Contribuez à SecuObs en envoyant des bitcoins ou des dogecoins.
Nouveaux articles (fr): 1pwnthhW21zdnQ5WucjmnF3pk9puT5fDF
Amélioration du site: 1hckU85orcGCm8A9hk67391LCy4ECGJca
Tips: DLovLUzkYsFNbAT5xwewQ6BAWztH4MtDgn

Contribute to SecuObs by sending bitcoins or dogecoins.
New content (en): 1pwnwwLjiu8U6jgqEchPXibM2dJA2CqQq
New website: 1hckU85orcGCm8A9hk67391LCy4ECGJca

44i3VeDHHoL5U6cULcgP6gPWw4p2oCoSGZXepBSDV42mGuLpuSbn5Kh3uGJ8Z9YqkaRwbQqq8op4nShvptRMByNxQFfBvVd
Chercher :
Newsletter :  

Revues :
- Presse
- Presse FR
- Vidéos
- Twitter
- Secuobs




Sommaires :
- Tendances
- Failles
- Virus
- Concours
- Reportages
- Acteurs
- Outils
- Breves
- Infrastructures
- Livres
- Tutoriels
- Interviews
- Podcasts
- Communiques
- USBsploit
- Commentaires

Revue Presse:
- Tous
- Francophone
- Par mot clé
- Par site
- Le tagwall


Top bi-hebdo:
- Ensemble
- Articles
- Revue
- Videos
- Twitter
- Auteurs

Articles :
- Par mot clé
- Par auteur
- Par organisme
- Le tagwall


Videos :
- Toutes
- Par mot clé
- Par site
- Le tagwall


Twitter :
- Tous
- Par mot clé
- Par compte
- Le tagwall


Commentaires :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours
- Livres
- Communiques

RSS/XML :
- Articles
- Commentaires
- Revue
- Revue FR
- Videos
- Twitter

RSS SecuObs :
- sécurité
- exploit
- windows
- attaque
- outil
- microsoft

RSS Revue :
- security
- microsoft
- windows
- hacker
- attack
- network

RSS Videos :
- curit
- security
- biomet
- metasploit
- biometric
- cking

RSS Twitter :
- security
- linux
- botnet
- attack
- metasploit
- cisco

RSS Comments :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours
- Livres
- Communiques

RSS OPML :
- Français
- International



Revue de presse francophone :
- Appaloosa AppDome nouent un partenariat pour accompagner les entreprises dans le déploiement et la protection des applications mobiles
- D-Link offre une avec un routeur VPN sans fil AC
- 19 mai Paris Petit-Déjeuner Coreye Développer son business à l'abri des cyberattaques
- POYNTING PRESENTE LA NOUVELLE ANTENNE OMNI-291, SPECIALE MILIEU MARITIME, CÔTIER ET MILIEU HUMIDE
- Flexera Software Les utilisateurs français de PC progressent dans l'application de correctifs logiciels, mais des défis de tailles subsistent
- Riverbed lance SD-WAN basé sur le cloud
- Fujitsu multi-récompensé VMware lui décerne plusieurs Partner Innovation Awards à l'occasion du Partner Leadership Summit
- Zscaler Private Access sécuriser l'accès à distance en supprimant les risques inhérents aux réseaux privés virtuels
- QNAP annonce la sortie de QTS 4.2.1
- Une enquête réalisée par la société de cyber sécurité F-Secure a décelé des milliers de vulnérabilités graves, potentiellement utilisables par des cyber criminels pour infiltrer l'infrastru
- Trouver le juste équilibre entre une infrastructure dédiée et cloud le dilemme de la distribution numérique
- 3 juin - Fleurance - Cybersécurité Territoires
- Cyber-assurances Seules 40 pourcents des entreprises françaises sont couvertes contre les violations de sécurité et les pertes de données
- Des étudiants de l'ESIEA inventent CheckMyHTTPS un logiciel qui vérifie que vos connexions WEB sécurisées ne sont pas interceptées
- Les produits OmniSwitch d'Alcatel-Lucent Enterprise ALE gagnent en sécurité pour lutter contre les cyber-attaques modernes

