La cybersécurité, marché en plein boom pour les industriels de la défense – AFP

De Patrick RAHIR (AFP)

PARIS — Attaques de pirates, espionnage industriel et virus destructeurs ont fait de l’internet la cinquième dimension de la défense et les industriels se bousculent sur ce marché en plein boom.

Les Etats-Unis ont inculpé mardi cinq pirates, dont certains affiliés au groupe de hackers Anonymous accusés d’attaques qui auraient fait au total un million de victimes, dont des gouvernements et de grandes entreprises. More »

Abandoned Traditional Security Metrics

An interesting argument made by Joshua Corman during the conference debate “Metrics are Bunk!?: A Zombie Apocalypse, Football/Soccer & Security Metrics” at the RSA Conference on October 13th 2011 is strongly convergent with Satorys’ position that security intelligence must be empirically extracted from real-life data, rather than dogmatically devised from theoretical studies. More »

SCADA systems increasingly among APT targets

Industrial control systems, just like other IT systems, have growing connectivity and usability requirements – proportionally, their vulnerability is growing. When you factor in that cyber-attacks are increasingly being sponsored by governments, you understand news such as Stuxnet, Duqu, or the one mentioned below. More »

Major data-theft attack highlights effectiveness of targeted client-side APTs

Recent news is highlighting once again how devastating targeted client-side attacks can be (Advanced Persistent Threats). I’ve explained in my article A New Computer Security Gold Standard why such attacks are possible. The most important reason is reliance of security schemes upon signature databases, an approach nowadays utterly anachronistic. More »

Satorys positively contributed to debates that gathered corporate executives and policy makers during ITU’s World Telecom 2011

Satorys contributes to debates at ITU World Telecom 2011.

Marco Ricca’ contribution on Data: Free and Priceless:

Marco Ricca, CEO at Satorys, was speaker on Wednesday 26, October 2011 for “Data: Free and Priceless: Data is the new currency of the online world, with some observers suggesting that free access to data could drive fresh economic growth and entrepreneurialism. Governments are starting to experiment with the potential of open data in making government more accessible, responsive and useful to their citizens. More »

Satorys is recognised by several international news outlets as one of the leading exhibitors having presented groundbreaking innovation during ITU’s World Telecom 2011

ITU Telecom World 2011 will play host to participants from across the globe and from all walks of the industry including some 250 global leaders spanning Heads of State and Government, Ministers, city mayors, industry CEOs and technology gurus, who will come together to share their vision and knowledge, shape global industry policy and collaborate on a Manifesto for a connected world. As the leading UN Agency for ICT issues, ITU will use its strengths to gather a mix of leaders of government and industry. More »

IMPACT, the cybersecurity executing arm of the ITU, enters into a strategic partnership with Satorys

Satorys’ unique ability to combat modern threat is recognised by a major global player

Geneva, Switzerland, on October 26th 2011 – Satorys, a leading IT Security company, has established during the ITU World Telecom 2011, a strategic partnership with IMPACT (International Multilateral Partnership Against Cyber Threats).

More »

Le Parti Pirate suisse porte plainte contre un cheval de Troie étatique

Après l’Allemagne, la Suisse est à son tour touchée par une polémique sur un cheval de Troie installé par la police sur les ordinateurs des citoyens. Cette fois, nos voisins de l’autre côté des Alpes l’ont utilisé à quatre reprises dans le but d’arrêter des pédophiles. La méthode fait débat en Suisse, au point que le Parti Pirate Suisse (PPS) a décidé de porter plainte contre X cette semaine. More »

A New Computer Security Gold Standard

published on Banking Solutions 2011

The financial and IT security industries have one thing in common: they are both undergoing a major paradigm shift. Have mainstream beliefs been wrong after all? Have supposedly unshakable edifices been standing on clay feet? Both communities are looking for their 21st century gold standard.

More »

La cybercriminalité a coûté 114 milliards de dollars en 2010

AFP – 7 sept. 2011

La cybercriminalité a coûté 114 milliards de dollars (environ 81 milliards d’euros) et fait 431 millions de victimes dans le monde en 2010, selon une étude publiée mercredi par le fabricant d’un logiciel antivirus Symantec. More »

RSA Attack Analysis: Lessons Learned

Last week was published an interview lead by Kapersky team to debate about the RSA targeted attack that took place some weeks ago. This interview is very valuable because RSA participate to this interview and is totally honest about what happened and how the attack succeeded. It’s very rare to have such Post Mortem analysis with honest answers from the company targeted. Therefore we decided to sum up this interview for you to take advantage of ones mistake and learn from this recent targeted attack.

