Home Blog Page 2

“Introduction to Cybersecurity in Space Systems” with Tim Fowler is coming up during the march summit, The Most Offensive Con that Ever Offensived – Bypass Edition!

0

Tim Fowler will provide a training course called “Introduction to Cybersecurity in Space Systems” at “The Most Offensive Con that Ever Offensived – Bypass Edition” event.

This event is organized by Antisyphon Training. This event will take place from 13 to 15 March, 2024.

  • Summit: March 13, 2024
  • Summit Training: March 14-15, 2024

About the course “Introduction to Cybersecurity in Space Systems”

Introduction to Cybersecurity in Space Systems is a course designed to expose cybersecurity professionals to the concepts and implementations of space systems including the ramification and impacts security can have on a mission.

In this course each element is broken down into its most basic components and we look at how proper security can be applied; what tradeoffs must be made and many of the operational constraints governing every design decision.

This course walks students through each of the segments that make up a space system, the subsystems that comprise a spacecraft, and ways that each need to be defended from attacks.

This course also includes multiple hands-on labs that will walk students through the process of implementing a custom ground station solution, a virtual satellite with simulated subsystems, and executing simulated attacks against both.

At the completion of this course, students will have a fundamental knowledge and understanding of space systems, how and where security can be implemented and have a set of tools, they can use to further their knowledge and experience.

If you wan to know what you will learn in thi scourse, check the Antisyphon Training website here.

About Tim Fowler

Tim Fowler is an offensive security analyst and penetration tester that joined the team at Black Hills Information Security in 2021.

Tim has obtained and maintains multiple industry certifications (OSCE, OSCP, OSWE, CRTO, CRTL, CISSP) and has leveraged his skills and knowledge both in consulting as well as working internally in multiple security roles within Fortune 100 financial institutions.

He frequently contributes to the infosec community by speaking con conferences, writing blogs, and participating in webcasts. He continues to hone his skills and abilities by having a research minded focus and not being afraid to fail in the process of learning.

Tim previously did a presentation at BSIDES St. Louis 2023 hacking education conference.

BSIDES St. Louis 2023 is a hacking education conference that took place on Oct 14, 2023 at St. Charles Community College in Missouri state (United States).

The presentation of Tim Fowler was called: A brief introduction to cybersecurity in Space; The Past, Present, & Future.

I was very proud to be featured by Tim Fowler in his presentation about my work about the Viasat attack analysis

About the summit, The Most Offensive Con that Ever Offensived – Bypass Edition!

Is it the best defense is a good offense or the best offense is a good defense? For all the defenders out there, wouldn’t it be nice to understand the mind of an offensive security professional? And for all the offensive security professionals, wouldn’t it be amazing to learn from others who think about all the best ways to bypass defenses.

Join the Antisyphon Training team for hours of stimulating offensive talks, panels, and hopefully rants about what we can do to keep this arms race from growing cold.

This is a free event, where you can connect with your fellow attendees through Discord and Zoom chat! Keep the comments and memes flowing as our speakers share their knowledge with the community.

Learn to throw and take a punch at The Most Offensive Summit that Ever Offensived… again.

Find below my certificate of completion

To know more

Aerospace cybersecurity manuals bundle : satellites, drones, airplanes, and signals intelligence systems

0

Angelina Tsuboi is a programmer, mechatronics developer and Engineer, a pilot, a Scientific Researcher and cybersecurity researcher. She is currently working for NASA. She is interested in educating others about the exciting field of aerospace cybersecurity in conjunction with developing her own programs and research in the field.

She is dedicated to advancing technology by developing inventions and conducting eclectic scientific research.

She is focused on applying computational and artificial intelligence to research fields such as electromagnetism, astrophysics, quantum mechanics, and biology.

To celebrate the holiday season, Angelina created comprehensive guides centered around aerospace cybersecurity, exploring concepts across satellites, drones, aircraft, and beyond — all at a special holiday discount.

Complete Aerospace Cybersecurity Bundle

This is a four extensive step-by-step manuals covering aerospace cybersecurity.

