Security-X

Forum Security-X => News => Résumés des actualités de la semaine => Discussion démarrée par: hyunkel30 le novembre 16, 2012, 11:32:17

Titre: News du 08/11 au 14/11
Posté par: hyunkel30 le novembre 16, 2012, 11:32:17
Voici un post récapitulant l'actualité qui nous a parue importante durant cette semaine ... ;)


Sécurité Informatique


Malwarebyte's sort un anti-rootkit en version bêta : :
Malwarebytes Anti-Rootkit – MBAR (Beta) (http://www.malekal.com/2012/11/11/malwarebytes-anti-rootkit-mbar-beta)

Les sites d’hameçonnage Twitter : :
A Quick Look at the Twitter Phish Rotating through Domains (http://www.securelist.com/en/blog/208193929/A_Quick_Look_at_the_Twitter_Phish_Rotating_through_Domains)

Les rogues et autres scam sur Windows 8 :
Windows 8: there’s more to security than the Operating System (http://blog.eset.com/2012/11/05/windows-8-theres-more-to-security-than-the-operating-system)

Les risques de sécurité dans les entreprises, le facteur humain et le facteur matériel :
HR departments at risk of malware infection after unemployment benefits email spammed out (http://nakedsecurity.sophos.com/2012/11/09/hr-malware-unemployment)
Ignore Supply Chain Security and Risk Management at Your Peril (http://threatpost.com/en_us/blogs/ignore-supply-chain-security-and-risk-management-your-peril-110912)

Les scams et phishings se mettent à jour :
Lottery fraudsters freshen up their repertoire (http://www.securelist.com/en/blog/773/Lottery_fraudsters_freshen_up_their_repertoire)
Les mordus de Twilight victimes d’une escroquerie (http://www.malwarecity.fr/blog/les-mordus-de-twilight-victimes-dune-escroquerie-1262.html)

La faille Java fait encore parler d'elle :
New Java Attack Introduced into Cool Exploit Kit (http://threatpost.com/en_us/blogs/new-java-attack-introduced-cool-exploit-kit-111212)

Un Hacker patron d'une firme de sécurité :
Infamous Hacker Heading Chinese Antivirus Firm? (https://krebsonsecurity.com/2012/11/infamous-hacker-heading-chinese-antivirus-firm/)

Lançant des attaques DDoS pour promouvoir son entreprise, il fini en prison :
DDoS marketing stunt backfires, entrepreneur jailed for nine months (http://nakedsecurity.sophos.com/2012/11/12/ddos-marketing-stunt)

Interview d'Eugène Kaspersky sur les risques lié aux médias sociaux et vidéo de démonstration pour Facebook :
Social Media Q&A With Eugene Kaspersky (http://threatpost.com/en_us/blogs/social-media-qa-eugene-kaspersky-111312)
How-To Video: Facebook Privacy (http://threatpost.com/en_us/blogs/how-video-facebook-privacy-111312)

Plusieurs papiers sur divers bot, rogue, ransomware et autres malwares du moment :
Ransomware: A Growing Menace (http://www.symantec.com/connect/blogs/ransomware-growing-menace)
HTTPS, SSL No Match for PASSTEAL Malware (http://blog.trendmicro.com/trendlabs-security-intelligence/https-ssl-no-match-for-passteal-malware)
DaRK DDoSseR Leads to Gh0st RAT (http://blog.trendmicro.com/trendlabs-security-intelligence/dark-ddosser-leads-to-gh0st-rat)
Ransomware Scams Netting Criminals Up To $33,000 a Day (http://threatpost.com/en_us/blogs/ransomware-scams-netting-criminals-33000-day-110812)
All copy and paste makes Jack a bored boy (http://blogs.technet.com/b/mmpc/archive/2012/10/31/all-copy-and-paste-makes-jack-a-bored-boy.aspx)
Lollipop Adware et Vittalia Installer (http://www.malekal.com/2012/11/07/lollipop-adware-et-vittalia-installer/)
Probing the Gozi-Prinimalka Campaign (http://blog.trendmicro.com/trendlabs-security-intelligence/probing-the-gozi-prinimalka-malware/)
Wauchos Warhorse rides again (http://blog.eset.com/2012/11/08/wauchos-warhorse-gallops-again)
Don't fall for Folstart (http://blogs.technet.com/b/mmpc/archive/2012/11/13/don-t-fall-for-folstart.aspx)
Backdoor.Nucleroot/Win32.Umbald.A (Umbra Loader) (http://www.xylibox.com/2012/11/backdoornuclerootwin32umbalda-umbra.html)


Mises à jour logiciels et Alertes sécurité

Faille critique de Skype :
Security hole allows anyone to hijack your Skype account using only your email address (http://thenextweb.com/microsoft/2012/11/14/security-hole-allows-anyone-to-hijack-your-skype-account-using-only-your-email-address)
Skype plugs security hole letting anyone hijack accounts, says ‘small number’ of users affected (http://thenextweb.com/microsoft/2012/11/14/skype-plugs-security-hole-letting-anyone-hijack-accounts-says-small-number-of-users-affected/)
Twitter Resets More Passwords Than Accounts Hacked (http://threatpost.com/en_us/blogs/twitter-resets-more-passwords-accounts-hacked-110812)
Tipsy Twitter apologises for password reset frenzy, but a real hack sparked it (http://nakedsecurity.sophos.com/2012/11/09/twitter-reset-password)


Patch Tuesday :
Microsoft Patches 19 Security Holes (https://krebsonsecurity.com/2012/11/microsoft-patches-19-security-holes/)
Microsoft Updates November 2012 - IE, Kernel+Shell, and .NET Critical Patches (http://www.securelist.com/en/blog/208193932/Microsoft_Updates_November_2012_IE_Kernel_Shell_and_NET_Critical_Patches)
November 2012 Microsoft Bulletin Release Includes Fix for Internet Explorer Vulnerabilities (http://blog.trendmicro.com/trendlabs-security-intelligence/november-2012-microsoft-bulletin-release-includes-fix-for-internet-explorer-vulnerabilities/)


Information sur le forum


Statut des admissions pour la formation: Ré-ouverte en statut restreintes

Toutes les infos sur la formation et les inscriptions :
http://forum.security-x.fr/inscription-et-informations/information-sur-la-formation/