via Dark Reading: http://ubm.io/1E30yLi
vendredi 27 février 2015
5 Ways To Prepare For IoT Security Risks
via Dark Reading: http://ubm.io/1E30yLi
5 New Vulnerabilities Uncovered In SAP
via Dark Reading: http://ubm.io/1AfGldT
Black Hat Asia 2015: Target: Malware
via Dark Reading: http://ubm.io/1E30tY8
Jetty vulnerable a des attaques de type #heartbleed http://bit.ly/1E31gbm #appsec #appsecfr #lk #owasp
Jetty vulnerable a des attaques de type #heartbleed http://bit.ly/1E31gbm #appsec #appsecfr #lk #blog #owasp
— Sebastien Gioria (@SPoint) February 27, 2015
from Twitter http://bit.ly/1m3TwNH
February 27, 2015 at 10:58AM
via IFTTT
jeudi 26 février 2015
WebRTC requires Perfect Forward Secrecy (PFS) starting in Firefox 38
via Mozilla Hacks - the Web developer blog http://mzl.la/1ESxYJJ
Using Google Cloud Platform for Security Scanning
via Google Online Security Blog http://bit.ly/1and6AQ
Google Expands Pwnium Year Round With Infinite Bounty
via Darknet - The Darkside http://bit.ly/1andGyC
What Every Tech Startup Should Know About Security, Privacy, and Compliance
via SANS Information Security Reading Room http://bit.ly/1ESxi6W
12 caractères qu on vous dit !!!!! : Passwords that Pass the Test" http://bit.ly/1JPbuja #lk #appsecfr #appsec #owasp
12 caractères qu on vous dit !!!!! : Passwords that Pass the Test" http://bit.ly/1JPbuja #blog #lk #appsecfr #appsec #owasp
— Sebastien Gioria (@SPoint) February 26, 2015
from Twitter http://bit.ly/1m3TwNH
February 26, 2015 at 07:40AM
via IFTTT
Vol de données : modification de l’article 323-3 du Code pénal
via Lexing Alain Bensoussan Avocats http://bit.ly/1ESoFJP
mardi 24 février 2015
Introducing Cyber Risk Report 2015
The entire HP Security Research team is pleased to announce the release of our annual Cyber Risk Report, a recap of what mattered in 2014 and where we believe the infosecurity world is heading in 2015.
via HP Security Research Blog articles http://bit.ly/1DiasFX
lundi 23 février 2015
Une belle vulnérabilité dans #samba http://bit.ly/1w3ZFdv #appsec #appsecfr #lk #blog
Une belle vulnérabilité dans #samba http://bit.ly/1w3ZFdv #appsec #appsecfr #lk #blog
— Sebastien Gioria (@SPoint) February 23, 2015
from Twitter http://bit.ly/1m3TwNH
February 23, 2015 at 10:41PM
via IFTTT
Google assouplit les regles de divulgation des failles 0days http://bit.ly/1Bgbe97 #appsec #appsecfr #security #blog #lk
Google assouplit les regles de divulgation des failles 0days http://bit.ly/1Bgbe97 #appsec #appsecfr #security #blog #lk
— Sebastien Gioria (@SPoint) February 23, 2015
from Twitter http://bit.ly/1m3TwNH
February 23, 2015 at 10:38PM
via IFTTT
gemalto n avoue pas s être fait pirate par la nsa
http://bit.ly/1BeaZLy #gemalto n avoue pas s être fait pirate par la nsa #hack #appsec #appsecfr #blog #lk
— Sebastien Gioria (@SPoint) February 23, 2015
from Twitter http://bit.ly/1m3TwNH
February 23, 2015 at 05:08PM
via IFTTT
Verifier que votre #lenovo est ou n est pas infecte par #superfish http://bit.ly/1weSLHU #appsec #appsecfr #blog #lk
Verifier que votre #lenovo est ou n est pas infecte par #superfish http://bit.ly/1weSLHU #appsec #appsecfr #blog #lk
— Sebastien Gioria (@SPoint) February 23, 2015
from Twitter http://bit.ly/1m3TwNH
February 23, 2015 at 07:03AM
via IFTTT
100% of IoT are vulnerables http://bit.ly/1w0J5v2 #iot #appsec #appsecfr #lk #blog #security #securite
100% of IoT are vulnerables http://bit.ly/1w0J5v2 #iot #appsec #appsecfr #lk #blog #security #securite
— Sebastien Gioria (@SPoint) February 23, 2015
from Twitter http://bit.ly/1m3TwNH
February 23, 2015 at 06:56AM
via IFTTT
samedi 21 février 2015
"Lenovo accusé d’infecter ses propres PC. Le protocole sécurisé SSL aurait été atteint. (20/02/2015)" http://bit.ly/1Ge6KOy #blog
"Lenovo accusé d’infecter ses propres PC. Le protocole sécurisé SSL aurait été atteint. (20/02/2015)" http://bit.ly/1Ge6KOy #blog
— Sebastien Gioria (@SPoint) February 21, 2015
from Twitter http://bit.ly/1m3TwNH
February 21, 2015 at 09:45AM
via IFTTT
Pourquoi la securite des applications est critique
Tout est dans la phrase que l on voit la.....
La confiance dans l application dans notre économie est critique aujourd'hui.
Il n y a pas un seul endroit sans application et donc sans logiciel....
lundi 16 février 2015
OWASP SonarQube Project milestones update
6 months ago we start OWASP Sonarqube project with SonarSource. It's time to make a review of our achievements.
- We(Advens and SonarSource) start the project for Java Langage
- We have , actually, approximatively 40 rules tags OWASP Top10 in Sonarqube plugins. See : http://jira.sonarsource.com/browse/RSPEC-2588?jql=labels%20%3D%20owasp-top10
- We are in the process to have a widget for making a dashboard in Sonar.
- We have presented the project to 2 conferences (http://fr.slideshare.net/Eagle42/analyser-la-scurit-de-son-code-source-avec-sonarsource) and one other is plan in end of March.
- Last but not least, we NEED your feedback, the rules you want to implements and more.
Any contributor is highly welcome to participate to this community effort and participating is pretty easy :
- Each idea of a new potential valuable check should be sent to this project mailing list.
- Then some discussions might start to challenge the idea
- At the end of discussions, a specification of the check is created in the following JIRA project by one of the leader of this project : http://jira.sonarsource.com/browse/RSPEC.
- To suggest a rule, send as much as possible from the following list:
- description - What should be done/not done, and why
- noncompliant code example in the language of your choice
- remediation action - This can be as simple as "Don't do X."