This bundle includes : Aerospace Cybersecurity: Satellite, Aerospace Cybersecurity: Drones, Aerospace Cybersecurity: Airplanes, Aerospace Cybersecurity: Signals Intelligence

Learn about aerospace cybersecurity, with this interactive step-by-step aerospace cybersecurity bundle. This bundle contains four manuals covering different subfields in aerospace security: satellites, drones, airplanes, and signals intelligence systems.

Topics Covered :

  1. Satellites: Learn about satellite communications systems and common vulnerabilities found within satellite firmware and programs.
  2. Drones: Uncover the vulnerabilities and intricacies of drone communication systems. Explore how malicious actors might exploit UAV and learn about defensive strategies.
  3. Airplanes: Navigate the cybersecurity challenges in aircraft systems. Gain insights into the unique complexities of aviation networks, from in-flight data transmission to ground-based communications.
  4. Signals Intelligence: Dive into modern electronic warfare with a focus on signals intelligence. Understand how SIGINT plays a role in deciphering, intercepting, and analyzing communications, offering a crucial advantage in safeguarding aerospace systems.

Aerospace Cybersecurity: Satellites

Learn more about aerospace cybersecurity, with this interactive step-by-step satellite security manual. This guide walks you through satellite communication basics to advanced satellite signal analysis and protocol exploitation via programs and immersive labs.

Topics Covered :

  1. Satellite Communication Basics: Build a strong foundation in satellite communication, exploring frequency bands, modulation techniques, and transmission protocols.
  2. Satellite Tracking and Identification: Master advanced methods like orbital parameter analysis, radio frequency monitoring, and optical tracking. Understand the critical role of accurate tracking for defense and attack scenarios.
  3. Satellite Vulnerabilities and Threats: Delve into the vulnerabilities satellites face, from weak encryption to physical attacks. Learn to defend against potential threats effectively.
  4. Satellite Signal Analysis: Acquire skills in decoding and interpreting satellite signals, including telemetry, tracking, and control signals. Understand hacker techniques and how to thwart them.
  5. Satellite Protocol Exploitation: Uncover security weaknesses in communication protocols like TCP/IP, DVB-S, and CCSDS. Gain practical experience in exploiting and mitigating these vulnerabilities.

Aerospace Cybersecurity: Drones

Learn more about aerospace cybersecurity, with this interactive step-by-step drone security manual. This guide walks you through UAV communication basics to advanced digital forensics and RF communication exploitation via programs and immersive labs.

Topics Covered :

  1. Drone Systems and Threat Modeling: Decode the fundamental components, architecture, and threat modeling techniques, providing insights into potential vulnerabilities.
  2. Drone Identification and Tracking: Master the art of recognizing drone identifiers and implementing tracking methods, including RF triangulation, GPS tracking, and radar systems.
  3. Ground Control System: Uncover the pivotal role of ground control systems, identifying vulnerabilities and fortifying security measures.
  4. Drone Digital Forensics: Navigate the realm of digital forensics tailored to drone incidents. Acquire skills to investigate, analyze digital evidence, and reconstruct events.
  5. Radio Communications and Protocols: Gain proficiency in wireless communication protocols such as Wi-Fi, radio control, and cellular networks. Learn to intercept and analyze drone communications.
  6. Countermeasures and Defense: Arm yourself with knowledge to safeguard drones against potential threats. Explore encryption, authentication, RF signal jamming, and other defense techniques.

Aerospace Cybersecurity: Signals Intelligence

Learn more about aerospace cybersecurity, with this interactive step-by-step signals intelligence for aerospace security manual. This guide walks you through aerospace signals communication basics to advanced modulation techniques via programs and immersive labs.

Topics Covered :

  1. Conceptual Understanding of Satellite, Drone, and Aircraft Communication Systems: Gain a deep insight into the communication frameworks of satellites, drones, and aircraft, laying a robust conceptual foundation for further exploration.
  2. Decoding Aerospace Transmissions: Acquire practical skills in decoding complex transmissions, unraveling the intricacies of communication protocols employed in aerospace systems.
  3. Relevant RF Analysis Tools for Enhanced Cybersecurity: Familiarize yourself with essential tools such as GNU Radio, SatDump, and Fissure, honing your ability to perform precise and effective RF analysis.
  4. Packet Decoding and Reverse Engineering: Master the art of packet decoding and reverse engineering, crucial skills for understanding and manipulating data within aerospace communications.
  5. Emerging Prevalence of SIGINT in Modern Electronic Warfare: Explore the evolving landscape of signals intelligence in the context of modern electronic warfare, understanding its growing significance.
  6. Defensive Strategies to Safeguard Aerospace Systems: Equip yourself with defensive strategies to fortify aerospace systems against common RF attacks, ensuring the resilience of critical communication infrastructure.

