Contribuez à SecuObs en envoyant des bitcoins ou des dogecoins.
Nouveaux articles (fr): 1pwnthhW21zdnQ5WucjmnF3pk9puT5fDF
Amélioration du site: 1hckU85orcGCm8A9hk67391LCy4ECGJca

Contribute to SecuObs by sending bitcoins or dogecoins.

Chercher :
Newsletter :  


Revues :
- Presse
- Presse FR
- Vidéos
- Twitter
- Secuobs





Sommaires :
- Tendances
- Failles
- Virus
- Concours
- Reportages
- Acteurs
- Outils
- Breves
- Infrastructures
- Livres
- Tutoriels
- Interviews
- Podcasts
- Communiques
- USBsploit
- Commentaires


Revue Presse:
- Tous
- Francophone
- Par mot clé
- Par site
- Le tagwall


Top bi-hebdo:
- Ensemble
- Articles
- Revue
- Videos
- Twitter
- Auteurs


Articles :
- Par mot clé
- Par auteur
- Par organisme
- Le tagwall


Videos :
- Toutes
- Par mot clé
- Par site
- Le tagwall


Twitter :
- Tous
- Par mot clé
- Par compte
- Le tagwall


Commentaires :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours
- Livres
- Communiques


RSS/XML :
- Articles
- Commentaires
- Revue
- Revue FR
- Videos
- Twitter


RSS SecuObs :
- sécurité
- exploit
- windows
- attaque
- outil
- microsoft


RSS Revue :
- security
- microsoft
- windows
- hacker
- attack
- network


RSS Videos :
- curit
- security
- biomet
- metasploit
- biometric
- cking


RSS Twitter :
- security
- linux
- botnet
- attack
- metasploit
- cisco


RSS Comments :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours
- Livres
- Communiques


RSS OPML :
- Français
- International











Revue de presse francophone :
- Appaloosa AppDome nouent un partenariat pour accompagner les entreprises dans le déploiement et la protection des applications mobiles
- D-Link offre une avec un routeur VPN sans fil AC
- 19 mai Paris Petit-Déjeuner Coreye Développer son business à l'abri des cyberattaques
- POYNTING PRESENTE LA NOUVELLE ANTENNE OMNI-291, SPECIALE MILIEU MARITIME, CÔTIER ET MILIEU HUMIDE
- Flexera Software Les utilisateurs français de PC progressent dans l'application de correctifs logiciels, mais des défis de tailles subsistent
- Riverbed lance SD-WAN basé sur le cloud
- Fujitsu multi-récompensé VMware lui décerne plusieurs Partner Innovation Awards à l'occasion du Partner Leadership Summit
- Zscaler Private Access sécuriser l'accès à distance en supprimant les risques inhérents aux réseaux privés virtuels
- QNAP annonce la sortie de QTS 4.2.1
- Une enquête réalisée par la société de cyber sécurité F-Secure a décelé des milliers de vulnérabilités graves, potentiellement utilisables par des cyber criminels pour infiltrer l'infrastru
- Trouver le juste équilibre entre une infrastructure dédiée et cloud le dilemme de la distribution numérique
- 3 juin - Fleurance - Cybersécurité Territoires
- Cyber-assurances Seules 40 pourcents des entreprises françaises sont couvertes contre les violations de sécurité et les pertes de données
- Des étudiants de l'ESIEA inventent CheckMyHTTPS un logiciel qui vérifie que vos connexions WEB sécurisées ne sont pas interceptées
- Les produits OmniSwitch d'Alcatel-Lucent Enterprise ALE gagnent en sécurité pour lutter contre les cyber-attaques modernes

Dernier articles de SecuObs :
- DIP, solution de partage d'informations automatisée
- Sqreen, protection applicative intelligente de nouvelle génération
- Renaud Bidou (Deny All): "L'innovation dans le domaine des WAFs s'oriente vers plus de bon sens et d'intelligence, plus de flexibilité et plus d'ergonomie"
- Mises à jour en perspective pour le système Vigik
- Les russes ont-ils pwn le système AEGIS ?
- Le ministère de l'intérieur censure une conférence au Canada
- Saut d'air gap, audit de firmware et (in)sécurité mobile au programme de Cansecwest 2014
- GCHQ: Le JTRIG torpille Anonymous qui torpille le JTRIG (ou pas)
- #FIC2014: Entrée en territoire inconnu
- Le Sénat investit dans les monnaies virtuelles

