Sécurité


Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 476

Hackers | Fabricants | Magazines | Virus / Malware



Schneier

IT Security
Erreur: Il y a un erreur avec ce flux.

TAO Security

    • Know Your Limitations 29 mai 2019
      At the end of the 1973 Clint Eastwood movie Magnum Force, after Dirty Harry watches his corrupt police captain explode in a car, he says « a man’s got to know his limitations. »I thought of this quote today as the debate rages about compromising municipalities and other information technology-constrained yet personal information-rich organizations.Several years ago I wrote If You Can’t Protect It, D …

    • Dissecting Weird Packets 9 mai 2019
      I was investigating traffic in my home lab yesterday, and noticed that about 1% of the traffic was weird. Before I describe the weird, let me show you a normal frame for comparison’s sake.This is a normal frame with Ethernet II encapsulation. It begins with 6 bytes of the destination MAC address, 6 bytes of the source MAC address, and 2 bytes of an Ethertype, which in this case is 0x0800, indicati …

    • Troubleshooting NSM Virtualization Problems with Linux and VirtualBox 8 avril 2019
      I spent a chunk of the day troubleshooting a network security monitoring (NSM) problem. I thought I would share the problem and my investigation in the hopes that it might help others. The specifics are probably less important than the general approach.It began with ja3. You may know ja3 as a set of Zeek scripts developed by the Salesforce engineering team to profile client and server TLS paramete …

    • Thoughts on OSSEC Con 2019 28 mars 2019
      Last week I attended my first OSSEC conference. I first blogged about OSSEC in 2007, and wrote other posts about it in the following years.OSSEC is a host-based intrusion detection and log analysis system with correlation and active response features. It is cross-platform, such that I can run it on my Windows and Linux systems. The moving force behind the conference was a company local to me calle …

    • Thoughts on Cloud Security 13 mars 2019
      Recently I’ve been reading about cloud security and security with respect to DevOps. I’ll say more about the excellent book I’m reading, but I had a moment of déjà vu during one section.The book described how cloud security is a big change from enterprise security because it relies less on IP-address-centric controls and more on users and groups. The book talked about creating security groups, and …

    • Forcing the Adversary to Pursue Insider Theft 9 février 2019
      Jack Crook pointed me toward a story by Christopher Burgess about intellectual property theft by « Hongjin Tan, a 35 year old Chinese national and U.S. legal permanent resident… [who] was arrested on December 20 and charged with theft of trade secrets. Tan is alleged to have stolen the trade secrets from his employer, a U.S. petroleum company, » according to the criminal complaint f …

    • Fixing Virtualbox RDP Server with DetectionLab 29 janvier 2019
      Yesterday I posted about DetectionLab, but noted that I was having trouble with the RDP servers offered by Virtualbox. If you remember, DetectionLab builds four virtual machines:root@LAPTOP-HT4TGVCP C:\Users\root> »c:\Program Files\Oracle\VirtualBox\VBoxManage » list runningvms »logger » {3da9fffb-4b02-4e57-a592-dd2322f14245} »dc.windomain.local » {ef32d493-845c-45dc-aff7-3a86d9c590cd} »wef.windomain. …

    • Trying DetectionLab 28 janvier 2019
      Many security professionals run personal labs. Trying to create an environment that includes fairly modern Windows systems can be a challenge. In the age of « infrastructure as code, » there should be a simpler way to deploy systems in a repeatable, virtualized way — right?Enter DetectionLab, a project by Chris Long. Briefly, Chris built a project that uses Packer and Vagrant to create an instrumen …

    • Happy 16th Birthday TaoSecurity Blog 8 janvier 2019
      Today, 8 January 2019, is TaoSecurity Blog’s 16th birthday! This is also my 3,041st blog post.I wrote my first post on 8 January 2003 while working as an incident response consultant for Foundstone.Here are a few statistics on the blog. Blogger started providing statistics in May 2010, so these apply to roughly the past 9 years only.As of today, since May 2010 the blog has nearly 9.4 million all t …

    • Notes on Self-Publishing a Book 31 décembre 2018
      In this post I would like to share a few thoughts on self-publishing a book, in case anyone is considering that option.As I mentioned in my post on burnout, one of my goals was to publish a book on a subject other than cyber security. A friend from my Krav Maga school, Anna Wonsley, learned that I had published several books, and asked if we might collaborate on a book about stretching. …