Aerospace Cybersecurity: Airplanes

Learn more about aerospace cybersecurity, with this interactive step-by-step airplane security manual. This guide walks you through airplane telemetry and subsystem basics to radar interpretation and in-flight entertainment system firmware analysis via programs and immersive labs.

Topics Covered :

  1. Aircraft Attack Surfaces and Threat Modeling : Uncover vulnerabilities in aviation systems and build threat models to proactively identify potential risks.
  2. Internet of Wings (IoW): Navigate the connectivity landscape of aviation and learn to secure the Internet of Things (IoT) soaring through the skies.
  3. Threat Modeling and Mitigation : Delve into aviation-specific threat modeling techniques and mitigation strategies to fortify aerospace systems.
  4. Secure Communication with Ground Control : Master the art of ensuring secure and reliable communication between aircraft and ground control.
  5. Securing Passenger Wi-Fi and Inflight Entertainment Systems : Explore the challenges of securing passenger amenities while ensuring a safe and enjoyable flying experience.
  6. ADS-B and Radar Systems : Gain insight into vulnerabilities associated with Automatic Dependent Surveillance–Broadcast (ADS-B) and radar systems.
  7. Regulatory Framework and Compliance : Navigate the complex landscape of aviation regulations, including FAA and ICAO standards, to ensure compliance.
  8. Data Encryption and Protection : Master the intricacies of encrypting and protecting sensitive aviation data against cyber threats.
  9. Incident Response and Recovery Planning : Develop comprehensive incident response and recovery plans tailored to aviation cybersecurity incidents.

More Information

All these guides and manuals are created by and written by Angelina Tsuboi for the Stellaryx Labs team.

Stellaryx Labs provides high quality training, consulting, education, and development services at the nexus of software, security, and aerospace

You can either purchase each individually or get all of them as a bundle at a special discount !

« Aerospace Cybersecurity: Satellite Hacking » course review

0

I just successfully completed the comprehensive course on « Aerospace Cybersecurity: Satellite Hacking » and passed successfully the final exam with a result of 90%.

This course is led by Angelina Tsuboi in collaboration with PenTest Magazine. This course was for me an incredible journey that I started in September 2023.

In this course, I developed my skills in: Satellite reconnaissance, Communication Analysis and Eavesdropping, Reverse Engineering and Decoding Communication, Vulnerabilities and Attacks.

The final exam was very challenging. There was purely cybersecurity questions that were easy for me to answer. But there was also questions of a more general nature that ware very challenging.

In this course, I covered the following topics: Orbital Mechanics, Satellite Reconnaissance, Decoding Satellite Communication, Satellite On-Board Systems, Listening to Satellites via Radio Frequencies, Vulnerability Analysis of Satellites, Common Attacks employed against satellites, Detection of satellite hacking.

I got skills about: OSINT for satellite systems and Operations, Satellite Tracking, Satellite Eavesdropping and Packet Decoding, Satellite Signals Intelligence, Satellite Attack Understanding, Satellite File and Data Forensics, Attack Mitigation and Threat Modeling.

At the end of the course, we explored the Future of Satellite Cybersecurity like SpaceOS, 5G satellite, Quantum Cryptography, Quantum Encryption.

In conclusion, this Satellite Cybersecurity course will provide a comprehensive understanding of satellite hacking techniques, along with the tools and strategies required to defend against them using digital forensics and attack vector detection.

I highly recommend this course to anyone interested in exploring the fascinating realm of satellite cybersecurity. It offers a comprehensive learning experience that equips you with the tools and knowledge necessary to navigate and safeguard satellite systems effectively.

