Publications, études, rapports 2015 S10

Une recherche, un ping, vous ont conduit ici ? Il s’agit d’un index d’actualités thématiques que j’ai trouvé intéressantes. Je vous invite à consulter le post d’introduction de cette ‘brève’ -veille perso- pour voir de quoi il s’agit. 

 

=> Defending mobile devices for high level officials and decision-makers . 01/03/2015. «The NATO Cooperative Cyber Defence Centre of Excellence is proud to publish new analysis on security risks use of smartphones by decision-makers poses. The study outlines the risks and ways of mitigating them (…).» En date du 25/02.
Source : ccdcoe.org/new-study-defending-mobile-devices-high-level-officials-and-decision-makers.html
Billets en relation :
25/02/2015. Defending mobile devices for high level officials and decision-makers : ccdcoe.org/multimedia/defending-mobile-devices-high-level-officials-and-decision-makers.html
02/03/2015. Source : twitter.com/suffert/status/572212210019274752

=> Public-Private Partnernship: The Missing Factor in the Resilience Equation – The French Experience on CIIP. 02/03/2015. «La George Mason University a publié dans sa lettre mensuelle une version courte de l’intervention de Danilo d’Elia à la CRITIS Conference 2014 (…).»
Source : www.cyberstrategie.org/?q=fr/danilo-elia-public-private-partnernship-the-missing-factor-in-the-resilience-equation-the-french
Billets en relation :
02/03/2015. DANILO D’ELIA – Public-Private Partnernship: The Missing Factor in the Resilience Equation – The French Experience on CIIP : www.cyberstrategie.org/sites/default/files/media/danilo_delia_extrakt_-_public-private_partnernship_the_missing_factor_in_the_resilience_equation_the_french_experience_on_ciip_.pdf

=> Windows NT pagefile.sys Virtual Memory Analysis. 02/03/2015. «We therefore present a detailed analysis of Windows NT paging. We use dynamic gray-box analysis, in which we place known data into virtual memory and examine where it is mapped to, in either the physical memory or the pagefile, and cross-reference these findings with the Windows NT Research Kernel source code. We demonstrate how to decode the non-present page table entries, and accurately reconstruct the complete virtual memory space, including non-present memory pages on Windows NT systems using 32-bit, PAE or IA32e paging. Our analysis approach can be used to analyze other operating systems as well (…).»
Source : www1.cs.fau.de/filepool/gruhn/pagefile.pdf
Billets en relation :
02/03/2015. FAU DI Publications : www1.cs.fau.de/publications/show
02/03/2015. Source : twitter.com/binitamshah/status/572313731348054018

=> The Past and Future of FPGA Soft Processors. 02/03/2015. «I decided to speak on the past and future of FPGA soft processors. This is my twentieth anniversary of working (on and off) in this field so this seemed an apt time and opportunity to share my perspective on where FPGA soft processors came from and what their continuing utility and prospects might be in the decade ahead — the autumn of Moore’s Law, the winter of Dennard Scaling (…).» En date du 31/114.
Source : fpgacpu.wordpress.com/2014/12/31/the-past-and-future-of-fpga-soft-processors/
Billets en relation :
02/03/2015. Source : twitter.com/stmanfr/status/572358147974811648

=> Workshop on Ethics and Policies for Cyber Warfare. Report. 02/03/2015. «The report on “Workshop on Ethics and Policies for Cyber Warfare” held in close cooperation with University of Oxford and chaired by Lieutenant Ludovica Glorioso and Dr Maria Rosaria Taddeo , will present the discussion among the ethicists, policy makers, international lawyers and military experts on the existing regulatory gap concerning cyber warfare and ethical problems underpinning it. It was remarked the need to increase the dialogue between the stakeholders involved in cyberspace and to have an interdisciplinary approach (…).»
Source : ccdcoe.org/workshop-ethics-and-policies-cyber-warfare-report.html