Revue de presse internationale :
- VEHICLE CYBERSECURITY DOT and Industry Have Efforts Under Way, but DOT Needs to Define Its Role in Responding to a Real-world Attack
- Demand letter served on poll body over disastrous Comeleak breach
- The Minimin Aims To Be The Simplest Theremin
- Hacking group PLATINUM used Windows own patching system against it
- Hacker With Victims in 100 Nations Gets 7 Years in Prison
- HPR2018 How to make Komboucha Tea
- Circuit Bender Artist bends Fresnel Lens for Art
- FBI Director Suggests iPhone Hacking Method May Remain Secret
- 2016 Hack Miami Conference May 13-15, 2016
- 8-bit Video Wall Made From 160 Gaming Keyboards
- In An Era Of Decline, News Sites Can t Afford Poor Web Performance
- BeautifulPeople.com experiences data breach 1m affected
- Swedish Air Space Infringed, Aircraft Not Required
- Why cybercriminals attack healthcare more than any other industry
- Setting the Benchmark in the Network Security Forensics Industry

Annuaire des videos
- FUZZING ON LINE PART THREE
- Official Maltego tutorial 5 Writing your own transforms
- Official Maltego tutorial 6 Integrating with SQL DBs
- Official Maltego tutorial 3 Importing CSVs spreadsheets
- install zeus botnet
- Eloy Magalhaes
- Official Maltego tutorial 1 Google s websites
- Official Maltego tutorial 4 Social Networks
- Blind String SQL Injection
- backdoor linux root from r57 php shell VPS khg crew redc00de
- How To Attaque Pc With Back Track 5 In Arabique
- RSA Todd Schomburg talks about Roundup Ready lines available in 2013
- Nessus Diagnostics Troubleshooting
- Panda Security Vidcast Panda GateDefender Performa Parte 2 de 2
- MultiPyInjector Shellcode Injection

Revue Twitter
- RT @fpalumbo: Cisco consistently leading the way ? buys vCider to boost its distributed cloud vision #CiscoONE
- @mckeay Looks odd... not much to go on (prob some slideshow/vid app under Linux)
- [SuggestedReading] Using the HTML5 Fullscreen API for Phishing Attacks
- RT @BrianHonan: Our problems are not technical but cultural. OWASP top 10 has not changed over the years @joshcorman #RSAC
- RT @mikko: Wow. Apple kernels actually have a function called PE_i_can_has_debugger:
- [Blog Spam] Metasploit and PowerShell payloads
- PinkiePie Strikes Again, Compromises Google Chrome in Pwnium Contest at Hack in the Box: For the second time thi...
- @mikko @fslabs y'all wldn't happen to have lat/long data sets for other botnets, wld you? Doing some research (free/open info rls when done)
- RT @nickhacks: Want to crash a remote host running Snow Leopard? Just use: nmap -P0 -6 --script=targets-ipv6-multicast-mld #wishiwaskidding
- An inexpensive proxy service called is actually a front for #malware distribution -

Mini-Tagwall
Revue de presse : security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone

+ de mots clés pour la revue de presse

Annuaires des videos : curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit

+ de mots clés pour les videos

Revue Twitter : security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall

+ de mots clés pour la revue Twitter

Top bi-hebdo des articles de SecuObs
- [Ettercap – Partie 2] Ettercap par l'exemple - Man In the Middle et SSL sniffing
- [Infratech - release] version 0.6 de Bluetooth Stack Smasher
- [IDS Snort Windows – Partie 2] Installation et configuration
- [Infratech - vulnérabilité] Nouvelle version 0.8 de Bluetooth Stack Smasher
- Mises à jour en perspective pour le système Vigik
- USBDumper 2 nouvelle version nouvelles fonctions !
- EFIPW récupère automatiquement le mot de passe BIOS EFI des Macbook Pro avec processeurs Intel
- La sécurité des clés USB mise à mal par USBDUMPER
- Une faille critique de Firefox expose les utilisateurs de Tor Browser Bundle
- Installation sécurisée d'Apache Openssl, Php4, Mysql, Mod_ssl, Mod_rewrite, Mod_perl , Mod_security