A special thank’s to the amazing instructor Angelina Tsuboi and the entire course team with Bartłomiej Adach for their dedication and expertise in curating such an enriching educational experience.

To know more about this course : here

ethicallyHackingspace (eHs)® h4ck32n4u75™ (Hackernauts) Community Member

0

I’m very proud to have been choosen as ethicallyHackingspace(eHs)® h4ck32n4u75™ (Hackernauts) Community Member. Thank’s to William Ferguson for this distinction.

The “h4ck32n4u75™” badge, pronounced “hackernauts,” symbolizes a dedication to evaluating, safeguarding, and pioneering avant-garde solutions for conventional and emerging hashtag#space platforms.

As a proud member of the ethicallyHackingspace(eHs)® Community, this badge underscores a commitment to ethical hacking practices and innovation in space technology.

I’m very proud to officially joined the innovative ethicallyHackingspace(eHs)® community and to become one of the enthusiastic community h4ck32n4u75™ (Hackernauts).

Credential Verification : https://app.certifyme.online/verify/e733db9410690

My cybersecurity review for 2023

0

What an incredible end to 2023. I’ve had some wonderful experiences. I’ve successfully met many challenges in cybersecurity.

  • I did an analysis of the Viasat cyber attack with the MITRE ATT&CK® framework (more here) and I wrote a post mortem investigation. More here
  • My work about the analysis of the Viasat Cyber Attack has been quoted and highlighted by Tim Fowler in his presentation at BSIDES St. Louis 2023 hacking education conference (more here).

  • I was interviewed by The Interstellar Integrity (i2) magazine released by ethicallyHackingspace(eHs)® about my passion for space and cybersecurity. Thank’s to William Ferguson. More here

I’d like to thank everyone who follows me and supports me. I hope all the information I share with you is interesting and helps you keep up to date and learn more.

Stay tuned because 2024 promises to be just as incredible. See you next year. Until then, take care.

23 Tips to Pass CCSK (Certificate of Cloud Security Knowledge) from CSA at the first attempt

0

At the beginning of April 2020, I successfully passed the CCSK certification (Certificate of Cloud Security Knowledge). Now, I give you some tips and tricks below so that you can also pass the exam on the first try.

What is CCSK certification ?

The CCSK is a “vendor neutral” certification on Cloud security. It is considered to be the “state of the art” in Cloud security. It was created in 2010 by the CSA (Cloud Security Alliance) an organization that pilots the STAR (Security, Trust & Assurance Registry) program whose objective is to provide and maintain a high standard to enable independent auditing bodies to deliver certification levels to the different Clouds on the market.

The CSA regularly publishes reference documents to promote best practices in Cloud security. The CSA also leads and organizes several working groups and research projects in which member companies can participate to advance the field of Cloud security.

How do I register for the CCSK exam ?

The CCSK is a distance exam (not in an exam centre), online on the web and “open book” (study material available). Unlike most other certifications, the CCSK, in its past version (currently v4), is valid for life. It is not necessary to prove any experience to take the exam. There is also no annual payment or CPE (Continuous Professional Education) to maintain certification.

The cost of the exam is $395 USD and allows for two attempts. If you pass the first attempt, you will be able to use the second attempt when a new version of the CCSK is released. An exam token is valid for two years from the date of purchase.

To register for the exam, go to https://ccsk.cloudsecurityalliance.org/en

What is the content of the CCSK ?

The current CCSK v4 version exists since December 1, 2017. It underwent an important update compared to the previous version v3 including the latest technologies of the Cloud (micro-service, serverless, container, SDN, Big Data, IOT, etc …).

The exam is composed of 60 questions to be completed in 90 minutes. Questions are of type A/B/C/D/E or True/False. Once the exam is launched, it is not possible to pause it. The minimum score to pass the exam and obtain certification is 80%. The pass rate for the exam is 62%.

You get your result immediately at the end of the exam with your overall score and by domain to identify your areas for improvement. If you pass the exam, you can even download your certificate. However, answers to questions are not provided in order to preserve the integrity of the exam. There is an exam preparation kit and FAQs available for download from the CSA website : https://ccsk.cloudsecurityalliance.org/en/faq

What is the CCSK study material?

