7666eb0 http://www.secuobs.com/revue/news/448673.shtmlhttp://www.secuobs.com/revue/news/448673.shtml 2013-05-30 12:50:34 - Global Security Mag Online : Arbor Networks Inc annonce la nomination de Tony King au poste de vice-président des ventes internationales Tony King était jusqu'ici vice-président et directeur général d'Arbor Networks EMEA Son nouveau rôle portera sur l'élaboration et la mise en œuvre de la stratégie commerciale de la société ainsi que les relations avec les canaux de distribution et les partenaires au niveau mondial Avant de rejoindre Arbor Networks il y a près de dix ans, Tony King était directeur commercial d'Avici, pour la - Business http://www.secuobs.com/revue/news/448521.shtmlhttp://www.secuobs.com/revue/news/448521.shtml 2013-05-29 17:33:33 - Global Security Mag Online : Akamai Technologies, Inc, annonce le lancement d'Aura Lumen et d'Aura Spectra Elles intègrent les solutions OCDN diffusion de contenu sous licence aux opérateurs de réseaux de la suite Aura Network Solutions Tenant en compte les besoins spécifiques des opérateurs en matière de déploiement de solutions CDN, la suite Aura Network Solutions comprend deux lignes de produits OCDN distinctes Aura Lumen licence CDN et Aura Spectra CDN en mode SaaS Elles maximisent la flexibilité des opérateurs - Produits http://www.secuobs.com/revue/news/448342.shtmlhttp://www.secuobs.com/revue/news/448342.shtml 2013-05-29 17:02:53 - Security Bloggers Network : 20090908-VideoOverEnterprise-data-flowWe live in the information age and threats against organizations information infrastructure continue to increase This is no surprise since the value of information stored by companies is great and information security professionals are in an uphill battle to protect this sensitive data, which is often housed behind vulnerable applications There are several challenges that infosec professionals must address Read more The post Do You Really Understand The Applications Flowing Through Your Network appeared first on Security Management at the Speed of Business - AlgoSec Blog http://www.secuobs.com/revue/news/448334.shtmlhttp://www.secuobs.com/revue/news/448334.shtml 2013-05-29 16:57:35 - Fortinet Blog News and Threat Research All Posts : There s no shortage of reports on the latest network security breaches Each incident holds its own valuable security lesson but it s beneficial to recognize the incremental successes paving the way to progress That s exactly what Reuven Harrison of Fortinet s solution partner Tufin did in a blog published last week Tufin is a security lifecycle management solution provider working with large organizations to enhance their security, ensure business continuity and i http://www.secuobs.com/revue/news/448329.shtmlhttp://www.secuobs.com/revue/news/448329.shtml 2013-05-29 06:13:44 - SecurityTube.Net : In this video you will learn how to use Cacti tool for monitoring on the network and also he will show how to configure the Cacti tool on an Ubuntu machine Using this tool you can monitor on your system server if some malicious connection running so you can easily catch that connection and block it permanently Cacti Cacti is a complete network graphing solution designed to harness the power of RRDTool's data storage and graphing functionality Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices IMAGE http://www.secuobs.com/revue/news/448228.shtmlhttp://www.secuobs.com/revue/news/448228.shtml 2013-05-28 23:47:58 - Network Security Blog : Rich is still battling bugs of the sickness variety, so Martin and Zach get together for what will be Martin s last show for a while As mentioned previously, he s moving across the pond Wocean to Sunny London soon, after his annual pilgrimage to Vegas and Bangkok Network Security Podcast, Episode 314, May 28, 2013 Time 35 24 http://www.secuobs.com/revue/news/448181.shtmlhttp://www.secuobs.com/revue/news/448181.shtml 2013-05-28 22:33:12 - Dark Reading All Stories : Two analysts, one topic http://www.secuobs.com/revue/news/448170.shtmlhttp://www.secuobs.com/revue/news/448170.shtml 2013-05-28 16:51:21 - Dark Reading All Stories : This is the first installment of a two-part series where Mike Rothman and Wendy Nather will tackle how to use the network for detection, monitoring and forensics of advanced malware http://www.secuobs.com/revue/news/448087.shtmlhttp://www.secuobs.com/revue/news/448087.shtml 2013-05-28 16:04:06 - Information Security Today Essential Information for Managing the Security of a Modern Evolving En : Bill Buchanan, author of Introduction to Security and Network Forensics, has created a series of videos to accompany the textbook There is a video for each chapter, as well as many of the labs Still, you really should read the book http://www.secuobs.com/revue/news/448077.shtmlhttp://www.secuobs.com/revue/news/448077.shtml 2013-05-28 16:01:07 - Dark Reading All Stories : In this two-part series, Mike Rothman and Wendy Nather will tackle how to use the network for detection, monitoring and forensics of advanced malware http://www.secuobs.com/revue/news/448071.shtmlhttp://www.secuobs.com/revue/news/448071.shtml 2013-05-28 06:36:03 - SecurityTube.Net : In this video Bill Cuchanan talk about Network Forensics - Threat Analysis Threat Analysis Understand the basis steps that an intruder might undertake in an intrusion Provide a background in the usage of vulnerability scanning Outline key current threats, and their operation Provide Practical skills in vulnerability analysis IMAGE http://www.secuobs.com/revue/news/447968.shtmlhttp://www.secuobs.com/revue/news/447968.shtml 2013-05-27 12:37:09 - Global Security Mag Online : Arbor Networks Inc annonce une nouvelle implémentation de son programme Advantage Partner, incluant de nouveaux paliers de certification qui permettent aux partenaires de développer les ventes efficacement et de dégager davantage de profits à mesure qu'ils développent leur activité avec ses produits Avec quatre paliers Authorized, Advantage, Premier, Elite le programme Advantage Partner 2013 est adapté aux divers modèles économiques des partenaires Il permet de mieux les différencier mieux sur - Business http://www.secuobs.com/revue/news/447876.shtmlhttp://www.secuobs.com/revue/news/447876.shtml 2013-05-26 16:13:23 - Computer Security News : Integrating the latest security solutions to E-Government platforms to facilitate business and citizen needs while ensuring the protection of their confidential data will be important for government entities should they want to improve network security and data protection, says Dong Wu, Vice President, Huawei Enterprise, Middle East http://www.secuobs.com/revue/news/447794.shtmlhttp://www.secuobs.com/revue/news/447794.shtml 2013-05-25 01:26:35 - Channel 9 : In this episode our special guest host, Haishi Bai, is joined by Yu-Shun Wang Program Manager of Windows Azure Networking who discusses the latest developments of Windows Azure Virtual Networks Yu-Shun shows us the improved Site-to-Site connection and the new Point-to-Site connections News and Links Windows Azure's expansion in Australia Visual Studio Live event page Haishi's Blog - Get a discount code for Visual Studio Live Like Cloud Cover on Facebook Follow CloudCoverShow Follow cloudnick Follow ntotten Follow HaishiBai2010 IMAGE http://www.secuobs.com/revue/news/447664.shtmlhttp://www.secuobs.com/revue/news/447664.shtml 2013-05-24 18:41:34 - Global Security Mag Online : Petroleum Geo-Services PGS , compagnie parapétrolière norvégienne de géophysique pour l'exploration et la gestion des réservoirs a confié à BSO Network Solutions le déploiement d'un réseau à faibles latences, sur mesure et sécurisé entre ses centres de données avec une surveillance 24 7 Présente dans plus de 25 pays, Petroleum Geo-Services propose une large gamme de produits et de services couvrants l'exploration sismique et électromagnétique, l'acquisition de données, le traitement, l'analyse et - Business http://www.secuobs.com/revue/news/447580.shtmlhttp://www.secuobs.com/revue/news/447580.shtml 2013-05-24 17:09:51 - Dinis Cruz Blog : The super sharp OWASP Leader Johanna Curiel, while trying to get her head around the O2 Platform, asked me earlier today in your research, have you try static code analysis using any form of artificial intelligence such as Bayesian or neural networks let know, while I was studying, I was researching this stuff I just would like to hear from you if you had any experience with this The short answer is NO, I have not really looked at Bayesien or Neural Networks for SAST Static Analysis The longer answer is We Dont need it yet , since there are many bigger limitations of the current SAST technology and tools, which we need to solve first before we look into that type of advanced analysis and techniques That said, I do believe that Bayesien or Neural Networks have a bigger role to play in Static Analysis of code SAST and in modelling how an application behaves specially from the point of view of security But we are completely not ready for it, and we also don't have access to the computation power required I have written many blog posts on what I think needs to happen on the SAST world and what are the current limitations Here is a selection What are the challenges with SAST that don't need a better engine In SAST the issue is 'Trace Connection', not 'Scan Size' Why doesn't SAST have better Framework support for example Spring MVC We need Security-focused SAST Static-Analysis rules The Need for Standards to evaluate Static Analysis tools What does SAST mean And where does it come from CI is the Key for Application Security SDL integration Integrating Security into the User's Gui - In this case Rational AppScan Source in AppScan Standard Microsoft's CatNET related Video Real time Vulnerability Scanning using CatNet and Roslyn SAST Running CatNET SAST Scanner outside VisualStudio What am I doing with CatNET ASPNET Support in SAST and IBM F4F Please show Ian Spiro your support for his IBM AppScan research, ideas and energy Would I recommend Checkmarx as a SAST engine IMAGE http://www.secuobs.com/revue/news/447560.shtmlhttp://www.secuobs.com/revue/news/447560.shtml 2013-05-24 16:20:11 - Help Net Security News : Ipanema Technologies and Easynet Global Services unveiled the results of Killer Apps 2013, a major study into the performance of networked applications Networking budgets are back on the rise http://www.secuobs.com/revue/news/447553.shtmlhttp://www.secuobs.com/revue/news/447553.shtml 2013-05-24 16:01:39 - Global Security Mag Online : Barracuda Networks Inc, a annoncé l'acquisition de SignNow, un fournisseur de plateformes de stockage et de signature électronique de documents SignNow a récemment dépassé la barre du million d'utilisateurs, multipliant ainsi par quatre le nombre de ses utilisateurs actifs au cours de ces douze derniers mois, et comprenant plus de 100000 petites entreprises et plus de la moitié du classement Fortune 500 SignNow a également dépassé les trois millions de documents numériquement certifiés et signés, - Business http://www.secuobs.com/revue/news/447549.shtmlhttp://www.secuobs.com/revue/news/447549.shtml 2013-05-24 15:13:42 - Network World on Security : Manuel Araoz, a 23-year-old developer in Argentina, has an idea for Bitcoin that doesn't focus on money http://www.secuobs.com/revue/news/447540.shtmlhttp://www.secuobs.com/revue/news/447540.shtml 2013-05-24 13:37:18 - Computer Security News : Reddit is not just filled with pictures of cats and silly memes Seriously There's a lot of good content on