More »

Hacker ‘Armageddon’ Forces Symantec, McAfee to Seek Fixes

This insight from Bloomberg confirms what we’ve been stating, and that now the industry readily acknowledges:

- The signature-based protection paradigm is overly anachronistic – relying on “a priori” enumeration of threats for one’s safety doesn’t make any sense anymore. More »

Satorys in the BigData Trend

We live in digital world challenged by burgeoning quantities of data; according to IDC, the world’s data doubles every 18 months. This strongly exponential growth presents massive opportunities and serious challenges. More »

Réaction a la publication du 20 juin 2011 de Q1Labs

Dans l’article Q1 Labs : 41% des atteintes à la sécurité ont laissé des traces dans les logs, un éditeur SIEMS «Q1Labs » réagit sur le sujet du Log Management et notamment sur le fait que près de 41% des brèches sont visibles clairement dans les logs. More »

Lockheed Martin IT network attacked & Protection paradigm

Ces dernières années, nous sommes rentrés dans un nouveau paradigme de cyber-sécurité. C’est l’émergence de ce nouveau paradigme qui explique la multitude de cas similaires à celui de Lockheed Martin publiés ces derniers mois (Google, Sony, Parlement Européen, Stuxnet, attaques Chinoises, Nonghyup, et beaucoup d’autres). More »

APT: Cyber Attacks to the next level

APT Advanced Persistent Threat is a really popular term lately in the cyber security ecosystem. What is it concretely? More »

Recrudescence des cyberattaques visant à paralyser des sites Web et à causer du tort aux prestataires de services

Confédération Suisse – Berne, 19.04.2011 – Les cyberattaques visent toujours en priorité à rendre les sites Web inaccessibles ou à les infecter par des maliciels. Mais les mobiles ont changé: les actes de vengeance, la volonté de nuire à la concurrence ou les agressions à mobiles politiques ont pris le relais du simple vandalisme. Le ver Stuxnet montre encore que presque tout système est exposé à des cyberattaques. Ces thèmes et d’autres sont au cœur du douzième rapport semestriel de MELANI. More »

The importance of Agile software development methods in MSSP

Agile software development is a group of software development methodologies based on iterative and incremental development, where requirements and solutions evolve through collaboration between self-organizing, cross-functional teams.

Concretely for MSSP such as Satorys it means that it allows to be very reactive to take into account new inputs and updates about security functionnalities and vulnerabilities to integrate it into our software release. More »

Les abonnés PlayStation de Sony piratés

Le géant au pied d’argile Sony a vu ses systèmes piratés avec un vol d’information très important en terme de quantité (77 millions d’utilisateurs impactés) que de qualité (données personnelles et bancaires des utilisateurs). More »

ENISA – Botnets Detection, Measurement, Disinfection & Defence

Batard Florent, R&D manager at Satorys:

The European Network and Information Security Agency has released a great report concerning the botnets and the way to mitigate them. More »

Guide to Computer Security Log Management

The American National Institute of Standards and Technology published in 2006 a good guide regarding log management. This guide provides a wide set of recommendations to get familiar and enpower your log management. It embeds all the basics to begin with log management and to have a robust log handling architecture.

More »

Malware Infections and User Privacy Protection

This post aims at presenting a concrete setting of the TrueFlow product, adopted recently by a national telecommunication carrier Abuse Management to detect malware-infected customers. More »

Marco Ricca presents the New TrueBoard Interface

We are proud to present TrueBoard’s brand new, re-designed interface.

More »

One Third of EU Citizens Caught Virus in 2010

An EUROSTAT study out recently reveals that In the EU27 in 2010, almost one third of individuals (31%) who used the Internet reported that they caught a virus or other computer infection resulting in loss of information or time. 4% reported that they suffered from an abuse of personal information sent on the internet or other privacy violations. More »

TrueChannel Leveraged for Internet Freedom

Big news was announced this week-end ! On the occasion of Reporters without Borders’ World Day Against Cyber Censorship, Satorys’ R&D Lab presented a customized version of TrueChannel called SafetyOverIP, offered for free to selected journalists and NGOs in the world. More »