=> Tordre le cou au mythe de l’invincibilite de l’etat islamique . 02/03/2015. «(Critique commentée du documentaire « Daech, naissance d’un état terroriste »). Parmi l’ensemble des documentaires ou reportages que j’ai choisi de regarder sur Arte depuis qu’existe la chaîne, j’ai très rarement été déçu. Malheureusement, pour la première fois, un documentaire m’a laissé dubitatif : « Daech, naissance d’un état terroriste ». La réalisation a beau être globalement encensée, même en admettant le format très limité d’à peine une heure, je ne vois qu’un travail bâclé (…).»
Source : conops-mil.blogspot.fr/2015/03/tordre-le-cou-au-mythe-de.html
Billets en relation :
19/02/2015. EU Counter-terrorism strategy : epthinktank.eu/2015/02/19/eu-counter-terrorism-strategy/
25/02/2015. Daesh/ISIL (the ‘Islamic State’): background information : epthinktank.eu/2015/02/25/the-islamic-state-background-information/
02/03/2015. Tordre le cou au mythe de l’invincibilite de l’etat islamique (pdf) : drive.google.com/file/d/0B5BPniK3l7kHdUhrTDQ2UEE0cWs/view?pli=1

=> Le numérique déroutant. 02/03/2015. «Le numérique peut être vu comme une rupture profonde, touchant la nature même du modèle économique de toutes les entreprises, et notamment celui des PME des secteurs dits « traditionnels ». Bpifrance Le Lab, en collaboration avec Olivier Sichel, PDG du groupe LeGuide, publie « Le numérique déroutant », une étude sur le numérique comme facteur de recomposition des chaînes de valeur dans des secteurs à très forte densité de PME : le tourisme, le transport, la plasturgie et le bâtiment. Disrupter ou être disrupté, voilà en substance le choix auquel sont confrontées ces professions face à la révolution numérique (…).»
Source : www.bpifrance-lelab.fr/Ressources/Ressources-Bpifrance-Le-Lab/Le-numerique-deroutant
Billets en relation :
04/03/2015. BPI s’interroge sur les menaces et potentiels du Numérique pour les entreprises … : www.forumatena.org/node/649
06/03/2015. La BPI veut rendre les PME moins naïves face au numérique : pro.01net.com/editorial/648361/la-bpi-veut-rendre-les-pme-moins-naives-face-au-numerique/

=> Massive changes in the criminal landscape. 02/03/2015. «« Organised crime is dynamic and adaptable and law enforcement authorities across the EU are challenged to keep pace with the changing nature of this substantial and significant threat. This report – the first of its kind for Europol – will enable us to look ahead and better allocate resources, plan operational activities and engage with policy- and law-makers to prevent certain types of crimes from emerging » says Rob Wainwright, Director of Europol. The report is the outcome of Europol experts’ engagement with other experts from the private and public sectors, academia and partners in the European law enforcement community (…).»
Source : www.europol.europa.eu/content/massive-changes-criminal-landscape

=> FAA Needs to Address Weaknesses in Air Traffic Control Systems. 02/03/2015. «In support of its mission, FAA relies on the NAS—one of the nation’s critical infrastructures—which is comprised of air traffic control systems, procedures, facilities, aircraft, and people who operate and maintain them. Given the critical role of the NAS and the increasing connectivity of FAA’s systems, it is essential that the agency implement effective information security controls to protect its air traffic control systems from internal and external threats (…).»
Source : www.gao.gov/products/GAO-15-221
Billets en relation :
02/03/2015. FAA Needs to Address Weaknesses in Air Traffic Control Systems : www.gao.gov/assets/670/668169.pdf
03/03/2015. Government Report Critical of FAA Security Controls : threatpost.com/government-report-critical-of-faa-security-controls/111383
06/03/2015. Air traffic control vulnerability could allow criminals to hack the skies : www.welivesecurity.com/2015/03/06/air-traffic-control-vulnerability-allow-criminals-hack-skies/

=> Paper: Script in a lossy stream. 02/03/2015. «Today, we publish a paper by CSIS researcher Dénes Óvári, who found a way to store code as a JPEG image using the DCTDecode filter. His trick, which he explains in the paper, was to encode the data as a greyscale JPEG image, so that no rounding occurs when the images is converted from the RGB to the YCbCr colour space (…).»
Source : www.virusbtn.com/blog/2015/03_02a.xml?rss
Billets en relation :
02/03/2015. Script in a lossy stream : www.virusbtn.com/pdf/magazine/2015/vb201503-lossy.pdf

=> Evaluation des cybermenaces par le renseignement américain . 02/03/2015. «Le 26 février 2015, la communauté du renseignement américain (US Intelligence Community) a proposé son évaluation de la menace, par le biais d’un rapport signé James R. Clapper (Director of National Intelligence): « Worldwidethreat Assessment of the US Intelligence Community » (…).»
Source : econflicts.blogspot.fr/2015/03/evaluation-des-cybermenaces-par-le.html
Billets en relation :
26/02/2015. Worldwidethreat Assessment of the US Intelligence Community : cdn.arstechnica.net/wp-content/uploads/2015/02/Clapper_02-26-15.pdf
05/03/2015. USA – Stratégie et lois pour le renseignement : econflicts.blogspot.fr/2015/03/usa-strategie-et-lois-pour-le.html