the popular social news aggregator for network professionals whether you're focused on security, Windows, VoIP, IPv6 or a mixed bag http://www.secuobs.com/revue/news/447525.shtmlhttp://www.secuobs.com/revue/news/447525.shtml 2013-05-24 10:27:16 - Security Bloggers Network : This directive could be the touchstone because the vast majority of Internet users appear to agree that something must be done to improve on-line security Unfortunately this is not the something that should be done In the meantime make sure you respond to the BIS call for evidence so that, with luck, we can get the Directive re-written before the start of the inter-regnum http://www.secuobs.com/revue/news/447495.shtmlhttp://www.secuobs.com/revue/news/447495.shtml 2013-05-23 20:10:42 - Security Bloggers Network : Network managers almost always respond more bandwidth when asked how they will handle a variety of new challenges, including increasingly sophisticated and chatty business applications, mobile device proliferation and new east-west traffic paradigms accompanying virtualization This is reflected in the previous Networking Study s top reported project last year, which was a core network refresh That http://www.secuobs.com/revue/news/447374.shtmlhttp://www.secuobs.com/revue/news/447374.shtml 2013-05-23 18:48:44 - Dark Reading All Stories : Round was led by Sequoia Capital http://www.secuobs.com/revue/news/447356.shtmlhttp://www.secuobs.com/revue/news/447356.shtml 2013-05-23 15:23:05 - Global Security Mag Online : Juniper Networks dévoile Junos Network Analytics, une gamme de solutions de nouvelle génération pour l'analyse des Big Data et de l'intelligence réseau qui inclut désormais les produits BizReflex et NetReflex Ces deux produits ont été développés en partenariat avec Guavus, l'un des principaux fournisseurs de solutions Big Data basées sur une architecture innovante de type analyze first qui permet de mieux comprendre le comportement du réseau à partir des précieux enseignements tirés des schémas de - Produits http://www.secuobs.com/revue/news/447312.shtmlhttp://www.secuobs.com/revue/news/447312.shtml 2013-05-23 15:19:31 - Dark Reading All Stories : SignNow by Barracuda allows users to sign and send documents from anywhere or any device http://www.secuobs.com/revue/news/447311.shtmlhttp://www.secuobs.com/revue/news/447311.shtml 2013-05-23 12:57:12 - P1 Security : Sometime, reverse engineering for bug hunting reveals some fun stuff So of course, when you re dealing with Core Network elements such as Huawei MSC, MSC Proxy and SoftSwitch MSoftX 3000, you don t expect to find these Chinese ASCII arts of an octopus being killed by an angel We ca http://www.secuobs.com/revue/news/447277.shtmlhttp://www.secuobs.com/revue/news/447277.shtml 2013-05-23 08:12:02 - Security Bloggers Network : Security BSides Las Vegas which this year will be held at the Tuscany Suites Casino on July 31st August 1st is just around the corner, so we decided to run a short series highlighting some of the fantastic presentations that are slated for the event First up is a session by Read More IMAGE IMAGE http://www.secuobs.com/revue/news/447226.shtmlhttp://www.secuobs.com/revue/news/447226.shtml 2013-05-23 05:40:52 - Security Bloggers Network : Blue Coat acquires Solara Networks resulting in a massive huh Is there some bigger plan at work here Continue reading http://www.secuobs.com/revue/news/447176.shtmlhttp://www.secuobs.com/revue/news/447176.shtml 2013-05-22 23:56:32 - Security Bloggers Network : In the first post updating our research on Network-based Malware Detection, we talked about how the attackers have evolved their tactics, even over the last 18 months to defeat emerging controls like sandboxing and command and control C C network analysis As the attackers get more sophisticated, the defenses necessarily must as well So we re focusing this series on tracking the evolution of malware detection capabilities and addressing issues with early NBMD offerings like scaling, accuracy and deployment But before we delve into that we need to revisit how the technology works in the first place For a more detailed discussion, you can always refer back to the original Network-based Malware Detection paper which provided a deeper explanation of the technology Looking for Bad Behavior ------------------------ Over the past few years, malware detection moved from file signature matching to isolating behavioral characteristics of malware Given the ineffectiveness of black list detection, it s become all the more important to be able to identify malware behaviors So basically you can no longer judge the malware by what it looks like and you need to actually analyze what the file does to determine if it s malicious We discussed this behavioral analysis approach in Evolving Endpoint Malware Detection, and focused on how new approaches have made the technology far more effective by adding a contextual determination aspect to looking for attacks You can read the other paper to get full descriptions of these kinds of tells that usually mean a device is compromised, but a simple list includes memory corruption injection buffer overflows, system file configuration registry changes, droppers, downloaders and other unexpected programs installing code, turning off existing anti-malware protections, and identity and privilege manipulation Of course, this isn t a comprehensive list, rather a set of guidelines for the kinds of information you can search for on your devices to indicate possible compromise A couple of other things you may look for include parent child process inconsistencies, exploits disguised as patches, keyloggers, and screen grabbing Just to be clear, we aren t saying that all of these behaviors are necessarily bad But they may not be entirely good either That s why you want to investigate where possible, before the outbreak has a chance to spread The innovation of the first generation of NBMD devices was to run this kind of analysis on a perimeter-resident device Basically these devices implemented a virtual farm of vulnerable devices running in a 19-inch rack This provided a mechanism for exploding malware within the sandbox of the device and to look for the behaviors described above to determine a file was malware Depending on the deployment model inline or out of band , the device either fires an alert or can actually block the file from getting to the targeted device It turns out the term sandbox is increasingly unpopular amongst security marketers for some unknown reason, but that s what it is You basically execute the malware within a protected environment to see what it does and make a risk determination Later in the series, we ll discuss different options for ensuring the sandbox capability scales to the needs of your network Tracking the C C Malware Factory -------------------------------- The other aspect of network-based malware detection is identifying egress network traffic that shows patterns typical of the communication between the compromised device and a controlling entity Advanced attacks start by compromising and gaining control of a device Then the device establishes contact with the command and control C C infrastructure to receive a download with specific attacks and instructions on what to attack and when In the Network-based Threat Intelligence paper, we dig pretty deep into the kinds of indicators you can look for that represent malicious activity on the network Things like Destination You can track the destination of the network requests from all of the devices in your environment, enabling you to look for traffic heading to known bad places This involves leveraging an IP reputation capability, which is basically a list of known bad IP addresses Of course, IP reputation can be gamed, so combining it with DNS analysis to identify likely Domain Generation Algorithm DGA use to find operational C C nodes helps to eliminate the false positives Strange times If you have a significant burst of traffic or volume of traffic that is out of character for that specific device, for instance the marketing group doing SQL queries on the engineering databases, that s something that could indicate malicious behavior and should be investigated File types, contents, and protocols You can also learn a lot by monitoring all egress traffic, looking for things like large file transfers, non-standard protocols encapsulated in HTTP or HTTPS , and weird encryption of the files These edge cases don t necessarily mean a device is compromised, but it s not a good sign and warrant further investigation User profiling Beyond the traffic analysis described above, it s useful to profile the users and identify which applications they use and when This kind of application-awareness can identify anomalous activity on the devices and at least give you a place to start investigating Layers FTW ---------- We re focusing on network-based malware detection in this series, but it s not like we can forget the endpoint In reality, the NBMD gateway will miss stuff Hopefully not a lot of stuff, but the idea that you can keep your computing devices endpoints and servers clean remains naive So you ll still need some protections on your endpoints, but you want the controls to work together at a minimum to ensure you have full protection regardless of whether the device is on the corporate network or not This is where threat intelligence plays a role in making both the network and the endpoint malware detection capabilities smarter You want a bi-direction line of communication, so malware indicators found via the network device or within the cloud sandbox are accessible by the endpoint agent Additionally, you want malware identified on the devices to be sent to the network for further analysis, profiling, determination and ultimately the distribution of the indicators to other protected devices This wisdom of crowds is a key aspect of fighting advanced malware You may be one of the few, the lucky, and the targeted No it s not a new soap opera, it just means you ll see the interesting malware attacks first You ll catch some and you ll miss others and by the time you clean up the mess, you likely know a lot about what the malware does, how it does it, and how to detect it Exercising good corporate karma, you have the opportunity help other companies by sharing what you ve found, even if it s shared anonymously If you aren t necessarily a high profile target this information sharing model works even better, allowing you to benefit from the misfortune of the targeted What you re trying to do is increase the chances that you ll catch the malware before it wreaks havoc Or contain it soon thereafter, which requires a coordinated effort on the network and on the devices, all leveraging a threat intelligence capability to make the industry smarter Now that you understand how these devices detect malware on the network, it s time to push our research forward and that means addressing the scalability issues of the first generation of NBMD devices We ll do that in next week s post - Mike Rothman 0 Comments Subscribe to our daily email digest http://www.secuobs.com/revue/news/447137.shtmlhttp://www.secuobs.com/revue/news/447137.shtml 2013-05-22 19:52:31 - Network World on Security : Blue Coat Systems, a provider of Web traffic filtering and business assurance products and services, plans to buy security analytics specialist Solera Networks, which uses data mining techniques to classify network traffic and detect potential security threats