Sécurité Applicative
11.5K views | +2 today
Follow
 
Scooped by Sebastien Gioria
onto Sécurité Applicative
Scoop.it!

Identifying Xml eXternal Entity vulnerability (XXE)

Identifying Xml eXternal Entity vulnerability (XXE) | Sécurité Applicative | Scoop.it
Sebastien Gioria's insight:

On ne saura que trop le répéter, la validation de données, et dans le cas de xML, la validation du schéma ne seront jamais de trop pour éviter des injections.....

more...
No comment yet.
Your new post is loading...
Your new post is loading...
Scooped by Sebastien Gioria
Scoop.it!

Le développement traditionnel inadapté aux apps mobiles

Le développement d’applications mobiles doit suivre une approche différente de celle du développement d’applications pour le poste de travail, nous apprend le cabinet d’étude Gartner dans son dernier rapport.
Sebastien Gioria's insight:

et l'intégration de la sécurité dans le projet de développement doit se faire des les specifications!

more...
No comment yet.
Scooped by Sebastien Gioria
Scoop.it!

The Ultimate List of Open Source Static Code Analysis Security Tools - Checkmarx.com

The Ultimate List of Open Source Static Code Analysis Security Tools - Checkmarx.com | Sécurité Applicative | Scoop.it
To help those searching for an open source static code analysis tool, we’ve compiled a list of the best tools for different languages.
more...
No comment yet.
Scooped by Sebastien Gioria
Scoop.it!

Automotive hacking now a reality

Automotive hacking now a reality | Sécurité Applicative | Scoop.it
Recently, one or more criminals committed a string of hacking-based break-ins that targeted vehicles in the Montreal area.
more...
No comment yet.
Scooped by Sebastien Gioria
Scoop.it!

NSA : la liste des protocoles cassés et résistants révélée par Snowden

NSA : la liste des protocoles cassés et résistants révélée par Snowden | Sécurité Applicative | Scoop.it
“NSA : la liste des protocoles cassés et résistants révélée par Snowden - http://t.co/T2y940UM4G”
more...
No comment yet.
Scooped by Sebastien Gioria
Scoop.it!

Researcher identifies XSS vulnerability affecting Citibank website

Researcher identifies XSS vulnerability affecting Citibank website | Sécurité Applicative | Scoop.it
“A researcher identified a crosssite scripting vulnerability affecting the Citibank website, which has yet to be patched.”
more...
No comment yet.
Scooped by Sebastien Gioria
Scoop.it!

Une vulnérabilité dans l'EFI des Mac sera détaillée après Noël

Une vulnérabilité dans l'EFI des Mac sera détaillée après Noël | Sécurité Applicative | Scoop.it
“Une faille de sécurité complexe a été découverte sur des portables Apple par un chercheur qui en fera la démonstration la semaine prochaine en Allemagne, lors du Chaos Communication Congres.”
more...
No comment yet.
Scooped by Sebastien Gioria
Scoop.it!

Botconf 2014 - No Limit Secu

Botconf 2014 - No Limit Secu | Sécurité Applicative | Scoop.it
“ Episode dédié à la Botconf 2014 Le mp3 de l’épisode est disponible plus bas.”
more...
No comment yet.
Scooped by Sebastien Gioria
Scoop.it!

Top 20 OpenSSH Server Best Security Practices - nixCraft

Top 20 OpenSSH Server Best Security Practices - nixCraft | Sécurité Applicative | Scoop.it
“OpenSSH server best security practices - protect your server from brute force attack under UNIX / Linux / BSD / Mac OS X operating systems.”
more...
No comment yet.
Scooped by Sebastien Gioria
Scoop.it!

Gang Hacked ATMs from Inside Banks — Krebs on Security

Gang Hacked ATMs from Inside Banks — Krebs on Security | Sécurité Applicative | Scoop.it
“Crime gang hacked ATMs from inside banks http://t.co/UanXdgtorS < Russian gang also appears tied to Staples, Sheplers, Michaels breaches”
more...
No comment yet.
Scooped by Sebastien Gioria
Scoop.it!

New computer analysis finds mutations associated with autism, cancer

New computer analysis finds mutations associated with autism, cancer | Sécurité Applicative | Scoop.it
“While sequencing an entire genome is eminently doable, sequencing an exome is easier.”
more...
No comment yet.
Scooped by Sebastien Gioria
Scoop.it!

Prévisions sécurité WatchGuard 2015 : 5 tendances négligeables et 5 à considérer

Prévisions sécurité WatchGuard 2015 : 5 tendances négligeables et 5 à considérer | Sécurité Applicative | Scoop.it
UnderNews | Réseau & Sécurité
more...
No comment yet.
Scooped by Sebastien Gioria
Scoop.it!

Critical Git bug allows malicious code execution on client machines

Critical Git bug allows malicious code execution on client machines | Sécurité Applicative | Scoop.it
Developers who use the official Git client and related software are being urged to install a security update that kills a bug that could allow attackers to hijack end-user computers.
more...
No comment yet.
Rescooped by Sebastien Gioria from #Security #InfoSec #CyberSecurity #Sécurité #CyberSécurité #CyberDefence & #DevOps #DevSecOps
Scoop.it!