Top bi-hebdo de la revue de presse
- StackScrambler and the Tale of a Packet Parsing Bug

Top bi-hebdo de l'annuaire des videos
- DC++ Botnet. How To DDos A Hub With Fake IPs.
- Comment creer un server botnet!!!!(Réseau de pc zombies)
- Defcon 14 Hard Drive Recovery Part 3

Top bi-hebdo de la revue Twitter
- RT @secureideas: I believe that all the XSS flaws announced are fixed in CVS. Will test again tomorrow if so, release 1.4.3. #BASESnort
- Currently, we do not support 100% of the advanced PDF features found in Adobe Reader... At least that's a good idea.
- VPN (google): German Foreign Office Selects Orange Business for Terrestrial Wide: Full
- @DisK0nn3cT Not really, mostly permission issues/info leak...they've had a couple of XSS vulns but nothing direct.
- Swatting phreaker swatted and heading to jail: A 19-year-old American has been sentenced to eleven years in pris..
- RT @fjserna You are not a true hacker if the calc.exe payload is not the scientific one... infosuck.org/0x0035.png

Top des articles les plus commentés
- [Metasploit 2.x – Partie 1] Introduction et présentation
- Microsoft !Exploitable un nouvel outil gratuit pour aider les développeurs à évaluer automatiquement les risques
- Webshag, un outil d'audit de serveur web
- Les navigateurs internet, des mini-systèmes d’exploitation hors de contrôle ?
- Yellowsn0w un utilitaire de déblocage SIM pour le firmware 2.2 des Iphone 3G
- CAINE un Live[CD|USB] pour faciliter la recherche légale de preuves numériques de compromission
- Nessus 4.0 placé sous le signe de la performance, de l'unification et de la personnalisation
- [Renforcement des fonctions de sécurité du noyau Linux – Partie 1] Présentation
- [IDS Snort Windows – Partie 1] Introduction aux IDS et à SNORT
- Origami pour forger, analyser et manipuler des fichiers PDF malicieux

Les Tweets pour jeremiahg

Si vous voulez bloquer un compte Twitter ou nous en proposer un

Menu > Elements de la revue Twitter : - l'ensemble [tous] - par mots clé [tous] - par compte [tous] - le tagwall [voir]

S'abonner au fil RSS global de la revue Twitter


Suivants


Les Tweets filtrés pour "jeremiahg" (2044 résultats)
S'abonner au fil RSS SecuObs pour le compte Twitter jeremiahg


[2012-10-10] - 05:31:04 - Using the HTML5 Fullscreen API for Phishing Attacks http://t.co/OAKFjKAq oh damn! that looks really good!

[2012-10-09] - 07:56:22 - I'm hangin' out at #HITB2012KUL with Paul Vixie John Draper (aka Captain Crunch). Wonder if they know what XSS is. ;)

[2012-10-06] - 12:59:37 - The timing of all this DNT controversy could not be better for my HiTB preso http://t.co/uXRYFWC3

[2012-10-06] - 12:59:37 - My PoC code is uses nothing but Perl for the back-end and Javascript / Dojo Toolkit for the front-end. Returning to my WebDev roots! ;)

[2012-10-05] - 07:55:48 - RT @Jabra: @kjhiggins logic flaws, design flaws and misconfigurations are better than 0days IMO. 0days have a limited lifespan. +1

[2012-10-04] - 12:30:42 - RT @appsecusa: 58 sessions, 3 keynotes and 144 hours of training at OWASP AppSec USA - http://t.co/GpwAutq5 + quality over quantity.