=> (IN)Secure ISSUE 45 (March 2015). 02/03/2015. «The Security of Things. How do we ensure the Security of Things in light of the Internet of Threats? Security and compliance: A balancing act of inequalities ; Which kind of security professional are you? The derived credential: delivering digital security to a mobile world ; Declaring personal data bankruptcy and the cost of privacy ; Total threat protection: Myth and reality ; DevOps vs security: Can Docker make a difference?
Best practices for securing PoS systems ; Challenges faced by global network professionals ; Who are the role models in cyberspace? Tackling today’s authentication complexities (…).
»
Source : www.net-security.org/insecuremag.php

=> Leaked documents: European data protection reform is badly broken. 03/03/2015. «New leaked documents show that European countries, pushed by Germany, are systematically working to destroy the fabric of European privacy legislation. Under the current proposals, far from being provided with security fit for the digital age, Europe’s citizens right to data protection would be devoid of meaning (…).»
Source : edri.org/broken_badly/
Billets en relation :
03/03/2015. Analysis produced by EDRi, Access, Panoptykon Foundation, and Privacy International of the leaked Council texts in one pagers highlighting the most problematic issues : edri.org/files/DP_BrokenBadly.pdf
05/03/2015. UE : des groupes de défenses de la vie privée exposent leur pessimisme : www.developpez.com/actu/82147/UE-des-groupes-de-defenses-de-la-vie-privee-exposent-leur-pessimisme-sur-les-modifications-apportees-a-la-protection-des-donnees-personnelles/

=> Financial Trojans in 2014: Takedowns contributed to 53 percent drop in infections, but threat is still prevalent. 03/03/2015. «While the number of financial Trojan detections decreased in 2014, the threat was still considerable, as attackers moved to bypass newer security measures (…).»
Source : www.symantec.com/connect/blogs/financial-trojans-2014-takedowns-contributed-53-percent-drop-infections-threat-still-prevalent
Billets en relation :
03/03/2015. The state of financial Trojans 2014 : www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the-state-of-financial-trojans-2014.pdf

=> Release of Documents Concerning Activities under the Foreign Intelligence Surveillance Act. 03/03/2015. «Yesterday, the Intelligence Community released several Foreign Intelligence Surveillance Court documents related to surveillance activities undertaken pursuant to the Foreign Intelligence Surveillance Act (…).»
Source : icontherecord.tumblr.com/post/112610953998/release-of-documents-concerning-activities-under#_=_

=> The Acumen Report: Constant Content. 03/03/2015. «The Acumen Report: Constant Content looks at time spent watching different types of media with specific insights into why TV time is not even close to digital. It explores the role of social media in content discovery and how “thumbstoppers” are crucial to getting youths’ attention, with a deep-dive into the thematic elements that appeal to youth. The phenomenon of YouTube celebrities and their role influencing youths’ content choices also is explored (…).»
Source : acumen.defymedia.com/acumen-report-constant-content-2/?r=archive-date20153
Billets en relation :
03/03/2015. Third Annual Acumen Report : www.defymedia.com/2015/03/03/millennials-ages-13-24-declare-just-cord-tv-content-doesnt-cut/
03/03/2015. The Acumen Report: Constant Content : sandbox.break.com/acumen/Acumen%20Constant%20Content__ExecSum%20Booklet_Final2.pdf
05/03/2015. YouTube : nouveau tiers de confiance de la génération Y : meta-media.fr/2015/03/05/youtube-plus-divertissant-que-la-tv-pour-la-generation-y.html

=> Free Sony hack case study . 03/03/2015. « We have just published our security awareness case study on the Sony hack under a Creative Commons license (…) The information sources are fully cited and referenced in the materials – all public domain stuff and no special inside-track from Sony I’m afraid*, hence there are probably errors and certainly omissions … and yet nevertheless this was a remarkably instructive incident touching on an usually wide range of information security topics (…).»
Source : blog.noticebored.com/2015/03/free-sony-hack-case-study.html

=> Predicting Recidivism Risk: New Tool in Philadelphia Shows Great Promise . 03/03/2015. «US DoJ report on predictive analysis, found that monitoring criminals lowers crime (…).»
Source : ncjrs.gov/pdffiles1/nij/240695.pdf
Billets en relation :
03/03/2015. Source : twitter.com/kerouanton/status/572767702433067008