http://www.secuobs.com/revue/news/447079.shtmlhttp://www.secuobs.com/revue/news/447079.shtml 2013-05-22 17:59:12 - Dark Reading All Stories : Solution combines network security with real-time, continuous endpoint and server monitoring and recording http://www.secuobs.com/revue/news/447046.shtmlhttp://www.secuobs.com/revue/news/447046.shtml 2013-05-22 17:05:34 - Dark Reading All Stories : Solera DeepSee platform will add security analytics and forensic capabilities to the Blue Coat product portfolio http://www.secuobs.com/revue/news/447022.shtmlhttp://www.secuobs.com/revue/news/447022.shtml 2013-05-22 15:01:18 - Security Bloggers Network : IMAGE http://www.secuobs.com/revue/news/446994.shtmlhttp://www.secuobs.com/revue/news/446994.shtml 2013-05-22 11:28:00 - Global Security Mag Online : CTERA Networks annonce sa désignation par le Groupe Gartner en tant que Cool Vendor fournisseur innovant du secteur des technologies de stockage pour l'année 2013 Le rapport Cool Vendors in Storage Technologies 2013 présente cinq fournisseurs proposant des fonctionnalités de stockage innovantes et ou maîtrisant les coûts associés au stockage et à sa gestion opérationnelle, pour aider les entreprises à mener à bien leurs initiatives de modernisation de l'environnement informatique et de - Magic Quadrant http://www.secuobs.com/revue/news/446953.shtmlhttp://www.secuobs.com/revue/news/446953.shtml 2013-05-22 10:56:35 - Help Net Security News : Blue Coat Systems has entered into an agreement to acquire Solera Networks, a provider of big data security intelligence and analytics for threat protection The Solera DeepSee platform will add http://www.secuobs.com/revue/news/446946.shtmlhttp://www.secuobs.com/revue/news/446946.shtml 2013-05-22 10:38:15 - Global Security Mag Online : Sourcefire Inc introduit des fonctionnalités en matière de suivi de trajectoire des malwares à son portefeuille de solutions Advanced Malware Protection Ces nouvelles fonctionnalités offrent aux entreprises une visibilité précise sur l'attaque de malware et leur permettent de détecter, limiter et contrôler la propagation des malwares Grâce à ces enrichissements, les solutions Advanced Malware Protection de Sourcefire sont les seules offres du marché à fournir une capacité continue de blocage des - Produits http://www.secuobs.com/revue/news/446945.shtmlhttp://www.secuobs.com/revue/news/446945.shtml 2013-05-22 02:09:05 - Network Security Podcast : and now Rich is dealing with an entire family of sick Zach must be empathizing, as he s also a bit under the weather, but joins Martin for a romp through this week s stories Network Security Podcast, Episode 313, May 21, 2013 Time 41 13 Show notes Is It Wrong to Use Data From the World s First http://www.secuobs.com/revue/news/446901.shtmlhttp://www.secuobs.com/revue/news/446901.shtml 2013-05-21 23:42:52 - Security Bloggers Network : There are a few ways to audit your domain for Internet-facing remote access services If you re looking to audit your network perimeter with free tools, then something like Nmap would be the way to go Do your research before firing away at your perimeter with a port scanner, though you don t want to inadvertently create a denial of service by pummeling the network with port scans obviously make sure you have permission from your superiors as well Also, when using Nmap, make sure you fingerprint the open ports you find on the network to determine what s running behind them Using the Nmap sV command on a port will often times show you the application listening on the port This comes in handy when someone is running software on a non-standard port to exit your firewall Another tool that s recommended when looking to audit remote access services is Nessus There are multiple plug-ins available that can scan your port and determine if you are running particular remote access services However, unlike Nmap, Nessus will let you know if a particular vulnerability will allow remote access into your organization unintentionally This tool looks for vulnerabilities, whereas Nmap gives you hard facts as to what s listening in your environment There are many other tools that could be used, but these two are common and come at no charge Another way to prevent rogue services from listening on your network is by locking down what s allowed to leave your organization Many people still don t perform egress filtering on their firewalls this is a common way to prevent botnets, misconfigurations and malicious insiders from allowing remote connections into your network Also, filtering traffic leaving the network with an IPS or next-gen firewall NGFW will enable you to inspect the allowed firewall traffic for malicious use Many times, attackers take advantage of normally open ports, such as port 80, port 443, etc, to transmit data out of your network without you noticing Read the rest of the article here http searchsecuritytechtargetcom answer Network-perimeter-security-How-to-audit-remote-access-services IMAGE http://www.secuobs.com/revue/news/446886.shtmlhttp://www.secuobs.com/revue/news/446886.shtml 2013-05-21 22:30:49 - Computer Security News : NEWS ANALYSIS The Chinese Army added to its cyber-warfare arsenal and is attacking US networks that haven't been strengthened since the last attacks http://www.secuobs.com/revue/news/446869.shtmlhttp://www.secuobs.com/revue/news/446869.shtml 2013-05-21 16:45:09 - Global Security Mag Online : Aruba Networks, Inc annonce une nouvelle solution de pointe au standard 80211ac Il s'agit de la première solution disponible sur le marché à combiner une liaison sans fil Gigabit à des renseignements sur la densité des terminaux et les applications que requièrent les actuels réseaux Wi-Fi Dans les grandes entreprises, les départements informatiques doivent faire face à un nombre impressionnant d'appareils qui se connectent à leur réseau, ainsi qu'à la densité croissante des terminaux, deux - Produits http://www.secuobs.com/revue/news/446786.shtmlhttp://www.secuobs.com/revue/news/446786.shtml 2013-05-21 16:14:22 - Security Bloggers Network : network securityI think we as security experts need to stop focusing on who or what will attack us and start acting like we re already owned If we just started thinking in terms of I m already compromised the security and monitoring of your network and systems would improve drastically The initial fear of security experts was of being hacked or compromised, but in reality this is happening everyday while you re on the clock If you ve ever had malware infect a workstation you ve been breached This is just a small example, but it s true There are two types of security professionals Read more The post Practical Tips to Improve Network Security with What You Already Have Part 1 of 2 appeared first on Security Management at the Speed of Business - AlgoSec Blog http://www.secuobs.com/revue/news/446782.shtmlhttp://www.secuobs.com/revue/news/446782.shtml 2013-05-21 12:02:08 - SecurityTube.Net : In this video Brett talking about IPv6 tunnel and broker fro multiple networks So in this video you will learn how to hack Ipv6 with the gogoc client Here you can setup a Freenet6 account or change your existing account This is different from your gogoNET account and is used in the gogoCLIENT to access the advanced Freenet6 services like static address or Home Access Your Freenet6 account will also be your domain name, for example mebrokerfreenet6net http wwwgogo6com freenet6 account IMAGE http://www.secuobs.com/revue/news/446728.shtmlhttp://www.secuobs.com/revue/news/446728.shtml 2013-05-20 23:28:12 - Security Bloggers Network : Today, Norman and Shadowserver released a paper that revealed a large attack infrastructure in which they detailed an ongoing campaign, running as far back as September 2010 This campaign, reportedly run out of India by the Appin Security Group , used spear-phishing attacks and multiple strains of malware to breach targets of interest and extract data http://www.secuobs.com/revue/news/446653.shtmlhttp://www.secuobs.com/revue/news/446653.shtml 2013-05-20 18:31:37 - PacketLife.net Blog : A couple months ago, I announced a proposal to start a Stack Exchange site dedicated to answering questions concerning network engineering, similar to how Stack Overflow and Server Fault cater to the concerns of programmers and systems administrators, respectively I'm happy to announce that the proposal has made it through the definition and commitment phases and last week was opened as a public beta site at networkengineeringstackexchangecom The beta process is critical for shaping the content and style of the site, so the more people use it the better we can refine and nurture its content Why a Stack Exchange site The platform has proven immensely useful for directed troubleshooting and answering targeted questions As opposed to discussion forum threads, which often digress into tangents and off-topic conversation over the course of days or weeks, the streamlined question-and-answer format of the site leverages community feedback and voting to promote what is accepted at the best answer which the asker can optionally confirm This medium is much better suited to questions which can be directly answered eg How can I and not What's the best please keep this in mind if you decide to participate in the beta Check out the beta http://www.secuobs.com/revue/news/446583.shtmlhttp://www.secuobs.com/revue/news/446583.shtml 2013-05-20 13:33:55 - Help Net Security News : The Defense Information Systems Agency DISA of the US Department of Defense has approved the use of government-issued iOS 6 devices when connecting to its military networks, adding them to the pre http://www.secuobs.com/revue/news/446524.shtmlhttp://www.secuobs.com/revue/news/446524.shtml 2013-05-18 11:49:28 - Vigilance vulnérabilités publiques : Un attaquant local peut employer un fichier non protégé par nsrpush de EMC NetWorker, afin d'élever ses privilèges http://www.secuobs.com/revue/news/446313.shtmlhttp://www.secuobs.com/revue/news/446313.shtml 2013-05-17 16:32:12 - Global Security Mag Online : La propriété intellectuelle détenue actuellement dans les datacenters, notamment les informations relatives à la recherche et au développement, aux stratégies commerciales et aux procédés industriels, est extrêmement précieuse On comprend aisément que la menace du vol de telles données donne la migraine aux responsables de la sécurité informatique Et ce, à juste titre car selon une étude menée récemment par le Ponemon Institute dans le monde et en France, la plupart des entreprises ont signalé en moyenne - Points de Vue http://www.secuobs.com/revue/news/446152.shtmlhttp://www.secuobs.com/revue/news/446152.shtml 2013-05-17 16:26:45 - adafruit industries blog : Creating your own Subnode Networking with the Raspberry Pi Nodejs Created during the Fall 2012 Residency season at Eyebeam, Subnodes http subnodes is an open source initiative designed to streamline the process of setting up a Raspberry Pi as a wireless access point for distributing content and taking part in shared digital experiences The device http://www.secuobs.com/revue/news/446150.shtmlhttp://www.secuobs.com/revue/news/446150.shtml 2013-05-17 11:38:15 - Global Security Mag Online : Palo Alto Networks, le spécialiste de la sécurité des réseaux annonce aujourd'hui avoir atteint le niveau d'évaluation EAL4 du standard international d'évaluation pour la sécurité des systèmes d'information, Common Criteria CC Soit le plus haut niveau de certification, mondialement reconnue, pour la catégorie pare-feu Cette