SSI RH – 1-2-3-Cyber Serious game de sensibilisation

1,2,3 Cyber est un jeu de société sur le thème de la cybersécurité,
permettant de sensibiliser les 11-14 ans de manière ludique aux risques d’Internet et aux bons réflexes et bonnes pratiques à adopter.

Ce jeu est le fruit d’une collaboration entre l’association CCJ et le cabinet de conseil Wavestone, avec la participation du dispositif Cybermalveillance.

https://github.com/wavestone-cdt/1-2-3-Cyber

SSI VEILLE – Qui contrôle Internet ?

Par Damien Leloup Publié le 01 septembre 2011 à 19h46 – Mis à jour le 14 mars 2012 à 18h47

Après la publication de notre article consacré au projet Commotion, qui permet de créer des réseaux informatiques non censurés et faciles à déployer dans des pays dictatoriaux, de nombreux lecteurs nous ont interpellés pour savoir qui contrôle aujourd’hui Internet. En raison de  sa nature décentralisée, Internet n’est pas « contrôlé » par un unique organisme, Etat, ou entreprise. Contrairement à une idée répandue, le réseau n’est pas non plus une « jungle » totalement libre : à tous les échelons, de nombreux organismes exercent ou peuvent exercer un contrôle ou une censure sur les informations qui y circulent.

https://www.lemonde.fr/technologies/article/2011/09/01/qui-controle-internet_1566544_651865.html#CP6LihRev4d6LPbl.99

SSI PDT – Operation Poisoned News – Mobile Malware via Local News Links

From Trend Micro

By Elliot Cao, Joseph C. Chen, William Gamazo Sanchez, Lilang Wu, and Ecular Xu

A recently discovered watering hole attack has been targeting iOS users in Hong Kong. The campaign uses links posted on multiple forums that supposedly lead to various news stories. While these links lead users to the actual news sites, they also use a hidden iframe to load and execute malicious code. The malicious code contains exploits that target vulnerabilities present in iOS 12.1 and 12.2. Users that click on these links with at-risk devices will download a new iOS malware variant, which we have called lightSpy (detected as IOS_LightSpy.A).

https://blog.trendmicro.com/trendlabs-security-intelligence/operation-poisoned-news-hong-kong-users-targeted-with-mobile-malware-via-local-news-links/

SSI EXP RES PDT – Microsoft Shares Tactics Used in Human-Operated Ransomware Attacks

Defense measures against human-operated ransomware attacks

Microsoft advises security teams and admins at organizations that
might be targeted in the future by this type of ransomware campaigns to take defensive measures designed to bock common attack techniques or at
least dramatically reduce their effectiveness.

The Microsoft Defender Advanced Threat Protection (ATP) Research Team recommends implementing these mitigation measures against human-operated ransomware attacks:

• Harden internet-facing assets:

– Apply latest security updates

– Use threat and vulnerability management

– Perform regular audit remove privileged credentials

• Thoroughly investigate and remediate alerts:

– Prioritize and treat commodity malware infections as potential full compromise

• Include IT Pros in security discussions:

– Ensure collaboration among SecOps, SecAdmins, and IT admins to configure servers and other endpoints securely

• Build credential hygiene:

– Use MFA or NLA, and use strong, randomized, just-in-time local admin passwords

– Apply principle of least-privilege

• Monitor for adversarial activities:

– Hunt for brute force attempts

– Monitor for cleanup of Event logs

– Analyze logon events

• Harden infrastructure:

– Use Windows Defender Firewall

– Enable tamper protection

– Enable cloud-delivered protection

– Turn on attack surface reduction rules and AMSI for Office VBA

https://www.bleepingcomputer.com/news/security/microsoft-shares-tactics-used-in-human-operated-ransomware-attacks/