=> Threats to Children Online: The Danger is Real. 04/03/2015. «The research is based on data processed by our Kaspersky Security Network. We analyzed data from more than a million Kaspersky Lab customers. Each of them had encountered dangerous content at least once in the last year (…).»
Source : securelist.com/analysis/publications/69029/threats-to-children-online-the-danger-is-real/
Billets en relation :
04/03/2015. Menaces contre les enfants en ligne : le danger est bel et bien réel : www.viruslist.com/fr/analysis?pubid=200676382
04/03/2015. Kaspersky Lab Study: Children online : securelist.com/files/2015/03/Kaspersky_Lab_KSN_report_Children_Online_eng.pdf

=> Understanding U.S. NSS 2015 Using the International Strategy for Cyberspace. 04/03/2015. «Last week, we used the United States’ 2015 National Security Strategy (NSS) as a reference point to analyze “A Strong Britain in an Age of Uncertainty: The National Security Strategy,” the United Kingdom’s 2010 National Security Strategy. Though limited in scope, this comparative analysis revealed a number of important findings, including the UK’s recognition of benefits and challenges of cyberspace, as opposed to the more security-centric, militarized language used by the United States (…).» Retour sur une actu déjà évoquée, avec un nouveau billet.
Source : www.tripwire.com/state-of-security/government/understanding-u-s-nss-2015-using-the-international-strategy-for-cyberspace/
Billets en relation :
17/02/2015. A “Cyber” Study of the U.S. National Security Strategy Reports : www.tripwire.com/state-of-security/government/a-cyber-study-of-the-u-s-national-security-strategy-reports/
24/02/2015. A Comparative “Cyber” Study of National Security Strategies – UK and the U.S. : www.tripwire.com/state-of-security/government/a-comparative-cyber-study-of-national-security-strategies-uk-and-the-u-s/

=> Conspirationnisme : un état des lieux. 04/03/2015. «Pour l’Observatoire des radicalités politiques de la Fondation, le politologue Rudy Reichstadt analyse les ressorts et l’actualité d’un complotisme stimulé par les possibilités inédites que lui a offert Internet (…).»
Source : www.jean-jaures.org/Publications/Notes/Conspirationnisme-un-etat-des-lieux
Billets en relation :
23/02/2015. Science vs Conspiracy: Collective Narratives in the Age of Misinformation : journals.plos.org/plosone/article?id=10.1371/journal.pone.0118093
02/03/2015. Quelle propagation de l’information pour la théorie du complot ? : www.reputatiolab.com/2015/03/quelle-propagation-de-linformation-pour-la-theorie-du-complot/
02/03/2015. Théories du complot: plus on y croit, moins on voit clair : www.sciencepresse.qc.ca/actualite/2015/03/02/theories-complot-plus-croit-moins-voit-clair
04/03/2015. Le conspirationnisme, un extrémisme politique influent : www.lexpress.fr/actualite/politique/document-le-conspirationnisme-un-extremisme-politique-influent_1657135.html
04/03/2015. Conspirationnisme : un état des lieux : www.jean-jaures.org/content/download/20661/212123/version/3/file/note-radic-pop-N%C2%B011.pdf

=> EFF to UN: You Need a Privacy Watchdog. 04/03/2015. «EFF joined more than sixty civil liberties organizations and public interest groups from across the world yesterday in calling upon the world’s governments to support the creation of a United Nations Special Rapporteur on the right to privacy (…).»
Source : www.eff.org/deeplinks/2015/03/eff-un-you-need-privacy-watchdog
Billets en relation :
02/03/2015. NGOs call on governments to support the establishment of a UN Special Rapporteur on the right to privacy : www.eff.org/files/2015/03/03/in_support_a_sr_on_privacy_updated_version.pdf
05/03/2015. L’EFF appelle l’ONU à la nomination d’un rapporteur spécial sur le droit à la vie privée : www.developpez.com/actu/82161/L-EFF-appelle-l-ONU-a-la-nomination-d-un-rapporteur-special-sur-le-droit-a-la-vie-privee-pour-s-attaquer-a-la-surveillance-de-masse/