[2012-10-03] - 21:28:46 - RT @biosshadow: ?@ethicalhack3r: Analysis of Dom Xss vuln in a Facebook Like Button - http://t.co/8ZafJJ3S

[2012-10-03] - 21:28:46 - RT @pdp: Anyone can recommend public incidents/hacks which involved a XSS vulnerability? Twitter worm, Samy worm, http://t.co/Gr2uNrBQ

[2012-10-03] - 21:28:46 - RT @csima: Ugh webinspect sucks. Where's the innovation?! HP and innovation don't exactly mix, but of course you knew that already.

[2012-10-02] - 17:37:32 - Netcraft's SSL Survey found 2.3 million distinct, valid 3rd-party certs being used by HTTPS websites in Oct. http://t.co/ShcB9KJ0

[2012-10-02] - 09:49:53 - @scarybeasts Yes. Browsers stop allowing websites on non-RFC 1918 networks from issuing requests to RFC-1918 hosts. Kills off CSRF attack.

[2012-10-02] - 09:49:53 - @fcassia does the router not control all the network routes? whatever your DNS resolves to, the router can MiTM whatever correct?

[2012-09-27] - 21:51:04 - New Java Vuln Found Affecting ver 5, 6, 7 SE http://t.co/QRoJPjzj I once had a concept called 'painful disclosure'...

[2012-09-27] - 21:51:04 - ?apparently its being used against Sun. 0day a software product. Watch vendor run around for a while. When they patch, drop another, repeat.

[2012-09-27] - 21:51:04 - RT @scarybeasts: @jeremiahg I don't see any 0day actually dropped. Assuming I didn't miss anything, that would turn the whole exercise i ...

[2012-09-27] - 21:51:04 - RT @robertauger: Are Java 0day's even news anymore? #java ahaha. just the mornings given.

[2012-09-27] - 21:51:04 - @ericwheeler ...end of a free Internet and a crippling blow to the tech industry? Well, Im impressed. DNT could do what DDoS never could!

[2012-09-27] - 21:51:04 - RT @WeldPond: Bypass IE XSS filters (translated from Japanese) http://t.co/P3zBfZ0F HT @_wirepair

[2012-09-27] - 21:51:04 - IMHO, if a system suffers a disruption due to DDoS, that's a strong indication that it could not be easily hacked directly.

[2012-09-27] - 21:51:04 - Vandals break into congressman's office, install Linux on PCs http://t.co/iKNYkS8d cmon, this story can't be real

[2012-09-27] - 21:51:04 - @jerryhoff rocks it w/ another great OWASP Tutorial video. This time, its all about Strict Transport Security http://t.co/8tC5lgR9

[2012-09-22] - 05:56:41 - RT @RSnake: Finally got around to donating XSS cheat sheet to @OWASP http://t.co/YzTEL9MJ now if only combined: http://t.co/RpCRPbmN

[2012-09-20] - 05:34:23 - Though SDL advocates have shown the cost benefits of catching vulns before apps go live http://t.co/lASz52nL they have?

[2012-09-20] - 05:34:23 - My Pwn2Own wish is for the organizers to target A/V software in addition to OS's and Web browsers next year.

[2012-09-20] - 05:34:23 - @scarybeasts hahah, tell ya what. If this launches, I'll personally put up the first $1,000 for an A/V pwn2own bounty.

[2012-09-20] - 05:34:23 - ?Do Not Track?: Google Chrome Joins In http://t.co/FzogsISC I'm impressed. never thought we'd see it.

[2012-09-20] - 05:34:23 - RT @scarybeasts: Ok, $1k of mine too :) For max lulz / impact, challenge is: demo Chrome pwn _introed_ by AV install. oh, that's good!

[2012-09-19] - 06:09:01 - Want to vote in the upcoming OWASP Board election? Then you MUST register or apply for Honorary Membership by Sep 30th http://t.co/MNGYmddE

[2012-09-18] - 07:36:42 - RT @WeldPond: Phonetic attack commands crash bank phone lines. Blind SQLi buffer overflows http://t.co/UPQ0evjz HT @_wirepair

[2012-09-17] - 11:37:01 - @dguido @agelastic XSS is not so much about dataloss. Recall the million profiles infected by the MySpace worm, or one of the Twitter worms.