distinction marque l'achèvement d'une évaluation rigoureuse réalisée par des experts tiers indépendants Les Firewalls Nouvelle Generation NGFW Palo Alto Networks sont des - Produits http://www.secuobs.com/revue/news/446082.shtmlhttp://www.secuobs.com/revue/news/446082.shtml 2013-05-17 11:38:15 - Global Security Mag Online : Le distributeur à valeur ajoutée Exclusive Networks annonce, aujourd'hui, le lancement de ses Forums des Nouvelles Technologies 2013 organisés du 4 au 20 juin dans les villes suivantes Paris, Lyon, Toulouse et Aix Lors d'ateliers animés par chacun des fournisseurs, les partenaires auront la possibilité d'échanger avec 14 constructeurs distribués par Exclusive Networks dans les domaines de la sécurité, des réseaux et du stockage Aerohive Networks, CA Technologies, FireEye, Fortinet, HID Identity - Événements http://www.secuobs.com/revue/news/446081.shtmlhttp://www.secuobs.com/revue/news/446081.shtml 2013-05-17 01:19:22 - Security Bloggers Network : It was simpler back then You know, back in the olden days of 2003 Viruses were predictable, your AV vendor could virus signatures to catch malware, and severe outbreaks like Melissa and SQL Slammer were based on brittle operating systems and poor patching practices Those days are over long gone under an onslaught of innovative attacks leveraging professional software development tactics and taking advantage of the path of least resistance, which tends to be your employees We ve written rather extensively about this battle with advanced attacker, given it s arguably the top issue facing security organization s today From the original Network-based Malware Detection paper, through Evolving Endpoint Malware Detection, and through the most recent Early Warning arc Building an Early Warning System, Network-based Threat Intelligence, Email-based Threat Intelligence Finally, we took the message to an executive view with the CISO s Guide to Advanced Attackers Although in a technology-driven world change is constant The attacks change and the defenses change, and as much as we try to write timeless research sometimes our stuff needs a refresh Detecting advanced malware on the network is one of those markets that has changed very rapidly over the past 18 months since we wrote the first paper Compounding the changes in attack tactics and control effectiveness, the competition for network-based malware protection solutions has dramatically intensified, and now every network security vendor has introduced a network-based malware detection capability or will soon This makes for a pretty confusion situation for a security practitioner, who is really only trying to keep malware out of their network and is less interested in vendor sniping and bad mouthing each other Accelerating change and increasing confusion usually indicates it s time to wade back into the space and document the changes to ensure you understand the key aspects of detecting malware on your network Thus we re launching a new blog series called Network-based Malware Detection 20 Assessing Scale, Security, Accuracy, and Blocking, to update our original paper As with all of our blog series, we ll develop the content independently and objectively guided by our Totally Transparent Research methodology We do have bills to pay, and we re pleased that Palo Alto Networks will once again consider licensing the paper upon completion Let s not get the cart before the horse here, and go back to the beginning to consider why advanced malware requires new approaches for both detection and remediation Gaining Presence With New Targets --------------------------------- Cloppert s kill chain is alive and well, and that means the first order of business for the attackers is to gain a foothold in your environment by weaponizing and delivering exploits to compromise devices Following the path of least resistance, it s far more efficient for attackers to target your employees and get them to click on a link they shouldn t That s not new, but what is new is the target of their exploitation In terms of looking at targets for exploitation, they want to go after the most widely deployed software to provide the greatest number of potential victims and increase their chance of success That led them to take advantage of unpatched vulnerabilities within the operating systems With the latest versions of Windows, it s gotten a lot harder to exploit the devices, which is a good thing So the attackers went after the next most widely distributed software browsers The initial success of compromising the browsers forced all of the browser providers to respond aggressively to better lock down the software That doesn t mean you don t still see edge cases of problems with older browsers requiring out of cycle patches, but for the most part the browser isn t the path of least resistance anymore The action reaction cycle continues with the attackers moving their attention to other widely used software like Adobe Reader and Java And once Oracle and Adobe make progress, there will be another target There always is The only thing that you can count on is that attackers will find new ways to compromise devices The Role of the Perimeter ------------------------- Once the attackers have presence in your network via the initially compromised device, then they systematically move laterally to their target until they achieve their mission Your defensive strategy involves trying to detect and block the malicious software, optimally before it wreaks havoc on the endpoint Why Because once the malware ends up on the device, you can t rely on your endpoint defenses to stop it We talk to many larger organizations that basically treat every endpoint as a hostile device If it s not already compromised, it will be soon enough As such, they take preemptive measures, like extensive network segmentation, to make it harder for attackers to gain access to the data they are targeting But what they d like to do is stop the malware from reaching the endpoint device in the first place There is clear precedence for this approach Years ago, anti-spam technology resided on the email server Over time, the technology to block unsolicited email moved out to the perimeter and eventually into the cloud to move the flood of bad email as far away from your email system as possible We expect a similar movement of the advanced malware protection technology, from the endpoint to the perimeter But that begs the question of how do you detect the malware on the perimeter With a network-based malware detection device NBMD , of course As we described in the original paper, these devices have emerged to analyze files passing by on the wire and identify files exhibiting questionable behavior by executing the files in a sandbox In the next post, we ll revisit that research to delve into how these devices work and why they make a good compliment to other controls implemented to detect malware elsewhere in your environment Insecurity By Obscurity ----------------------- As mentioned above, in the olden days you could just match a file signature with a known bad file and determine the file is a virus and block it This endpoint-centric blacklist approach worked well, until it didn t Now it s largely ineffective and the endpoint protection vendors have moved to a combination of heuristics, cloud-based fuel repositories, IP and file reputation, and a variety of other intelligence based mechanisms to isolate the attacks But the attackers are pretty smart and they ve learned to defeat blacklists and reputation and most other anti-malware defenses in use today They send polymorphic files into the wild that change the files randomly, so your blacklist is dead They hijack system files that usually are excepted from analysis by your anti-malware agents They obscure communications with the command and control networks that manage the compromised device to hide from IP reputation defenses running on network gear Basically, they make it very difficult to detect the attack, defeating your security with their obscurity Now that s a turn of events, no It has resulted in an industry-wide arms race that will get more fierce as the attackers continue to increase the sophistication of their techniques Just as an example, attackers now add logic to their malware kits to check whether the program is executing in a virtual machine, and to do nothing or delay execution for hours or days in that event Given that virtualization is the main technique used by sandbox technology, this sandbox-aware malware can hide from some NBMD devices Furthermore, given some of the new innovative malware techniques, security and accuracy on a NBMD device is more important than ever With the first generation of NBMD technology, catching an incremental 40-50pourcents of malware on the perimeter was a win Nowadays that s not good enough, and the expectation is for much better detection to justify running yet another device and invest more money in perimeter defenses We re also seeing no end in sight for the exponential increases in traffic volumes and number of malware samples This adds a significant scaling requirement on any perimeter NBMD equipment to keep pace Especially since the expectation is increasingly to deploy the NBMD inline to enable reliable blocking of the malicious files Given the acute funding and resource shortages to actually investigate and remediate attacks, it s all the more critical to block as much malware on the edge as possible But going inline changes the latency, security, and reliability requirements of the devices rather significantly It s a bad day when an incremental security device knocks down a network or blocks legitimate traffic, as some of you have probably learned the hard way In this Network-based Malware Detection 20 series, we ll specifically address these changes and cover the latest and greatest tactics and deployment models to eliminate as much malware on the perimeter of your network as you can So strap in, we ll resume the series next week by revisiting how these devices detect advanced malware on the network - Mike Rothman 0 Comments Subscribe to our daily email digest http://www.secuobs.com/revue/news/446016.shtmlhttp://www.secuobs.com/revue/news/446016.shtml 2013-05-16 15:40:47 - Global Security Mag Online : Le graphique ci-dessous, fourni par Arbor Networks, montre une chute du trafic internet syrien On observe sur le graphique que le 15 mai 2013 à 07 35 08 35- 01 00 ET Eastern Time le trafic Syrien est passé brutalement d'environ 800 MBps à 0 et qu'à 15 20 16 20-01 00 ET, il est repassé de 0 à environ 380 MBPS puis à 16 10 17 10-01 00 ET à un peu moins de 600 MBps http ddosarbornetworkscom 2013 Ceci est conforme aux rapports indiquant que les services Internet ont été - Investigations http://www.secuobs.com/revue/news/445845.shtmlhttp://www.secuobs.com/revue/news/445845.shtml 2013-05-16 06:49:50 - Security Bloggers Network : Today s post is all about Control 11 of the CSIS 20 Critical Security Controls Limitation and Control of Network Ports, Protocols, and Services the last post pertained to Control 10 Here I ll explore the 19 requirements I ve parsed out of the control I used the PDF version, but the online version is here and offer my thoughts Read More IMAGE IMAGE http://www.secuobs.com/revue/news/445757.shtmlhttp://www.secuobs.com/revue/news/445757.shtml 2013-05-15 20:22:11 - Network World on Security : Misbehaving adware buried inside mobile apps has turned into such a problem that security vendor Lookout Mobile Security