=> An MLD Testing Methodology. 06/03/2015. «Based on recent research in the ERNW IPv6 lab and with our MLD talk looming we’ve put together a (as we think) comprehensive document discussing how to thoroughly test MLD implementations in various components (network devices or servers/clients). We hope it can contribute to a better understanding of the protocol and that it can serve as either a checklist for your own environment or as a source of inspiration for researchers looking at MLD themselves (…).»
Source : www.insinuator.net/2015/03/an-mld-testing-methodology/
Billets en relation :
06/03/2015. An MLD Testing Methodology : www.ernw.de/download/newsletter/ERNW_Newsletter_48_MLD_Testing_v11_signed.pdf

=> U.S. Government Lists Top Torrent Sites as Piracy Havens. 06/03/2015. «A new report published by the United States Trade Representative has listed the world’s largest BitTorrent sites and cyberlockers as some of the most problematic copyright infringers in the world. Popcorn Time and its derivatives are mentioned too, with the former’s creation blamed on YIFY/YTS. Domain name registrars are also placed under the spotlight (…).»
Source : torrentfreak.com/u-s-government-lists-top-torrent-sites-as-piracy-havens-150306/
Billets en relation :
05/03/2015. 2014 Out of Cycle Review of Notorious Markets : ustr.gov/sites/default/files/2014%20Notorious%20Markets%20List%20-%20Published_0.pdf
06/03/2015. Les États-Unis dressent leur « liste noire » des sites pirates : www.nextinpact.com/news/93361-les-etats-unis-dressent-leur-liste-noire-sites-pirates.htm
06/03/2015. La liste des pires sites pirates dévoilée par les USA : www.numerama.com/magazine/32406-la-liste-des-pires-sites-pirates-devoilee-par-les-usa.html

=> Tendances PARL, le bilan des procédures de litiges de l’Afnic – T1 2015. 06/03/2015. «L’Afnic publie désormais un bilan trimestriel de ses procédures alternatives de résolution de litiges. Découverte de l’étude de ce premier trimestre 2015 (…).»
Source : www.afnic.fr/fr/l-afnic-en-bref/actualites/actualites-generales/8818/show/tendances-parl-le-bilan-des-procedures-de-litiges-de-l-afnic-t1-2015.html
Billets en relation :
06/03/2015. Tendances PARL – 1er trimestre 2015 : www.afnic.fr/medias/documents/RESOUDRE_UN_LITIGE/brochuresjuridiques/Tendances_PARL_2015_1er_trimestre_vFR-2.pdf

=> Digital Intelligence Nantes – Actes. 06/03/2015. «Les actes de la conférence internationale Digital Intelligence 2014 Nantes sont accessibles sur le site de l’Université de Nantes. Les articles complets peuvent être téléchargés sur la page de la conférence articles and keynote sessions (…).»
Source : cyberland.centerblog.net/201-Digital-Intelligence-Nantes-%E2%80%93-Actes
Billets en relation :
06/03/2015. Digital Intelligence 2014 : articles and keynote sessions : www.univ-nantes.fr/02076525/1/fiche___pagelibre/&RH=INSTITUTIONNEL_EN
06/03/2015. Cyberconflictualité, hacking d’influence et prévisibilité des attaques : www.univ-nantes.fr/servlet/com.univ.collaboratif.utils.LectureFichiergw?CODE_FICHIER=1415427280677&ID_FICHE=717841

=> Dissecting a Social Botnet: Growth, Content and Influence in Twitter. 06/03/2015. «Social botnets have become an important phenomenon on social media. There are many ways in which social bots can disrupt or influence online discourse, such as, spam hashtags, scam twitter users, and astroturfing. In this paper we considered one specific social botnet in Twitter to understand how it grows over time, how the content of tweets by the social botnet differ from regular users in the same dataset, and lastly, how the social botnet may have influenced the relevant discussions. Our analysis is based on a qualitative coding for approximately 3000 tweets in Arabic and English from the Syrian social bot that was active for 35 weeks on Twitter before it was shutdown (…).»
Source : dl.acm.org/citation.cfm?id=2675208

=> Analysis of a Cybercrime Infrastructure . 06/03/2015. «Security researchers have finally published an analysis that exposes the inner workings of Cybrecrime operations targeting online banking credentials for banks in the US and Europe (…).»
Source : www.cio.co.uk/whitepapers/security/analysis-of-a-cybercrime-infrastructure/
Billets en relation :
06/03/2015. Analysis of a Cybercrime Infrastructure : www.cio.co.uk/cmsdata/whitepapers/3600806/Proofpoint_Phase_2_asset.pdf

 

Publié par

Gof

Canard boiteux numérique ; juste intéressé, juste passionné.