#Security: #Azure #AD One-Click #SSO configuration for #Google Apps

#Security: #Azure #AD One-Click #SSO configuration for #Google Apps | Sécurité Applicative | Scoop.it
Active Directory team blog. News and announcements about Active Directory, Azure Active Directory, Azure MFA and Forefront Identity Manager

Via Frederic GOUTH
more...
No comment yet.
Scooped by Sebastien Gioria
Scoop.it!

Issue 118 - google-security-research - Windows: Elevation of Privilege in ahcache.sys/NtApphelpCacheControl - Google Security Research - Google Project Hosting

Issue 118 - google-security-research - Windows: Elevation of Privilege in ahcache.sys/NtApphelpCacheControl - Google Security Research - Google Project Hosting | Sécurité Applicative | Scoop.it
Top story: Issue 118 - google-security-research - Windows: Elevation of Privi… https://t.co/wauNlsCXOJ, see more http://t.co/wJO7QSDIGp
more...
No comment yet.
Scooped by Sebastien Gioria
Scoop.it!

Cyber-attacks on South Korean nuclear power operator continue

Cyber-attacks on South Korean nuclear power operator continue | Sécurité Applicative | Scoop.it
“Firm says nuclear power plants are operating safely and are secure from attack, and it has stepped up its cybersecurity”
more...
No comment yet.
Scooped by Sebastien Gioria
Scoop.it!

Designing a Highly Available, Fault Tolerant, Hadoop Cluster with Data Isolation

Designing a Highly Available, Fault Tolerant, Hadoop Cluster with Data Isolation | Sécurité Applicative | Scoop.it
“As data grows exponentially, the modern Hadoop ecosystem provides not only a reliable distributed aggregation system that delivers data parallelism, but also analytics for great data insights.”
more...
No comment yet.
Scooped by Sebastien Gioria
Scoop.it!

La cyber-guerre est déclarée

La cyber-guerre est déclarée | Sécurité Applicative | Scoop.it
“« La cybercriminalité est un fléau mondial. » Le constat dressé par Jean-Louis Bruguière, Premier Vice-Président honoraire du Tribunal de Grande Instance de Paris, est sans appel.”
more...
No comment yet.
Scooped by Sebastien Gioria
Scoop.it!

TweetSniff.py – a Python Tweets Grabber

TweetSniff.py – a Python Tweets Grabber | Sécurité Applicative | Scoop.it
“For me, Twitter is not only a social network, it’s also a tool that I use daily to track and exchange news about information security with a large worldwide community of infosec profesionals. For a while, Twitter is my main source of information.”
more...
No comment yet.
Scooped by Sebastien Gioria
Scoop.it!

Une attaque informatique a endommagé une usine métallurgique allemande

Une attaque informatique a endommagé une usine métallurgique allemande | Sécurité Applicative | Scoop.it
“Un rapport allemand publié jeudi a révélé une attaque informatique inédite contre une usine métallurgique. Le piratage a provoqué d'importants dégâts matériels sur un haut fourneau.”
more...
No comment yet.
Scooped by Sebastien Gioria
Scoop.it!

How a Hacking Gang Has Stolen $17 Million Since 2013

How a Hacking Gang Has Stolen $17 Million Since 2013 | Sécurité Applicative | Scoop.it
“A Russian hacking gang called Anunak which has successfully stolen over one billion rubles ($17 million) from the banking industry and Western retailers.”
more...
No comment yet.
Scooped by Sebastien Gioria
Scoop.it!

A New Vulnerability "Fakedebuggerd" Must Be Taken Seriously

A New Vulnerability "Fakedebuggerd" Must Be Taken Seriously | Sécurité Applicative | Scoop.it
“Information about "Fakedebuggerd" a new vulnerability used to gain root access to install files on the Android device file system, was published by 360.”
more...
No comment yet.
Scooped by Sebastien Gioria
Scoop.it!

Three questions for mobile developers

Three questions for mobile developers | Sécurité Applicative | Scoop.it
When assessing mobile applications, Fortify on Demand often finds exposed sensitive data. We find mobile apps that write sensitive data to the file system without protection.
more...
No comment yet.
Scooped by Sebastien Gioria
Scoop.it!

Misfortune Cookie crumbles router security: ’12 MILLION+’ in hijack risk

Misfortune Cookie crumbles router security: ’12 MILLION+’ in hijack risk | Sécurité Applicative | Scoop.it
John Leyden reports: Infosec biz Check Point says it has discovered a critical software vulnerability that allows hackers to hijack home and small business broadband routers across the web.
more...
No comment yet.
Scooped by Sebastien Gioria
Scoop.it!

Actualité > Selon HP, 70 % des objets connectés contiennent des ...

Actualité > Selon HP, 70 % des objets connectés contiennent des ... | Sécurité Applicative | Scoop.it
Alors que la déferlante des objets connectés ne fait que commencer, Hewlett-Packard a voulu évaluer le niveau de sécurité des appareils les plus répandus tels que les téléviseurs, l'électroménager ou les accessoires ...
more...
No comment yet.