has published a deadline for networks to change their behaviour or face being blacklisted http://www.secuobs.com/revue/news/445688.shtmlhttp://www.secuobs.com/revue/news/445688.shtml 2013-05-15 17:37:06 - Security Bloggers Network : IMAGE http://www.secuobs.com/revue/news/445584.shtmlhttp://www.secuobs.com/revue/news/445584.shtml 2013-05-15 15:46:29 - Security Bloggers Network : In order to overcome physical limitations of wired connections, a lot of us prefer wireless connections It reminds me of when I had my Sony PlayStation 1, and then my neighbor s kid would Go on to the site to read the full article IMAGE http://www.secuobs.com/revue/news/445558.shtmlhttp://www.secuobs.com/revue/news/445558.shtml 2013-05-15 14:51:31 - Office of Inadequate Security : Paul Freehling of Seyfarth Shaw LLP writes An Illinois federal court recently found in the favor of the defendant on a http://www.secuobs.com/revue/news/445539.shtmlhttp://www.secuobs.com/revue/news/445539.shtml 2013-05-15 12:51:27 - Global Security Mag Online : A10 Networks annonce qu'une nouvelle version de son système d'exploitation ACOS est disponible sur la série A10 ThunderTM Unified Application Service Gateways et sur la série AX Application Delivery Controllers ACOS comprend désormais des modules de sécurité, incluant un pare-feu applicatif web WAF pour la sécurité Cloud, la gestion des accès aux applications AAM pour l'authentification et une protection renforcée de la couche applicative contre les attaques par dénis de service distribués DDoS - Produits http://www.secuobs.com/revue/news/445508.shtmlhttp://www.secuobs.com/revue/news/445508.shtml 2013-05-15 12:02:31 - Global Security Mag Online : A10 Networks lance sa nouvelle gamme A10 ThunderTM Construits sur l'architecture évolutive et flexible du système d'exploitation ACOS d'A10, les nouveaux modèles de la série Thunder renforcent les solutions d'optimisation et de disponiblilité des applications ADC et d'équilibrage de charge des serveurs par des fonctionnalités de Carrier Grade NAT CGNAT , migration vers IPv6, firewall applicatif DNS, firewall applicatif web WAF , SSL Intercept, protection contre les dénis de service distribués - Produits http://www.secuobs.com/revue/news/445493.shtmlhttp://www.secuobs.com/revue/news/445493.shtml 2013-05-15 02:22:15 - Network Security Blog : Rich is dealing with some sick babies, so Martin and Zach inadvertently make the show about corporate and government not just the US this time surveillance Network Security Podcast, Episode 312, May14, 2013 Time 38 26 Show notes How the Syrian Electronic Army Hacked The Onion US Weighs Wide Overhaul of Wiretap Laws FBI s Latest Proposal http://www.secuobs.com/revue/news/445444.shtmlhttp://www.secuobs.com/revue/news/445444.shtml 2013-05-15 01:23:17 - Computer Security News : Amidst increasing concern about cybersecurity , researchers at North Carolina State University have taken one step closer to guarding America's infrastructure from Cylon attack http://www.secuobs.com/revue/news/445437.shtmlhttp://www.secuobs.com/revue/news/445437.shtml 2013-05-14 20:15:00 - Security Bloggers Network : USPTO examiner determined that Aerohive did not raise a substantial new question of patentability http://www.secuobs.com/revue/news/445373.shtmlhttp://www.secuobs.com/revue/news/445373.shtml 2013-05-14 19:45:55 - Dark Reading All Stories : USPTO examiner determined that Aerohive did not raise a substantial new question of patentability http://www.secuobs.com/revue/news/445360.shtmlhttp://www.secuobs.com/revue/news/445360.shtml 2013-05-14 10:30:55 - Global Security Mag Online : Jaguar Network, spécialiste de l'hébergement à valeur ajoutée, assure la mise en production du site de vente en ligne de la marque Du Pareil au même en moins de 48 heures Un vendredi soir de décembre 2012 Jaguar Network reçoit un appel de la société OCLIO du Groupe Online Commerce Partners détenteur des marques Du Pareil au même et Tout Compte Fait La nouvelle version du site marchand Du Pareil au même qui génère plus de 10 millions d'euros de chiffre d'affaires à l'année ne répond plus suite à - Marchés http://www.secuobs.com/revue/news/445226.shtmlhttp://www.secuobs.com/revue/news/445226.shtml 2013-05-13 19:33:31 - Network World on Security : Mobile security vendor Lookout plans to start flagging as adware mobile apps that use aggressive ad networks if they don't obtain explicit consent from users before engaging in behavior that potentially invades privacy http://www.secuobs.com/revue/news/445118.shtmlhttp://www.secuobs.com/revue/news/445118.shtml 2013-05-13 15:32:14 - Slashdot Your Rights Online : Sockatume writes The Sunday Times has revealed that analytics firm Ipsos MORI and 4G network EE attempted to sell detailed information on 27m subscribers' activities to various parties including the UK's police forces The data encompasses the gender, postcode and age of subscribers, the sites they visit and times they are visited, and the places and times of calls and text messages Ipsos MORI were reportedly 'bragging that the data can be used to track people and their location in real time to within 100 meters' in negotiations Ipsos MORI has rushed to contradict this in an effort to save face, stating that the users are anonymized and data is aggregated into groups of 50 or more, while location is only precise to 700m Despite their prior enthusiasm, the police have indicated that they will no longer go ahead with the deal It is not clear whether the other sales will go ahead IMAGE IMAGE Share on Google Read more of this story at Slashdot IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/445061.shtmlhttp://www.secuobs.com/revue/news/445061.shtml 2013-05-13 13:46:13 - SecurityTube.Net : It's useful to control a host on a remote network, but you don't necessarily have to pwn a box that is already there You can also leave behind a host you can remote into, or since egress filtering rules are often less restrictive than ingress, have it shovel a shell back to you This sort of host is often called a Kamikaze box, Svartkast, BlackThrow or Dropbox You can even make it part of cipherspace I2P or Tor to make it less apparent who is controlling the box This talk with describe how to construct such a box using inexpensive hardware Adrian Crenshaw has worked in the IT industry for the last 16 years He runs the information security website Irongeekcom, which specializes in videos and articles that illustrate how to use various pen-testing and security tools He did the cert chase for awhile MCSE NT 4, CNE, A , Network i-Net but stopped once he had to start paying for the tests himself He's currently working on a Masters in Security Informatics, and is one of the co-founders of Derbycon IMAGE http://www.secuobs.com/revue/news/445029.shtmlhttp://www.secuobs.com/revue/news/445029.shtml 2013-05-11 15:52:33 - Computer Security News : HOUSTON, TX, May 10, 2013 -- Network Box USA , the American division of leading global Managed Security Services Provider Network Box Corp, announced today that its Unified Threat Management NBRS50 Solution has won the prestigious Gold Award in the Category of Unified Integrated Security in the 8th Annual 2013 Hot Companies and Best Products more http://www.secuobs.com/revue/news/444816.shtmlhttp://www.secuobs.com/revue/news/444816.shtml 2013-05-11 14:26:32 - S Anand : Some slides from my talks on visualising networks These are part of a series of talks I m giving at a number of forums the one at The Fifth Elephant is open to public http://www.secuobs.com/revue/news/444807.shtmlhttp://www.secuobs.com/revue/news/444807.shtml 2013-05-10 19:32:50 - Security Bloggers Network : IMAGE http://www.secuobs.com/revue/news/444685.shtmlhttp://www.secuobs.com/revue/news/444685.shtml 2013-05-10 13:18:39 - Help Net Security News : The Research and Education Networking Information Sharing and Analysis Center REN-ISAC has issued an alert to IT security staff, and network and DNS administrators urging them to improve their netwo http://www.secuobs.com/revue/news/444596.shtmlhttp://www.secuobs.com/revue/news/444596.shtml 2013-05-10 11:33:22 - Help Net Security Articles : The past ten years have seen a proliferation of increasingly complex network devices Coupled with the recent rise in adoption of BYOD policies, mobile working practices, virtualisation and cloud serv http://www.secuobs.com/revue/news/444584.shtmlhttp://www.secuobs.com/revue/news/444584.shtml 2013-05-10 11:33:11 - Help Net Security News : The past ten years have seen a proliferation of increasingly complex network devices Coupled with the recent rise in adoption of BYOD policies, mobile working practices, virtualisation and cloud serv http://www.secuobs.com/revue/news/444583.shtmlhttp://www.secuobs.com/revue/news/444583.shtml 2013-05-10 10:27:40 - Computer Security News : In this undated photo provided by the United States Attorney's Office for the Southern District of New York, Elvis Rafael Rodriguez, left, and Emir Yasser Yeje, pose with bundles of cash allegedly stolen using bogus magnetic swipe cards at cash machines throughout New York http://www.secuobs.com/revue/news/444577.shtmlhttp://www.secuobs.com/revue/news/444577.shtml 2013-05-10 00:44:35 - P1 Security : With the explosion in the mobile communications sector, the deregulation of public switched telecommunication networks PSTN as well as the introduction of many new services the dependence on the signalling system 7 SS7 network has rapidly increased over the last two decades Typically, monitorin http://www.secuobs.com/revue/news/444534.shtmlhttp://www.secuobs.com/revue/news/444534.shtml 2013-05-10 00:11:23 - Security Bloggers Network : Earlier this week, F5 and Big Switch Networks announced a joint solution that brings together F5 BIG-IP Local Traffic Manager LTM , F5 iApps functionality, and the Big Virtual Switch network virtualization application Peter Silva meets with Aaron Edwards, Big Switch Technical Marketing Engineer to learn more about this solution that enables organizations to deploy complex http://www.secuobs.com/revue/news/444525.shtmlhttp://www.secuobs.com/revue/news/444525.shtml 2013-05-09 00:02:44 - Security Bloggers Network : An FBI guidance manual says the law enforcement agency is able to access US residents' email, Facebook and Twitter messages, and private documents, without breaching the Fourth Amendment http://www.secuobs.com/revue/news/444316.shtmlhttp://www.secuobs.com/revue/news/444316.shtml 2013-05-08 23:08:46 - Channel 9 : Microsoft tech troubleshooter extraordinaire Gov Maharaj and I help walk you through troubleshooting solutions to your tech support problems If you have a problem you want to send us, you can use the Problem Step Recorder in Windows 7 see this for details on how and send us the zip file to DefragShow microsoftcom We will also be checking comments for problems, but the email address will let us contact you if needed 00 20 - Explorer won't run, clicking icon or Windows E shortcut 03 38 - Network icon in SysTray showing Limited Access 08 35 - Getting bug check with Win8, possibly from HyperV 10 25 - How to rename user profile and retain settings 12 10 - How to browse drives that are offline 14 04 - What does the Full Range speaker setting do in Windows 16 36 - And now a message from our spammers 17 47 - Pick of the Week What are some of the touch laptops we like link link link link IMAGE http://www.secuobs.com/revue/news/444306.shtmlhttp://www.secuobs.com/revue/news/444306.shtml 2013-05-08 21:48:42 - Dark Reading All Stories : Unveils Ixia