Dernier articles de SecuObs :
- DIP, solution de partage d'informations automatisée
- Sqreen, protection applicative intelligente de nouvelle génération
- Renaud Bidou (Deny All): "L'innovation dans le domaine des WAFs s'oriente vers plus de bon sens et d'intelligence, plus de flexibilité et plus d'ergonomie"
- Mises à jour en perspective pour le système Vigik
- Les russes ont-ils pwn le système AEGIS ?
- Le ministère de l'intérieur censure une conférence au Canada
- Saut d'air gap, audit de firmware et (in)sécurité mobile au programme de Cansecwest 2014
- GCHQ: Le JTRIG torpille Anonymous qui torpille le JTRIG (ou pas)
- #FIC2014: Entrée en territoire inconnu
- Le Sénat investit dans les monnaies virtuelles

Revue de presse internationale :
- VEHICLE CYBERSECURITY DOT and Industry Have Efforts Under Way, but DOT Needs to Define Its Role in Responding to a Real-world Attack
- Demand letter served on poll body over disastrous Comeleak breach
- The Minimin Aims To Be The Simplest Theremin
- Hacking group PLATINUM used Windows own patching system against it
- Hacker With Victims in 100 Nations Gets 7 Years in Prison
- HPR2018 How to make Komboucha Tea
- Circuit Bender Artist bends Fresnel Lens for Art
- FBI Director Suggests iPhone Hacking Method May Remain Secret
- 2016 Hack Miami Conference May 13-15, 2016
- 8-bit Video Wall Made From 160 Gaming Keyboards
- In An Era Of Decline, News Sites Can t Afford Poor Web Performance
- BeautifulPeople.com experiences data breach 1m affected
- Swedish Air Space Infringed, Aircraft Not Required
- Why cybercriminals attack healthcare more than any other industry
- Setting the Benchmark in the Network Security Forensics Industry

Annuaire des videos
- FUZZING ON LINE PART THREE
- Official Maltego tutorial 5 Writing your own transforms
- Official Maltego tutorial 6 Integrating with SQL DBs
- Official Maltego tutorial 3 Importing CSVs spreadsheets
- install zeus botnet
- Eloy Magalhaes
- Official Maltego tutorial 1 Google s websites
- Official Maltego tutorial 4 Social Networks
- Blind String SQL Injection
- backdoor linux root from r57 php shell VPS khg crew redc00de
- How To Attaque Pc With Back Track 5 In Arabique
- RSA Todd Schomburg talks about Roundup Ready lines available in 2013
- Nessus Diagnostics Troubleshooting
- Panda Security Vidcast Panda GateDefender Performa Parte 2 de 2
- MultiPyInjector Shellcode Injection

Revue Twitter
- RT @fpalumbo: Cisco consistently leading the way ? buys vCider to boost its distributed cloud vision #CiscoONE
- @mckeay Looks odd... not much to go on (prob some slideshow/vid app under Linux)
- [SuggestedReading] Using the HTML5 Fullscreen API for Phishing Attacks
- RT @BrianHonan: Our problems are not technical but cultural. OWASP top 10 has not changed over the years @joshcorman #RSAC
- RT @mikko: Wow. Apple kernels actually have a function called PE_i_can_has_debugger:
- [Blog Spam] Metasploit and PowerShell payloads
- PinkiePie Strikes Again, Compromises Google Chrome in Pwnium Contest at Hack in the Box: For the second time thi...
- @mikko @fslabs y'all wldn't happen to have lat/long data sets for other botnets, wld you? Doing some research (free/open info rls when done)
- RT @nickhacks: Want to crash a remote host running Snow Leopard? Just use: nmap -P0 -6 --script=targets-ipv6-multicast-mld #wishiwaskidding
- An inexpensive proxy service called is actually a front for #malware distribution -

Mini-Tagwall
Revue de presse : security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone

+ de mots clés pour la revue de presse
Annuaires des videos : curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit

+ de mots clés pour les videos
Revue Twitter : security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall

+ de mots clés pour la revue Twitter

Top bi-hebdo des articles de SecuObs
- [Ettercap – Partie 2] Ettercap par l'exemple - Man In the Middle et SSL sniffing
- [Infratech - release] version 0.6 de Bluetooth Stack Smasher
- [IDS Snort Windows – Partie 2] Installation et configuration
- [Infratech - vulnérabilité] Nouvelle version 0.8 de Bluetooth Stack Smasher
- Mises à jour en perspective pour le système Vigik
- USBDumper 2 nouvelle version nouvelles fonctions !
- EFIPW récupère automatiquement le mot de passe BIOS EFI des Macbook Pro avec processeurs Intel
- La sécurité des clés USB mise à mal par USBDUMPER
- Une faille critique de Firefox expose les utilisateurs de Tor Browser Bundle
- Installation sécurisée d'Apache Openssl, Php4, Mysql, Mod_ssl, Mod_rewrite, Mod_perl , Mod_security

