Ross Anderson
Vie privée, traces, anonymat
- https://www.franceculture.fr/numerique/palantir-livre-t-nos-secrets-a-nos-allies-americains
- https://www.frandroid.com/android/applications/securite-applications/522054_affaire-benalla-comment-traquer-un-profil-tinder
- https://www.numerama.com/politique/282934-enquete-comment-les-apps-figaro-lequipe-ou-closer-participent-au-pistage-de-10-millions-de-francais.html
- https://media.defense.gov/2018/Aug/06/2001951064/-1/-1/1/GEOLOCATION-DEVICES-%20APPLICATIONS-SERVICES.PDF
- https://www.defense.gov/News/Article/Article/1594486/new-dod-policy-prohibits-gps-enabled-devices-in-deployed-settings/
- Biométrie faciale, IA
Défense multi-niveaux (en profondeur)
- How to Protect Your PC with Multiple Layers of Security
- Layers of Defense for the Small Office and Home Network (SANS Institute)
Enfants
- Online Security for Kids (Sans Institute)
Forensic, OSINT
- An Introduction to Hiding and Finding Data on Linux (giac.org)
- https://bellingcat.gitbook.io/toolkit
Jeux
A classer
- https://www.lesnumeriques.com/informatique/cybersecurite-guerre-malwares-a4015.html
- https://www.zdnet.fr/blogs/green-si/l-informatique-peut-elle-etre-durable-39911073.htm
- https://betanews.com/2018/06/16/safespec-meltdown-spectre-fix/
- https://betanews.com/2018/06/14/floating-point-lazy-state-save-restore-vulnerability/
- https://arxiv.org/pdf/1806.05179.pdf
- https://arstechnica.com/information-technology/2018/06/decades-old-pgp-bug-allowed-hackers-to-spoof-just-about-anyones-signature/
- https://xenbits.xen.org/xsa/advisory-267.html
- https://www.theregister.co.uk/2018/06/15/xen_project_patches_intels_lazy_fpu_flaw/
- Menace « web shell », par Microsoft : https://www.microsoft.com/security/blog/2021/02/11/web-shell-attacks-continue-to-rise/
- https://arstechnica.com/information-technology/2021/01/phishing-scam-had-all-the-bells-and-whistles-except-for-one/
- Anatomie des EDR pt.1 | VirtualSamurai – Dojo (virtualsamuraii.github.io)
Prospective
Règles simples
- http://www.ssi.gouv.fr/uploads/2015/03/guide_cgpme_bonnes_pratiques.pdf
- http://www.zdnet.fr/actualites/les-12-regles-essentielles-de-securite-pour-les-pme-39826498.htm
- https://www.theguardian.com/intel-better-it-decisions/2016/sep/30/how-safe-are-you-from-hackers
Attaques
- http://www.silicon.fr/attaque-flip-feng-shui-vm-cloud-poreuses-156463.html
- https://www.ptsecurity.com/upload/corporate/ww-en/analytics/Banks-attacks-2018-eng.pdf
Statistiques
Juridique
- http://www.cyberdroit.fr/2018/04/hameconnage-caracterisation-de-la-negligence-grave-de-la-victime/
- http://www.feral-avocats.com/fr/publication/qui-est-responsable-de-la-voiture-autonome/
Cryptographie
- https://www.infosecurity-magazine.com/magazine-features/the-dark-side-of-cryptography-kleptography-in/
- Quantique : https://www.zdnet.fr/pratique/tout-comprendre-a-l-informatique-quantique-39891035.htm
Bancaire
WordPress (scanners)
- Online WordPress Security Scan for Vulnerabilities | WP Sec
- WordPress Security Scan | HackerTarget.com
Réseaux
Cyberguerre et influence
Articles non classés
- http://www.internetsociety.org/sites/default/files/BPSecurity_Resilience-FR_0.pdf
- http://www.net-security.org/dl/insecure/INSECURE-Mag-48.pdf
- http://www.ssi.gouv.fr/administration/bonnes-pratiques/
- http://www.internetsociety.org/sites/default/files/BPSecurity_Resilience-FR_0.pdf
- http://www.latribune.fr/technos-medias/internet/la-cybercriminalite-est-la-nouvelle-menace-du-xxie-siecle-485152.html
- http://www.journaldunet.com/solutions/securite/hacking.shtml
- https://fr.news.yahoo.com/confessions-d-voleur-d-identit%C3%A9-%C3%A0-lire-absolument-071324194.html (obsolète)