RackSim, IxNetwork AppLibrary http://www.secuobs.com/revue/news/444289.shtmlhttp://www.secuobs.com/revue/news/444289.shtml 2013-05-08 19:15:54 - Network World on Security : Online social networkers invite data marauders to compromise their accounts by choosing a convenient but risky option offered by many websites, according to a survey released on Tuesday http://www.secuobs.com/revue/news/444247.shtmlhttp://www.secuobs.com/revue/news/444247.shtml 2013-05-08 18:19:16 - Dark Reading All Stories : Adds Hyper-V support to XTMv unified threat management UTM platform http://www.secuobs.com/revue/news/444224.shtmlhttp://www.secuobs.com/revue/news/444224.shtml 2013-05-08 17:00:09 - ZDNet Zero Day Blog RSS : An FBI guidance manual says the law enforcement agency is able to access US residents' email, Facebook and Twitter messages, and private documents, without breaching the Fourth Amendment IMAGE http://www.secuobs.com/revue/news/444213.shtmlhttp://www.secuobs.com/revue/news/444213.shtml 2013-05-08 14:57:23 - Network World on Security : You don't have to look further than the uprisings across the Arab world to recognize the power of social tools, and this transformative power applies to business as well But for an enterprise social network ESN to be genuinely useful, it needs to go beyond the Facebook for enterprise model http://www.secuobs.com/revue/news/444192.shtmlhttp://www.secuobs.com/revue/news/444192.shtml 2013-05-07 20:15:55 - Dark Reading All Stories : Barracuda eon llows for bare metal performance of virtualized networking applications that require consolidation and multigigabit performance http://www.secuobs.com/revue/news/444034.shtmlhttp://www.secuobs.com/revue/news/444034.shtml 2013-05-07 18:30:06 - Dark Reading All Stories : Guide examines real-world employee and employer scenarios http://www.secuobs.com/revue/news/443995.shtmlhttp://www.secuobs.com/revue/news/443995.shtml 2013-05-06 18:28:43 - Security Bloggers Network : IMAGE Juniper Networks MX Routers Awarded UC APL Certification by the US Department of Defense --------------------------------------------------------------------- Recently the US Department of Defense added Juniper Networks MX240-960, MX5-80, and the MX80-48T to the Unified Capabilities Approved Product List UC APL as MPLS capable, Assured Services Local Area Network ASLAN devices So why is this notable And, so why does the Department of Defense need MPLS anyhow --------------------------------------------------------------------- Copyright 1996-2013 Juniper Networks, Inc All rights reserved Update preferences IMAGE IMAGE IMAGE IMAGE submit to reddit IMAGE IMAGE http://www.secuobs.com/revue/news/443788.shtmlhttp://www.secuobs.com/revue/news/443788.shtml 2013-05-06 16:46:06 - SecurityTube.Net : Synopsis My fiancé and I like to watch some of the same TV shows but sometimes we need to go into other rooms and we hate to miss anything Up to now, we ve had a couple options 1 Pause the show, 2 Rewind or 3 Miss part possibly have gaps in the storyline Now that we have our own 1080p HD Video Network, we can keep watching any content from any room in the house And, if we have differing tastes at times, we can go into separate rooms, keeping our video zones personal The basic system is comprised of an HDMI matrix, HDMI extenders, legacy HDMI converters, IR repeaters, as well as your standard AV gear like TVs, monitors, receivers speakers Modifications can be made for low-latency audio needs such as DJing or recording studio monitoring If you like your tech pervasive, this is one session you must see Bio An artist visionary trapped in a capital world, Woz loves discovering the world around him He went to CWRU for Computer Science a decade ago and has worked in big corp as well as startups since then Most recently, he s been helping software development teams become organizationally healthy and learn to become high performers using this Agile thing When he s not working Woz likes to hack on some Ruby, produce Drum Bass, take yoga classes, sweat in the sauna and ride his bike in the Metroparks IMAGE http://www.secuobs.com/revue/news/443765.shtmlhttp://www.secuobs.com/revue/news/443765.shtml 2013-05-06 14:16:07 - Computer Security News : Computer security company, McAfee is announcing that it has iniated an agreement to acquire network security solutions provider, Stonesoft Oyj http://www.secuobs.com/revue/news/443742.shtmlhttp://www.secuobs.com/revue/news/443742.shtml 2013-05-06 12:35:17 - Global Security Mag Online : Barracuda Networks, fournisseur de solutions de stockage et de sécurité, fait aujourd'hui équipe avec ses revendeurs partenaires français afin que l'utilisation d'internet et des médias sociaux par les enfants à l'école soit plus fiable, plus sécurisée et plus accessible Pour ce faire, Barracuda Networks proposera des réductions attractives à ses partenaires de tout niveau Barracuda Networks proposera également pour le secteur de l'éducation d'importantes réductions jusqu'à 30pourcents , sur plusieurs de ses - Business http://www.secuobs.com/revue/news/443720.shtmlhttp://www.secuobs.com/revue/news/443720.shtml 2013-05-04 02:49:29 - Security Bloggers Network : IMAGE Simplifying Network Security Management --------------------------------------------------------------------- So you are responsible for IT Security at an organization that just purchased multiple Juniper firewalls SRX Series Services Gateways , and had them installed powered up and on the network at each of your branch office locations Now what You will need to have a security administrator configure and deploy security policies to each of the devices, all while making sure you can maintain a sound security posture and maintain regulatory compliance even amidst changes in your network eg, new applications introduced on the network, users attempting to access a brand new Web site, software updates, etc What could help minimize the burden is a strong network security management solution, one that you can depend on to quickly administer security policies, instantly view the security posture across the distributed enterprise, and easily update policies with Junos Space Security Director, formerly known as Security Design, is an application running on the open Junos Space Network Management Platform Junos Space Security Director is essentially a security management building block that provides extensive security scale, policy control, and reach across the network Security administrators can use it to speed and simplify security administration and reduce management costs and errors with efficient security policy and workflow tools Additional benefits of Junos Space Security Director are that you can Scale security policy across multiple Juniper Networks SRX Series Services Gateways, or manage multiple LSYS instances on a single SRX Series device Centrally configure and manage application security eg, AppSecure , firewall, VPN, IPS, and NAT security policy through one scalable management interface Define and enforce policies for controlling usage of specific applications such as Facebook, instant messaging, and embedded social networking widgets through included AppFW management Reuse security policies within Junos Space Security Director for improved security enforcement accuracy, consistency, and compliance Build the infrastructure for further management innovation across the network through the open and secure Junos Space Network Management Platform integration While the product has been renamed, it will continue to have all of the benefits it has had to date and we will continue to innovate further based on customer needs Whether you have a few Juniper firewalls today and will have many more tomorrow, Junos Space Security Director can help ease the task of managing policies for all --------------------------------------------------------------------- Copyright 1996-2013 Juniper Networks, Inc All rights reserved Update preferences IMAGE IMAGE IMAGE IMAGE submit to reddit IMAGE IMAGE http://www.secuobs.com/revue/news/443515.shtmlhttp://www.secuobs.com/revue/news/443515.shtml 2013-05-03 20:28:20 - SecurityTube.Net : So, you want to run a capture the flag game Well, have you thought of scenarios you want to use Already ran one and need to change it up for the next con What sort of hardware do you think you will need Feel too lazy to come up with your own scenarios every single time Running a CTF can be a pain The idea behind NetKotH is to have the players make the game dynamic so you don t have to They have to own the boxes, and keep them, to score point This makes them both the red and the blue teams Even if you reuse the same scenarios VMs each time, things change as player race each other to get control first, script re-pwning of boxes and try to make life hell for each other IMAGE http://www.secuobs.com/revue/news/443456.shtmlhttp://www.secuobs.com/revue/news/443456.shtml 2013-05-03 19:49:24 - National Vulnerability Database : The nsrpush process in the client in EMC NetWorker before 7653 and 8x before 8014 sets weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors http://www.secuobs.com/revue/news/443451.shtmlhttp://www.secuobs.com/revue/news/443451.shtml 2013-05-03 18:27:39 - Les derniers documents du CERTA. : Une vulnérabilité a été corrigée dans EMC NetWorker Elle permet à un attaquant de provoquer une élévation de privilèges http://www.secuobs.com/revue/news/443409.shtmlhttp://www.secuobs.com/revue/news/443409.shtml 2013-05-03 16:21:40 - Wired Danger Room : In Two Weeks, Your iPad Can Be Used on Military NetworksThe Pentagon is set to approve a security review for Apple smartphones and tablets, allowing their use alongside BlackBerrys and the Android-powered Samsung Knox IMAGE IMAGE IMAGE IMAGE IMAGE http://www.secuobs.com/revue/news/443385.shtmlhttp://www.secuobs.com/revue/news/443385.shtml 2013-05-03 16:20:48 - Security Bloggers Network : It seems there is a race on Which big defence company can hoover up the right cyber security SMBs Cassidian Acquires Cyber Expert Arkoon Network Security - Defense World http://www.secuobs.com/revue/news/443384.shtmlhttp://www.secuobs.com/revue/news/443384.shtml 2013-05-03 16:20:10 - Help Net Security News : A criminal complaint was unsealed on Thursday in federal court in the Eastern District of New York charging Michael Meneses - who was arrested earlier that day in Smithtown, Long Island - with hacking http://www.secuobs.com/revue/news/443381.shtmlhttp://www.secuobs.com/revue/news/443381.shtml 2013-05-03 16:14:54 - Fortinet Blog News and Threat Research All Posts : In this monthly video series focusing on the latest digital security threats, Keith Shaw and Fortinet s Derek Manky discuss the recent Twitter hack on the Associated Press, the Spamhaus arrests and DNS amplification, and the latest Android hacks http://www.secuobs.com/revue/news/443378.shtmlhttp://www.secuobs.com/revue/news/443378.shtml 2013-05-03 14:30:01 - Network World on Security : A 41-year-old man was arrested for allegedly disrupting his former employer's network after he was passed over for promotions, leading him to quit his job and take revenge, the US Federal Bureau of Investigation said http://www.secuobs.com/revue/news/443359.shtmlhttp://www.secuobs.com/revue/news/443359.shtml 2013-05-03 13:07:11 - Help Net Security News : EiQ Networks announced SOCVue, a new remote management service With this development organizations can now leverage EiQ s SOC team expertise and knowledge to protect against cyber attacks and APTs wh