Top bi-hebdo de la revue de presse
- StackScrambler and the Tale of a Packet Parsing Bug

Top bi-hebdo de l'annuaire des videos
- DC++ Botnet. How To DDos A Hub With Fake IPs.
- Comment creer un server botnet!!!!(Réseau de pc zombies)
- Defcon 14 Hard Drive Recovery Part 3

Top bi-hebdo de la revue Twitter
- RT @secureideas: I believe that all the XSS flaws announced are fixed in CVS. Will test again tomorrow if so, release 1.4.3. #BASESnort
- Currently, we do not support 100% of the advanced PDF features found in Adobe Reader... At least that's a good idea.
- VPN (google): German Foreign Office Selects Orange Business for Terrestrial Wide: Full
- @DisK0nn3cT Not really, mostly permission issues/info leak...they've had a couple of XSS vulns but nothing direct.
- Swatting phreaker swatted and heading to jail: A 19-year-old American has been sentenced to eleven years in pris..
- RT @fjserna You are not a true hacker if the calc.exe payload is not the scientific one... infosuck.org/0x0035.png

Top des articles les plus commentés
- [Metasploit 2.x – Partie 1] Introduction et présentation
- Microsoft !Exploitable un nouvel outil gratuit pour aider les développeurs à évaluer automatiquement les risques
- Webshag, un outil d'audit de serveur web
- Les navigateurs internet, des mini-systèmes d’exploitation hors de contrôle ?
- Yellowsn0w un utilitaire de déblocage SIM pour le firmware 2.2 des Iphone 3G
- CAINE un Live[CD|USB] pour faciliter la recherche légale de preuves numériques de compromission
- Nessus 4.0 placé sous le signe de la performance, de l'unification et de la personnalisation
- [Renforcement des fonctions de sécurité du noyau Linux – Partie 1] Présentation
- [IDS Snort Windows – Partie 1] Introduction aux IDS et à SNORT
- Origami pour forger, analyser et manipuler des fichiers PDF malicieux

Les Tweets pour VUPEN
Si vous voulez bloquer un compte Twitter ou nous en proposer un

Menu > Elements de la revue Twitter : - l'ensemble [tous] - par mots clé [tous] - par compte [tous] - le tagwall [voir]
S'abonner au fil RSS global de la revue Twitter

Suivants


Les Tweets filtrés pour " VUPEN" (205 résultats)
S'abonner au fil RSS SecuObs pour le compte Twitter VUPEN


[2012-09-29] - 00:55:39 - We found a Win7 0day that transforms almost any IE vuln into a sophisticated ASLR/DEP bypass without using any Leak/ROP/Plugin. JIT? Maybe..

[2012-09-19] - 00:44:41 - Microsoft released a security advisory related to the ongoing Internet Explorer zero-day attacks. IE10 + Win8 are safe http://t.co/RALmGGsA

[2012-09-18] - 02:18:00 - IE 0day in the wild targets IE 8-7 on XP while the flaw exists in = IE9 on all Win. AntiVirus are useless as usual with a 0% detection rate

[2012-09-17] - 07:53:42 - A new 0day affecting Internet Explorer is reportedly being exploited in the wild. If you use IE, take care..or not use IE. More info shortly

[2012-09-07] - 00:24:47 - If you run a Cloud infrastructure based on Xen you didnt read our blog, don't forget to upgrade to v4.1.3 asap as the flaw is critical !

[2012-08-14] - 20:03:25 - Microsoft released security updates to fix critical vulns affecting IE, Windows, RDP, Kernel, Office, and Visio http://t.co/2NfklY9W

[2012-08-06] - 18:04:46 - Blog: Advanced Exploitation of Windows Kernel 64-Bit Sysret Vuln (MS12-042) on Win7 + Win 2008 R2 http://t.co/XKhsePuI #SharingKnowledge

[2012-07-18] - 12:22:22 - Blog: Advanced Exploitation of IE9 MSXML Uninitialized Memory MS12-043 with ASLR/DEP Bypass...using RGB colors! http://t.co/XKhsePuI

[2012-07-16] - 06:01:30 - Blog: Analysis Advanced Exploitation of our Pwn2own 2012 zeroday for IE9-Win7 with ASLR/DEP bypass http://t.co/TmfFfzOF #SharingKnowledge

[2012-07-16] - 06:01:30 - Upcoming research blog will show how we turned the recent lame 'state-sponsored' MSXML 0day into a sophisticated 'beer-sponsored' exploit!