- https://www.facebook.com/notes/php/installing-and-securinghardening-lamp-latest-version-apache-24-php-56-mysql-56-i/10152909782215681
- http://www.cert-ist.com/fra/ressources/Publications_ArticlesBulletins/Environnement_Microsoft/ApiHooking/
- http://www.indexel.net/dossier/securite.html
- http://www.zdnet.fr/actualites/externaliser-la-securite-les-solutions-saas-evoluent-au-dela-des-fonctions-de-base-39750682.htm
- http://www.gsdays.fr/
- http://heideri.ch/jso/#charset
- http://www.secuobs.com/
- http://blog.whatwg.org/whats-next-in-html-episode-2-sandbox
- http://www.veracode.com/blog/2010/05/html5-security-in-a-nutshell/
- http://www.pcworld.com/businesscenter/article/203794/html5_raises_new_security_issues.html
- APT http://blog.crysys.hu/2014/11/new-anti-apt-tools-are-no-silver-bullets-an-independent-test-of-apt-attack-detection-appliances/
- http://www.01net.com/editorial/519753/telechargement-cinq-logiciels-pour-presenter-ses-photos/
- http://pro.01net.com/editorial/514994/qubes-le-linux-blinde-base-sur-xen/
- http://www.surete-securite.com/actualites/le-cloud-reveille-la-paranoia-de-la-securite-dans-les-entreprises-pour-le-meilleur_891571
- http://www.surete-securite.com/actualites/cybercriminalite-il-y-a-des-pirates-parce-qu-il-y-a-des-clients-specialiste_891576
- http://www.nsa.gov/ia/_files/factsheets/rhel5-pamphlet-i731.pdf
- http://www.nsa.gov/ia/_files/os/redhat/NSA_RHEL_5_GUIDE_v4.2.pdf
AWS
Failles
- https://blog.ropnop.com/extracting-ssh-private-keys-from-windows-10-ssh-agent/
- https://www.nextinpact.com/brief/ssd-crucial-et-samsung—des-failles-sur-le-chiffrement-permettent-de-recuperer-les-donnees-6372.htm
DNS
- http://www.computerworld.com/article/2872700/6-dns-services-protect-against-malware-and-other-unwanted-content.html
- http://www.computerworld.com/article/2874926/dns-tips-and-tricks.html
Chiffrement/Vie privée/Clés/SSH/Crypto
- http://www.bortzmeyer.org/crypto-protection.html
- http://www.phcomp.co.uk/Tutorials/Unix-And-Linux/ssh-check-server-fingerprint.html
- https://www.coursera.org/course/crypto
- https://korben.info/cle-recuperation-bitlocker-windows-10.html (modification clé chiffrement BitLocker)
Secure Partitions
UNIX / Linux
Windows
- http://www.windowsutilities.net/astuces/utiliser-outil-suppression-logiciels-malveillants.html
- http://technet.microsoft.com/en-us/library/gg236605.aspx – Windows Server 2008 R2 Security Baseline
Gestion des licences windows
- http://www.zdnet.fr/actualites/avec-windows-10-microsoft-change-sans-bruit-les-regles-de-l-activation-39823542.htm
- https://www.vulgarisation-informatique.com/forum-9-19818-1–Windows-10–Trouvercle-de-licence-etProduct-ID.php
Sécurité des mobiles
Coût et activité de la cybercriminalité
- https://www.whitehouse.gov/wp-content/uploads/2018/02/The-Cost-of-Malicious-Cyber-Activity-to-the-U.S.-Economy.pdf
- https://csis-prod.s3.amazonaws.com/s3fs-public/publication/economic-impact-cybercrime.pdf
Simulations diverses
- http://enigmaco.de/enigma/enigma.html
- https://siecledigital.fr/2019/02/21/surfez-comme-en-1990-cern/
Outils à connaître
- etcd : CoreOS
- rkt (rocket)
- http://www.zdnet.com/article/thousands-of-etcd-server-installs-are-leaking-credentials/
Information
MISC • Hakin9 • Phrack • Réseaux & Télécoms • Hackademy Magazine • SANS Institute • Securityfocus
Lexique (par Sophos)
Autres (pas forcément sécurité)
- Prospective : https://www.letemps.ch/culture/bombe-mathematique
- Quitter iOs : sur 01net ?
- Mathématiques concrètes, Fondations pour l’informatique (D. Knuth, O. Patashnik, R. Graham), Eyrolles