http://www.secuobs.com/revue/news/443344.shtmlhttp://www.secuobs.com/revue/news/443344.shtml 2013-05-03 13:07:11 - Help Net Security News : Network monitoring is dead, says the CEO of cPacket Networks that is, unless network monitoring solutions become agile enough to deliver real-time visibility, while keeping up with the increasing com http://www.secuobs.com/revue/news/443343.shtmlhttp://www.secuobs.com/revue/news/443343.shtml 2013-05-03 12:48:56 - Global Security Mag Online : Barracuda Networks Inc annonce la sortie de son nouvel ADC Application Delivery Controller , une solution intégrée qui combine load balancing, accélération, contrôle et sécurisation des applications en une seule et même plateforme Principales caractéristiques de l'offre Avec jusqu'à 32 ports 1GbE et jusqu'à 8 ports 10GbE, la plateforme ADC de Barracuda est conçue pour améliorer la performance et répondre aux besoins des centres de traitement des données à grand trafic La plateforme ADC de - Produits http://www.secuobs.com/revue/news/443339.shtmlhttp://www.secuobs.com/revue/news/443339.shtml 2013-05-03 06:48:18 - The Ashimmy Blog : An exclusive offer for the Security Bloggers Network - Hugh Thompson Invites you to celebrate the release of the book The Plateau Effect by NYT bestselling author Bob Sullivan and RSA Conference Program Chair Dr Hugh Thompson You can get http://www.secuobs.com/revue/news/443312.shtmlhttp://www.secuobs.com/revue/news/443312.shtml 2013-05-03 03:47:49 - Security Intelligence TrendLabs Trend Micro : A few weeks ago, we noted that we believed it was likely that Bitcoin miners using GPUs might become part of the threat landscape It appears that that has happened, in a somewhat roundabout way The e-sports league ESEA was recently forced to admit that an employee had, without authorization, pushed a Bitcoin miner to users Post from Trendlabs Security Intelligence Blog - by Trend Micro Gaming Network Plants Bitcoin Miner On User Systems http://www.secuobs.com/revue/news/443301.shtmlhttp://www.secuobs.com/revue/news/443301.shtml 2013-05-03 02:12:57 - Security Bloggers Network : One problem with network games how do you trust the other people in the contest You could build a network that requires your customers to installed a special cheat-blocker client and then use the client to mine Bitcoins http://www.secuobs.com/revue/news/443294.shtmlhttp://www.secuobs.com/revue/news/443294.shtml 2013-05-02 21:05:12 - Schneier on Security : Interesting research Helbing's publication illustrates how cascade effects and complex dynamics amplify the vulnerability of networked systems For example, just a few long-distance connections can largely decrease our ability to mitigate the threats posed by global pandemics Initially beneficial trends, such as globalization, increasing network densities, higher complexity, and an acceleration of institutional decision processes may ultimately push human-made or http://www.secuobs.com/revue/news/443235.shtmlhttp://www.secuobs.com/revue/news/443235.shtml 2013-05-02 20:10:47 - Security Bloggers Network : Welcome to the Tenable Network Security Podcast Episode 167 Announcements Increase Security Effectiveness with these 20 Critical Security Controls We're hiring - Visit the Tenable website for more information about open positions http://www.secuobs.com/revue/news/443204.shtmlhttp://www.secuobs.com/revue/news/443204.shtml 2013-05-02 07:56:03 - Security Bloggers Network : Today s post is all about Control 10 of the CSIS 20 Critical Security Controls Secure Configurations for Network Devices the last post pertained to Control 9 Here I ll explore the 28 requirements I ve parsed out of the control I used the PDF version, but the online version is here and offer my thoughts on what I ve found Read More IMAGE IMAGE http://www.secuobs.com/revue/news/443073.shtmlhttp://www.secuobs.com/revue/news/443073.shtml 2013-05-02 03:53:20 - Network Security Blog : Long show with short notes this week as Wade Baker of Verizon and Josh Corman of Akamai join us to talk about the Verizon Data Breach Investigations Report This is a must-read report and our short podcast can t possibly do it justice, but we made our best effort Listen to the end, we have some http://www.secuobs.com/revue/news/443045.shtmlhttp://www.secuobs.com/revue/news/443045.shtml 2013-05-01 21:12:31 - Ars Technica Risk Assessment : Researcher finds at least 2pourcents of US Web ads are stuffed in invisible webpages http://www.secuobs.com/revue/news/442991.shtmlhttp://www.secuobs.com/revue/news/442991.shtml 2013-05-01 12:27:32 - Computer Security News : Aging networking protocols still employed by nearly every Internet-connected device are being abused by hackers to conduct distributed denial-of-service attacks http://www.secuobs.com/revue/news/442873.shtmlhttp://www.secuobs.com/revue/news/442873.shtml 2013-05-01 01:20:31 - P1 Security : The 6 Best Ways to Secure Your Telecom Network with P1 Security Security features are not enough to provide a secure telecom network From automated vulnerability assessment to telecom security compliance, here are the best ways to prevent, detect, Read more http://www.secuobs.com/revue/news/442827.shtmlhttp://www.secuobs.com/revue/news/442827.shtml 2013-04-30 20:09:25 - Dark Reading All Stories : New service enables small to midsize enterprises to improve cyberdefenses http://www.secuobs.com/revue/news/442777.shtmlhttp://www.secuobs.com/revue/news/442777.shtml 2013-04-30 11:33:40 - 411 spyware : Tidy Network is a browser add-on which is presented as a tool that helps computer users find the best offers and deals Some of you may call this application adware because it keeps displaying advertisements while browsing different websites According to the official website, the offers which appear in the form of coupons, web and http://www.secuobs.com/revue/news/442641.shtmlhttp://www.secuobs.com/revue/news/442641.shtml 2013-04-30 02:15:58 - OpenDNS Blog : See why thousands of schools and districts have made the switch to cloud-delivered Web filtering http://www.secuobs.com/revue/news/442583.shtmlhttp://www.secuobs.com/revue/news/442583.shtml 2013-04-29 21:37:12 - New RFCs : 27KB This document specifies additional IPv6 RADIUS Attributes useful in residential broadband network deployments The Attributes, which are used for authorization and accounting, enable assignment of a host IPv6 address and an IPv6 DNS server address via DHCPv6, assignment of an IPv6 route announced via router advertisement, assignment of a named IPv6 delegated prefix pool, and assignment of a named IPv6 pool for host DHCPv6 addressing http://www.secuobs.com/revue/news/442534.shtmlhttp://www.secuobs.com/revue/news/442534.shtml 2013-04-29 17:39:20 - Help Net Security News : The widespread use of mobile communication, including cell phones, laptops and tablets, makes consumers particularly vulnerable to fraud and malware risks over public internet connections Mobile http://www.secuobs.com/revue/news/442478.shtmlhttp://www.secuobs.com/revue/news/442478.shtml 2013-04-29 14:08:29 - Bill Mullins' Weblog Tech Thoughts : Every day, innocent websites are compromised by malicious hackers Google identifies almost 10,000 malware-infected websites each day, and half of those are genuine websites belonging to legitimate companies These companies haven t done anything wrong, but they find themselves blacklisted by Continue reading http://www.secuobs.com/revue/news/442426.shtmlhttp://www.secuobs.com/revue/news/442426.shtml 2013-04-29 09:03:32 - Global Security Mag Online : Cassidian CyberSecurity a signé un accord en vue de devenir le principal actionnaire de Arkoon Network Security, un des acteurs européens reconnus en matière de sécurité des réseaux, de protection des systèmes d'information et de confidentialité des données Après l'acquisition de Netasq le 16 novembre 2012, l'acquisition de Arkoon Network Security représente une nouvelle étape stratégique dans le développement du tissu industriel européen de produits et solutions de cybersécurité Cette offre constitue - Business http://www.secuobs.com/revue/news/442383.shtmlhttp://www.secuobs.com/revue/news/442383.shtml 2013-04-28 21:41:20 - grand stream dreams : And here is a roundup of tips, news, tools and techniques in the world of networking Troy Hunt The beginners guide to breaking website security with nothing more than a Pineapple - Troy Hunt - If you use or support WiFi stop what you are doing right now and read this And be terrified and then make sure you go back and audit configure your WiFi router and browser and system as securely as you can Crap Now, where did I put those 50 Cat-6 patch cords from Cables-to-Go Detecting TOR Communication in Network Traffic - NETRESEC Blog NetFort Span Port Configurator by Tony Fortunato - LoveMyTool blog ColaSoft nChronos Intro and Troubleshooting by Tony Fortunato - LoveMyTool blog The Importance of Watching the Wire - Packet Life NetConnectChoose - New NirSoft utility - Set the default Internet connection and view general connection information More information in this NirBlog post - New utility to select the default Internet connection and to view Internet network connection information TcpLogView - New NirSoft utility - Creates TCP connections log More information in this NirBlog post - New utility that displays TCP connections log LDWin Link Discovery for Windows - What the blog - new Windows utility to discover link information for devices connected to devices that support the Link Layer Discovery Protocol LLDP as well as Cisco Discovery Protocol CDP Free See also the developer s super handy for troubleshooting tool WinCDP How to install the loopback adapter in Windows 8 - 4sysops Cheers --Claus V http://www.secuobs.com/revue/news/442335.shtmlhttp://www.secuobs.com/revue/news/442335.shtml 2013-04-26 01:53:44 - OpenDNS Blog : Easily apply policy to guest wireless, classrooms, and server rooms with this great new feature http://www.secuobs.com/revue/news/441960.shtmlhttp://www.secuobs.com/revue/news/441960.shtml 2013-04-26 00:54:55 - Soroush Dalili Computer Security Is My Interest : While I was testing a XML Injection vulnerability, I became interested in the W3Schools DTD Validator example that can only work in IE http wwww3schoolscom dtd dtd_validationasp As a result, after I finished my testing, I started playing with this Microsoft XMLDOM object to see if it is vulnerable I created the following test case to manipulate the http://www.secuobs.com/revue/news/441953.shtmlhttp://www.secuobs.com/revue/news/441953.shtml 2013-04-25 20:48:16 - Security Bloggers Network : TaaS NetAnalyzer features tight integration with TaaSERA s new Attacker Intelligence Feed http://www.secuobs.com/revue/news/441908.shtmlhttp://www.secuobs.com/revue/news/441908.shtml 2013-04-25 19:31:29 - Dark Reading All Stories : TaaS NetAnalyzer features tight integration with TaaSERA s new Attacker Intelligence Feed http://www.secuobs.com/revue/news/441871.shtmlhttp://www.secuobs.com/revue/news/441871.shtml 2013-04-25 17:21:55 - DDoS and Security Reports Arbor Networks Security Blog 2013 : On March 15, 2013, Brian Krebs of Krebs on Security wrote The World Has No Room For Cowards In it, he writes a fascinating story about a DDoS attack against his site and also a physical attack against his person The part where Krebs notes that there are strong indications that a site named http://www.secuobs.com/revue/news/441830.shtmlhttp://www.secuobs.com/revue/news/441830.shtml 2013-04-25 00:36:51 - Security Bloggers Network : IMAGE http://www.secuobs.com/revue/news/441686.shtmlhttp://www.secuobs.com/revue/news/441686.shtml 