Sécurité


Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 476

Hackers | Fabricants | Magazines | Virus / Malware



Schneier

IT Security
Erreur: Il y a un erreur avec ce flux.

TAO Security

    • Five Thoughts on the Internet Freedom League 13 septembre 2019
      In the September/October issue of Foreign Affairs magazine, Richard Clarke and Rob Knake published an article titled « The Internet Freedom League: How to Push Back Against the Authoritarian Assault on the Web, » based on their recent book The Fifth Domain. The article proposes the following:The United States and its allies and partners should stop worrying about the risk of authoritarians splitting …

    • Happy Birthday TaoSecurity.com 1 juillet 2019
      Nineteen years ago this week I registered the domain taosecurity.com:Creation Date: 2000-07-04T02:20:16ZThis was 2 1/2 years before I started blogging, so I don’t have much information from that era. I did create the first taosecurity.com Web site shortly thereafter.I first started hosting it on space provided by my then-ISP, Road Runner of San Antonio, TX. According to archive.org, it looked like …

    • Reference: TaoSecurity Press 1 juillet 2019
      I started appearing in media reports in 2000. I used to provide this information on my Web site, but since I don’t keep that page up-to-date anymore, I decided to publish it here. As of 2017, Mr. Bejtlich generally declines press inquiries on cybersecurity matters, including those on background.2016Mr. Bejtlich was cited in the Forture story Meet the US’s First Ever Cyber Chief, published 8 Septem …

    • Reference: TaoSecurity Research 1 juillet 2019
      I started publishing my thoughts and findings on digital security in 1999. I used to provide this information on my Web site, but since I don’t keep that page up-to-date anymore, I decided to publish it here.2015 and later: Please visit Academia.edu for Mr. Bejtlich’s most recent research.2014 and earlier: Seven Tips for Small Business Security, in the Huffington Post, 18 June 2014Strategy, Not Sp …

    • Reference: TaoSecurity News 1 juillet 2019
      I started speaking publicly about digital security in 2000. I used to provide this information on my Web site, but since I don’t keep that page up-to-date anymore, I decided to publish it here.2017 Mr. Bejtlich led a podcast titled Threat Hunting: Past, Present, and Future, in early July 2017. He interviewed four of the original six GE-CIRT incident handlers. The audio is posted on YouTube. Thank …

    • Know Your Limitations 29 mai 2019
      At the end of the 1973 Clint Eastwood movie Magnum Force, after Dirty Harry watches his corrupt police captain explode in a car, he says « a man’s got to know his limitations. »I thought of this quote today as the debate rages about compromising municipalities and other information technology-constrained yet personal information-rich organizations.Several years ago I wrote If You Can’t Protect It, D …

    • Dissecting Weird Packets 9 mai 2019
      I was investigating traffic in my home lab yesterday, and noticed that about 1% of the traffic was weird. Before I describe the weird, let me show you a normal frame for comparison’s sake.This is a normal frame with Ethernet II encapsulation. It begins with 6 bytes of the destination MAC address, 6 bytes of the source MAC address, and 2 bytes of an Ethertype, which in this case is 0x0800, indicati …

    • Troubleshooting NSM Virtualization Problems with Linux and VirtualBox 8 avril 2019
      I spent a chunk of the day troubleshooting a network security monitoring (NSM) problem. I thought I would share the problem and my investigation in the hopes that it might help others. The specifics are probably less important than the general approach.It began with ja3. You may know ja3 as a set of Zeek scripts developed by the Salesforce engineering team to profile client and server TLS paramete …

    • Thoughts on OSSEC Con 2019 28 mars 2019
      Last week I attended my first OSSEC conference. I first blogged about OSSEC in 2007, and wrote other posts about it in the following years.OSSEC is a host-based intrusion detection and log analysis system with correlation and active response features. It is cross-platform, such that I can run it on my Windows and Linux systems. The moving force behind the conference was a company local to me calle …

    • Thoughts on Cloud Security 13 mars 2019
      Recently I’ve been reading about cloud security and security with respect to DevOps. I’ll say more about the excellent book I’m reading, but I had a moment of déjà vu during one section.The book described how cloud security is a big change from enterprise security because it relies less on IP-address-centric controls and more on users and groups. The book talked about creating security groups, and …