[2012-07-07] - 20:32:10 - We confirm that a recently fixed critical Java vuln is exploited by attackers. All Win/nix/Mac with Java are at risk http://t.co/vAYjXONB

[2012-06-28] - 13:07:15 - Our next research blog will cover the analysis and advanced exploitation of the IE9 flaw on Windows 7 (ASLR/DEP bypass) we used at Pwn2own

[2012-06-26] - 22:03:42 - We're preparing a blog post on reliable exploitation of Firefox use-after-free vulns with ASLR/DEP bypass. Stay tuned...

[2012-06-26] - 22:03:42 - Blog: Advanced Exploitation of Mozilla Firefox Use-after-free Vulnerability with ASLR/DEP bypass http://t.co/XNNyH0WQ #sharing #knowledge

[2012-06-20] - 23:53:05 - Our exploits with ASLR/DEP bypass for IE MS12-037 (CVE-2012-1875 + CVE-2012-1876) are available as part of the BAES http://t.co/o0tkOrO4

[2012-06-13] - 08:28:33 - Microsoft fixed 28 vulnerabilities including our IE 0day flaw exploited at pwn2own. High-priority fixes are MS12-036 (RDP) MS12-037 (IE)

[2012-06-13] - 08:28:33 - ALERT - A 0day exploit taking advantage of an unpatched Windows / Office vuln is being exploited in the wild http://t.co/rjgC1hZD

[2012-06-12] - 14:57:16 - RT @cBekrar: Flash sandbox for Firefox is definitely much more hardened and more restrictive than Flash for Chrome-IE. Very challenging...

[2012-06-10] - 13:03:00 - Adobe Flash v11.3.300.257 for Firefox is now sandboxed like Flash for Chrome and for IE http://t.co/E1ouMvna

[2012-06-08] - 11:00:19 - Upcoming Microsoft patch day should fix our IE9 0day exploit used at Pwn2own, other fixes are for Windows Office http://t.co/wPllMSh9

[2012-05-16] - 16:57:12 - Google fixed vulns in Chrome including use-after-free memory corruptions http://t.co/WZNusNls Restart Chrome to get it updated #simple

[2012-05-08] - 08:33:39 - Apple released iOS 5.1.1 for iPhone/iPod/iPad to fix Safari/WebKit remote code execution and addr spoofing vulns http://t.co/PdQkSzh8 #iOS

[2012-05-05] - 00:40:39 - A zero-day exploit affecting Adobe Flash was discovered in the wild, emergency patch released by Adobe http://t.co/cfyIZtMI Update asap!

[2012-03-22] - 21:53:32 - Google fixed multiple code execution vulnerabilities in Chrome v17.0.963.83 http://t.co/fYW1v5H6

[2012-03-14] - 17:51:59 - Mozilla fixed critical vulns in Firefox/Thunderbird/Seamonkey, including the 0day used by competitors at pwn2own http://t.co/c4QUItpS

[2012-03-14] - 01:12:56 - IE9 0day exploit we used at pwn2own is not fixed by today's MS patches as they received the details yesterday. Expect a patch in 2-3 months

[2012-03-09] - 13:33:33 - RT @ryanaraine: Pwn2Own 2012: IE 9 hacked with two 0day vulnerabilities. My story here http://t.co/EzeUe2sj

[2012-03-09] - 13:33:33 - RT @ThreatLevel: Chrome Owned by Exploits in Hacker Contests, But Google?s $1M Purse Still Safe: Team Vupen's five members demons... htt ...

[2012-03-09] - 03:45:14 - Follow pwn2own results and points live at http://t.co/lLSFigx7 and via our friends @Pwn2Own_Contest

[2012-03-09] - 03:45:14 - Remaining CVEs we are exploiting are Firefox (heap overflow, very challenging flaw) + 2 Chrome dangling pointers (not easy at all) #pwn2own

[2012-03-09] - 03:45:14 - We are going to show a new 0day pwn in 30 minutes. Get ready for the show! #pwn2own

[2012-03-09] - 03:45:14 - IE9 on Windows 7 SP1 x64 is the second browser to fall at #pwn2own. Our exploit included two 0days to fully bypass ASLR/DEP + Protected Mode

[2012-03-08] - 19:23:40 - Day2 of #pwn2own will begin in 3 hours. Our on-site exploit dev will continue we will probably show another 0day pwn. Stay tuned!