The CCSK exam tests the candidate on the content of 3 documents that can be downloaded free of charge from the CSA website : https://cloudsecurityalliance.org/education/ccsk/#_prepare

Together, these 3 documents represent the CBK (Common Body of Knowledge) of the CCSK exam. They are:

  1. CSA Security Guidance for Critical Areas of Focus in Cloud Computing v4
  2. CSA Cloud Controls Matrix (CCM)
  3. ENISA (European Network and Information Security Agency) Whitepaper Cloud Computing: Benefits, Risks and Recommendations for Information Security

The 14 areas of the CSA Security Guidance are as follows:

Domaine 01 : Cloud Computing Concepts and Architectures
Domaine 02 : Governance and Enterprise Risk Management
Domaine 03 : Legal Issues, Contracts and Electronic Discovery
Domaine 04 : Compliance and Audit Management
Domaine 05 : Information Governance
Domaine 06 : Management Plane and Business Continuity
Domaine 07 : Infrastructure Security
Domaine 08 : Virtualization and Containers
Domaine 09 : Incident Response
Domaine 10 : Application Security
Domaine 11 : Data Security and Encryption
Domaine 12 : Identity, Entitlement, and Access Management
Domaine 13 : Security as a Service
Domaine 14 : Related Technologies

The important concepts of the ENISA document are as follows:

- Information Security
- Isolation failure
- Economic Denial of Service
- Licensing Risks
- VM hopping
- Five key legal issues common across all scenarios
- Top security risks in ENISA research
- OVF
- Underlying vulnerability in Loss of Governance
- User provisioning vulnerability
- Risk concerns of a cloud provider being acquired
- Security benefits of cloud
- Risks R.1 – R.35 and underlying vulnerabilities
- Data controller versus data processor definitions
- In IaaS, who is responsible for guest systems monitoring

The important elements of the CSA CCM (Cloud Controls Matrix) to be aware of are the following:

- CCM Domains
- CCM Controls
- Architectural Relevance
- Delivery Model Applicability
- Scope Applicability
- Mapped Standards and Frameworks

By far the most important document is the CSA Security Guidance. It alone accounts for 87% of the questions in the exam. The CSA CCM represents 7% and the ENISA report 6%.

The exact distribution of the number of questions per domain is as follows:

My preparation for the CCSK

My study material

In addition to the official study material, I also used two other documents that helped me a lot:

  • « CSA Guidance Summary in 6O minutes » : This is a very good 25-page summary of the CSA Security Guidance v4. I printed it for review and had it in PDF during the exam.

  • « CCSK All-in-One Exam Guide » from Graham Thompson : It is an excellent review guide that I highly recommend and which Peter van Eijk with whom I had the honour of discussing. Peter is also an official trainer for the CSA CCSK and I believe he is involved in the drafting committee for the questions. The book reviews with very good explanations the 14 areas of the CBK but also the ENISA and CCM document. At the end of each chapter, there is a “Chapter Review” which includes the essentials for the review. The book also includes 150 test questions which are very similar to those of the exam in terms of wording and difficulty. And finally, at the end of the book, there is a code to access an online simulator on the TotalSem site which contains 200 additional questions. (link to the book on Amazon)

  • I’d also like to mention Verisafe’s CCSK e-learning course with Boris Motylewski. I’ve had very good feedback on Boris’s training courses, and he’s very committed to helping you pass your certifications (CISSP, CCSK and soon CCSP). Two videos explain what CCSK is, the benefits of CCSK and how to become CCSK in 30 days. The example slides demonstrate the quality of the course material. They helped me understand the 35 risks identified by ENISA, the 11 major risks, the 23 assets potentially impacted (including those most at risk) and the top 7 vulnerabilities.

My study Plan

My passage of the CCSK certification was done under rather special conditions. Indeed, initially, I had to pass the CCSP (Certified Cloud Security Professional) certification. I had been revising the material for two and a half months when I learned that my exam in early April was postponed due to the Covid-19 pandemic that was circulating in France. In order to make the most of my study and the acquired knowledge, I decided around mid-March to try the CCSK exam which is done online and at home. The lock down period was convenient for the revisions: 1 hour in the morning before starting to telework (replacing travel time), 1 hour during the lunch break and 2 to 3 hours in the late afternoon, after the telework day and in the evening.