[2012-09-17] - 11:37:01 - @agelastic @dguido true for worms, but reflected XSS also used for acct takeover. PayPal: http://t.co/hp3Xse1F Apache: http://t.co/oIhoAlNp

[2012-09-17] - 11:37:01 - @dguido @agelastic trying to convey canary in the coal mine. I dont think we should have to wait until the mass hacks come to clean up xss.

[2012-09-17] - 11:37:01 - @agelastic @dguido IMHO, attackers shift to whatever is easiest. Still enough SQLi for attackers to mostly ignore other web-based vulns.

[2012-09-17] - 11:37:01 - @biosshadow con is a strong word. perhaps those infosec vendors are as equally uninformed as their customers.

[2012-09-16] - 23:06:50 - @rasmus XSS in the CSP? Not sure I follow...

[2012-09-16] - 23:06:50 - @dakami didn't DEVs make that jump from C/C++ to [memory] managed languages like C# Java? security was taken care of for them.

[2012-09-16] - 23:06:50 - @0x6D6172696F OTOH, making sure webapps have no CSRF, XSS, etc is extremely expensive. Perhaps managing default-deny CSP is cheaper.

[2012-09-15] - 07:04:33 - @_Joe_Davis_ when CAPTCHA is not an option, alternatives are out-of-band confirmation. Like email or SMS. Or in-band w/ password submission.

[2012-09-14] - 21:11:43 - @BrendanEich as an attacker, ideally I want all of them. technically you cant get 'all' in Chrome, but you can test for hundreds in moments.

[2012-09-14] - 21:11:43 - In IE, a website can detect what browser is set to default (via document.mimeType). Cant find a way to apply technique to Chrome/Firefox.

[2012-09-14] - 09:27:41 - New blog post: CRIME, MiTM, and XSS http://t.co/36SDEr5h I think I got all the details right. Highly nuanced area of Web security.

[2012-09-14] - 09:27:41 - Just installed the latest version of Apache (2.4.3). What do I find in the httpd.conf? BrowserMatch MSIE 10.0; bad_DNT

[2012-09-14] - 09:27:41 - RT @gepeto42: @jeremiahg yep. 1999 me wouldn?t believe this(MS enabling DNT, Apache fighting it as it?s not user selected) twilight zone

[2012-09-14] - 09:27:41 - Interesting. In Chrome a web page can detect what extensions, like AdBlock, a user has added using the chrome-extension:// trick.

[2012-09-13] - 23:47:49 - Crack in Internet's foundation of trust allows HTTPS session hijacking http://t.co/VjulZjtZ I read the 1st line and thought, XSS!

[2012-09-13] - 23:47:49 - If an attacker wants to MitM a user on an https connection, there two option for html injection:

[2012-09-13] - 23:47:49 - 1) Inject JS in any non-ssl requests sent to that domain. 2) locate an xss in the target, exploit via iframe, inject in ANY non-ssl request.

[2012-09-13] - 23:47:49 - @julianor need to double-check. with respect to CRIME, must the attacker be positioned on the network in order to sniff / mitm the user?

[2012-09-13] - 11:33:59 - I'm also strangely curious what these new rules are going to be. Anyone want to bet they are going to start with firewalls and anti-virus?

[2012-09-12] - 06:45:13 - Netcraft Sep 2012 Web Server Survey: 620,132,319 sites http://t.co/UvBuIbDp Amazon dubbed world's largest hosting location

[2012-09-12] - 06:45:13 - @0xcharlie We want the iPhone5 zero-day now! We don't want to hear your excuse that it's not out until the end of the year.

[2012-09-11] - 10:33:21 - Apache webserver updated to ignore Do Not Track settings in IE 10 http://t.co/0RMbP00B this ongoing 'fight' is sooooo much fun to watch


Suivants


S'abonner au fil RSS global de la revue Twitter

Menu > Elements de la revue Twitter : - l'ensemble [tous] - par mots clé [tous] - par compte [tous] - le tagwall [voir]




SecuToolBox :

Mini-Tagwall des articles publiés sur SecuObs :

Mini-Tagwall de l'annuaire video :

Mini-Tagwall des articles de la revue de presse :

Mini-Tagwall des Tweets de la revue Twitter :