[2012-03-08] - 04:32:12 - Google Chrome is the first browser to fall at #pwn2own 2012, we pwned it using an exploit bypassing DEP/ASLR and the sandbox ! We won 32 pts

[2012-03-08] - 04:32:12 - The #pwn2own 2012 contest includes 0day pwns + on-site exploit dev for older vulns, the aim is to create exploits as fast as possible

[2012-03-08] - 04:32:12 - The first day of #pwn2own was great, we pwned all browsers: Chrome with 0day, Firefox/IE/Safari with CVEs. Thanks all for your messages!

[2012-03-05] - 19:53:51 - Google fixed many high risk vulnerabilities in Chrome before the upcoming #pwn2own competition http://t.co/3p7yWCq1

[2012-02-15] - 19:59:56 - Oracle released a security update for Java to fix critical flaws. Install patch asap or do better: uninstall Java http://t.co/tKor6oGa

[2012-02-08] - 18:32:28 - Our exploit for Sudo local root / format string vuln with bypass of FORTIFY_SOURCE ASLR should be available to BAE customers shortly

[2012-02-08] - 18:32:28 - If you're a Gov agency attending #ISSWorld in Dubai, our offensive 0days session will be held on Tuesday (pwn all browsers file readers)

[2012-01-25] - 21:18:32 - RT @cBekrar: We're still debating internally about our participation to pwn2own. If we do, we'll bring 0Ds for IE/Chrome/Safari/Firefox ...

[2012-01-24] - 19:04:41 - Google fixed 5 vulns in Chrome including a critical use-after-free in Safe Browsing navigation allowing sandbox bypass http://t.co/rU7k68Pt

[2012-01-17] - 18:11:28 - We revealed our method to exploit MS12-004 Media Player heap overflow via IE 9/8/7/6 with ASLR/DEP bypass http://t.co/4xJZujrw #YesWeShare

[2012-01-12] - 18:51:19 - We are proudly sponsoring CanSecWest 2012. Maybe we'll pwn IE+Chrome+Firefox+Safari at pwn2own or maybe we'll not #ToKillOrNotToKill0days

[2012-01-11] - 06:27:57 - Microsoft fixed 8 vulns which could allow SafeSEH bypass, remote code execution and privilege escalation http://t.co/6i4DSMXD

[2011-12-27] - 21:44:22 - A untethered jailbreak for iOS 5.0.1 was released. It uses two exploits: one in Racoon and the other in kernel. Apple should react soon...

[2011-12-25] - 23:07:22 - A critical remote root 0day vulnerability affecting FreeBSD telnetd is being exploited in the wild. Patch now! http://t.co/XALNmUvb

[2011-12-21] - 20:12:48 - We added to our offensive exploits a new government-grade 0Day for IE 9/8/7/6 on Win7/Vista/XP with ASLR/Sandbox bypass #SophisticatedPwn

[2011-12-17] - 18:55:11 - Acrobat/Reader v9.4.7 fixes the PDF U3D 0Day. Another PDF 0day (in PRC) was also in the wild. Acro X is unpatched http://t.co/bBIMJ7UL

[2011-12-09] - 19:24:09 - Glad to see that blackhats still have their sense of humor. The PDF 0-day in the wild uses a crafted U3D labeled a pwning u3d model #0day

[2011-12-09] - 19:24:09 - The 0-day vulnerability exploited by the PDF in the wild is caused by an uninitialized memory in the rt3d.dll (3D Runtime) module #pwned

[2011-12-07] - 23:59:27 - RT @cBekrar: The Adobe PDF 0-Day sample in the wild looks like it was targeting ManTech corp, a US Gov contractor, affiliated to Lockhee ...


Suivants

S'abonner au fil RSS global de la revue Twitter
Menu > Elements de la revue Twitter : - l'ensemble [tous] - par mots clé [tous] - par compte [tous] - le tagwall [voir]




SecuToolBox :

Mini-Tagwall des articles publiés sur SecuObs :

Mini-Tagwall de l'annuaire video :

Mini-Tagwall des articles de la revue de presse :

Mini-Tagwall des Tweets de la revue Twitter :