2013-04-24 23:27:03 - Dark Reading All Stories : Release 54 adds adding SSL inspection, granular detection of standard, and user-defined applications http://www.secuobs.com/revue/news/441671.shtmlhttp://www.secuobs.com/revue/news/441671.shtml 2013-04-24 23:27:03 - Dark Reading All Stories : vBroker NPB system provides advanced traffic filtering, packet optimization, and offloading of unnecessary processing http://www.secuobs.com/revue/news/441670.shtmlhttp://www.secuobs.com/revue/news/441670.shtml 2013-04-24 21:48:46 - Global Security Mag Online : Pradeo Networks dans sa stratégie d'expansion à choisit de participer pour la première fois à Infosecurity UK A cette occasion, la société met en avant procédé breveté Trust Revealing qui est un moteur d'analyse comportemental des applications mobiles avant qu'elles ne soient installées sur les Smartphones et les tablettes Pour Stéphane Saad, directeur marketing de Pradeo Networks, le développement à l'international est stratégique pour l'avenir de son entreprise GS Mag C'est la première fois que - International affiche, INFOSEC 13 http://www.secuobs.com/revue/news/441651.shtmlhttp://www.secuobs.com/revue/news/441651.shtml 2013-04-24 20:31:59 - Security Bloggers Network : via the comic genius of Nitrozac and Snaggy at The Joy of Tech http://www.secuobs.com/revue/news/441634.shtmlhttp://www.secuobs.com/revue/news/441634.shtml 2013-04-24 11:33:46 - Global Security Mag Online : Un nouveau rapport d'Emerson Network Power, entreprise d'Emerson, révèle que près de la moitié des DSI se considèrent comme des fournisseurs de services IT ou des centres de coût plutôt que comme des innovateurs commerciaux ou des catalyseurs du changement La seule contrainte de rester à jour sur les nouvelles technologies constitue un frein pour suivre le développement rapide de l'ère de l'information Le rapport, intitulé Le DSI du futur Devenir un catalyseur du changement , insiste également sur - Investigations http://www.secuobs.com/revue/news/441471.shtmlhttp://www.secuobs.com/revue/news/441471.shtml 2013-04-24 01:58:59 - Security Bloggers Network : A recent discovery by RSA researchers shows a new FaaS offering that is being marketed directly via a popular social network The sale item a customized botnet panel programmed to work with the Zeus Trojan both reworked by what appears to be an Indonesian-speaking malware developer Beyond having compiled a working Zeus Trojan kit, the developer customized an attractive control panel for the admin basic and familiar in functionality, and taken from previous Zeus versions , the developer and his team created a demo website for potential buyers which they have no qualms about sharing publicly, and best of all a Facebook page with frequent updates and information about botnets, exploits, cybercrime, and their own product Zeus v 12101 http://www.secuobs.com/revue/news/441414.shtmlhttp://www.secuobs.com/revue/news/441414.shtml 2013-04-24 01:09:16 - Network Security Blog : After a hectic couple of weeks conferences, travel, and city-wide lockdowns recovery is sorely needed, but we push through a relatively lively show with a teaser for a bigger debate Wdiscussion slated for next week And somehow the podcast just keeps getting a little longer every week Network Security Podcast, Episode 310, April 23, 2013 http://www.secuobs.com/revue/news/441408.shtmlhttp://www.secuobs.com/revue/news/441408.shtml 2013-04-23 20:44:44 - Network World on Security : In a clever twist to Android malware, cybercriminals posing as an ad network were able to fool Google Play and have their malware-distributing framework downloaded millions of times through dozens of apps http://www.secuobs.com/revue/news/441362.shtmlhttp://www.secuobs.com/revue/news/441362.shtml 2013-04-23 15:02:08 - Network World on Security : Life for a phony profile on Twitter may be short, but it isn't deterring spammers from continuing to work their scams on social networkers, says one security researcher http://www.secuobs.com/revue/news/441269.shtmlhttp://www.secuobs.com/revue/news/441269.shtml 2013-04-22 12:16:38 - Help Net Security News : Qualys and FireMon announced the integration of QualysGuard Vulnerability Management VM and FireMon Security Manager with Risk Analyzer in FireMon s upcoming 70 release This enables customers http://www.secuobs.com/revue/news/440946.shtmlhttp://www.secuobs.com/revue/news/440946.shtml 2013-04-22 11:58:31 - Global Security Mag Online : L'Hébergeur Opérateur Télécom qui connaît depuis plusieurs années une très forte croissance a été salué pour son dynamisme en faveur de l'emploi, lors de la 18e cérémonie de remise des Trophées de l'Emploi La remise des Trophées s'est déroulée à La Faculté de la Timone, sous le haut patronage des Ministères de l'Emploi, de l'Enseignement Supérieur et de la Recherche Avec le concours de l'URSSAF, quelques 300 entreprises ont été présélectionnées Un jury a ensuite délibéré pour élire les 4 nominés parmi 50 - Business http://www.secuobs.com/revue/news/440943.shtmlhttp://www.secuobs.com/revue/news/440943.shtml 2013-04-22 09:36:27 - Global Security Mag Online : L'Hébergeur Opérateur Télécom qui connaît depuis plusieurs années une très forte croissance a été salué pour son dynamisme en faveur de l'emploi, lors de la 18e cérémonie de remise des Trophées de l'Emploi La remise des Trophées s'est déroulée à La Faculté de la Timone, sous le haut patronage des Ministères de l'Emploi, de l'Enseignement Supérieur et de la Recherche Avec le concours de l'URSSAF, quelques 300 entreprises ont été présélectionnées Un jury a ensuite délibéré pour élire les 4 nominés parmi 50 - Business http://www.secuobs.com/revue/news/440921.shtmlhttp://www.secuobs.com/revue/news/440921.shtml 2013-04-21 17:11:59 - CYBER ARMS Computer Security : Wouldn t it be cool to be able to test wireless network security using your Raspberry Pi Well, thanks to Kali Linux, you can With Kali you can scan for Wi-Fi networks and even perform active penetration testing using your 35 Raspberry Pi I just finished up another article for Hakin9 Magazine, and it should be http://www.secuobs.com/revue/news/440860.shtmlhttp://www.secuobs.com/revue/news/440860.shtml 2013-04-21 02:54:20 - SecurityTube.Net : Slide - http wwwiacrorg conferences crypto2012 slides 1-5-Milespdf This paper takes a new step towards closing the troubling gap between pseudorandom functions PRF and their popular, bounded-input-length counterparts This gap is both quantitative, because these counterparts are more efficient than PRF in various ways, and methodological, because these counterparts usually fit in the substitution-permutation network paradigm SPN which has not been used to construct PRF We give several candidate PRF F_i that are inspired by the SPN paradigm This paradigm involves a substitution function S-box Our main candidates are 1 F_1 0,1 n - 0,1 n is an SPN whose S-box is a random function on b bits, given as part of the seed We prove unconditionally that F_1 resists attacks that run in time at most 2 Omega b Setting b omega log n we obtain an inefficient PRF, which however seems to be the first such construction using the SPN paradigm 2 F_2 0,1 n - 0,1 n is an SPN where the S-box is patched field inversion, a common choice in practical constructions F_2 is computable with Boolean circuits of size n log O 1 n, and in particular with seed length n log O 1 n We prove that this candidate has exponential security 2 Omega n against linear and differential cryptanalysis 3 F_3 0,1 n - 0,1 is a non-standard variant on the SPN paradigm, where states grow in length F_3 is computable with size n 1 eps , for any eps 0, in the restricted circuit class TC0 of unbounded fan-in majority circuits of constant-depth We prove that F_3 is almost 3 -wise independent 4 F_4 0,1 n - 0,1 uses an extreme setting of the SPN parameters one round, one S-box, no diffusion matrix The S-box is again patched field inversion We prove that this candidate is a small-bias generator for tests of weight up to 2 09n Assuming the security of our candidates, our work also narrows the gap between the Natural Proofs barrier Razborov Rudich JCSS '97 and existing lower bounds, in three models unbounded-depth circuits, TC0 circuits, and Turing machines In particular, the efficiency of the circuits computing F_3 is related to a result by Allender and Koucky JACM '10 who show that a lower bound for such circuits would imply a lower bound for TC0 IMAGE http://www.secuobs.com/revue/news/440829.shtmlhttp://www.secuobs.com/revue/news/440829.shtml 2013-04-20 04:13:53 - Dark Reading All Stories : Machine learning techniques can be used to detect fraud and spies on social networks based on certain features, such as the number of followers and the number of devices used to access the network http://www.secuobs.com/revue/news/440753.shtmlhttp://www.secuobs.com/revue/news/440753.shtml 2013-04-19 22:45:15 - adafruit industries blog : Handy RasPi Guide To Direct Network Connection from Meltwater s Raspberry Pi Hardware Blog No keyboard or screen available for your Raspberry Pi, but you have a laptop There are often times when a HDMI monitor is not available to use with your Raspberry Pi In those circumstances it can be very useful to remote connect using http://www.secuobs.com/revue/news/440712.shtmlhttp://www.secuobs.com/revue/news/440712.shtml 2013-04-19 16:37:27 - Security Bloggers Network : Botnets were responsible for the recent cyber attack aimed at Israel, according to a review of the incident from Trend Micro On April 7, the hacktivist group Anonymous reportedly began a targeted Distributed Denial of Service DDoS campaign against various Israeli websites ihttp wwwsecuritybistrocom blog wp-admin postphp post 6834 action editn retaliation for the country s policies towards Hamas and subsequent attacks on the Gaza Strip Despite apparent Israeli Read more IMAGE http://www.secuobs.com/revue/news/440633.shtmlhttp://www.secuobs.com/revue/news/440633.shtml 2013-04-17 21:26:38 - Global Security Mag Online : A10 Networks annonce que sa solution AX Series a été choisie par M6 Web, filiale digitale du Groupe M6 Explications M6 Web accompagne les marques et chaînes du groupe M6 dans leur développement sur les nouveaux écrans PC, IPTV, tablettes, smartphones avec des offres de contenus innovantes comme M6 Replay - la télévision de rattrapage - et la diffusion de plus de 45 millions de vidéos chaque mois M6 Web édite également un bouquet de sites thématiques, leaders dans leur catégorie clubiccom, - Marchés http://www.secuobs.com/revue/news/440179.shtmlhttp://www.secuobs.com/revue/news/440179.shtml 2013-04-17 20:35:08 - Dark Reading All Stories : New findings from network security management provider AlgoSec also indicate poor change management processes lead to network and application outages http://www.secuobs.com/revue/news/440174.shtmlhttp://www.secuobs.com/revue/news/440174.shtml 2013-04-17 17:36:28 - Security Bloggers Network : Yesterday we announced the findings from our second annual State of Network Security survey, which we conducted to identify and analyze current and trending security risks and operational challenges In our 2013 findings, manual, time-consuming processes and change management issues have a major impact on both security and operations We've http://www.secuobs.com/revue/news/440036.shtmlhttp://www.secuobs.com/revue/news/440036.shtml 2013-04-17 15:57:31 - Security Bloggers Network : http://www.secuobs.com/revue/news/440012.shtmlhttp://www.secuobs.com/revue/news/440012.shtml