In two and a half weeks, I managed to read all the official study material plus additional study material. I tried more than 700 test questions (those in the book but also others on Udemy or found on the internet). I made about 100 Flashcards. I have viewed some videos on Youtube. I mostly took a lot of personal notes. As far as I’m concerned, it’s essential because it allows me to make last minute revisions but it also allows me to better remember everything I learn.

23 Tips to Pass CCSK at the First attempt

Link to the sheet (PDF).

  • #01 : Read all the material
  • #02 : Watch some training videos and read (e)books to better understand concepts
  • #03 : Read the « CSA Guidance Summary in 60 mn »
  • #04 : Write your personal notes (it’s better to memorize)
  • #05 : Understand well how cloud impact processes
  • #06 : Understand benefits but also concerns of the cloud for each domain
  • #07 : Practice test questions to test your understanding and to train to use the material
  • #08 : Create a study plan and follow it
  • #09 : Read the question twice, read the answers and read again the question
  • #10 : Be careful about specific technology answers: They are oftenthe wrong answer
  • #11 : Identify answers that are not cloud specific : They are often the wrong answer
  • #12 : Eliminate answers that are not related to the question
  • #13 : Always answer from a business perspective (Business drives Security)
  • #14 : Be careful with negative questions with NOT
  • #15 : Be careful with questions with words like “the MOST”, “the LEAST”, “IS”, “ARE”
  • #16 : If you don’t know the right answer, try to eliminate the bad anwers
  • #17 : Identify key words in the question to search within the material
  • #18 : Use and practice « Advanced Search » function in your PDF reader to search key phrases throughout all the material
  • #19 : Know the structure of the material to find quickly the relavant domain to each question
  • #20 : It’s more comfortable to use two screens during the exam
  • #21 : Use Google Translate (or other) to translate difficult words in your native language
  • #22 : Test and rehearse your method and logistics for the exam
  • #23 : If you failed, don’t use your 2nd attempt in the same day or same week

What is the difference between CCSK and CCSP certifications

CCSP is the “Certified Cloud Security Professional”. It is a certification that was created in 2015 jointly by CSA, the organization that created CCSK and (ISC)², the organization that created the very famous and sought-after CISSP certification.

CCSP certification covers the following 6 areas:

- Domain 1 : Cloud Concepts, Architecture and Design
- Domain 2 : Cloud Data Security
- Domain 3 : Cloud Platform and Infrastructure Security
- Domain 4 : Cloud Application Security
- Domain 5 : Cloud Security Operations  
- Domain 6 : Legal, Risk and Compliance

If we were to do a mathematical operation, it would be this:

CCSP = CCSK + Expanded Governance Items + Traditional Security + Privacy – DevOps

Find below the articles to read to understand the difference between the 2 certifications:

Conclusion

Good luck and good studies to all. Keep in mind the following quote:

“In a journey it’s not the destination that counts but always the road travelled”

It is not the certification itself that is important but the knowledge you will acquire that will make you more competent. Certification is the icing on the cake or proof of the pudding.

Top des comptes #Cyber à suivre sur Linkedin

0

Souvent on pense à Twitter pour réaliser sa veille sécu. Mais Linkedin reste une excellente source d’information dans le domaine du cyber. Je vous présente ci-dessous une liste de comptes Linkedin à suivre que j’ai sélectionnée pour la qualité de leurs posts et la pertinence des informations qu’ils diffusent. N’hésitez pas à me signaler en commentaires si vous en connaissez d’autres et qui pourraient compléter cette liste. Je vous invite à la diffuser très largement pour les faire connaitre et participer à votre niveau à la diffusion de l’information et de la culture cyber.

Martial Gervaise

Martial Gervaise est le directeur Cyber Sécurité Adjoint du groupe Orange. C’est un passionné des technologies digitales et de leurs usages. Il publie régulièrement sur Linkedin des informations très pertinentes sur le thème de la cybersécurité et ses posts sont souvent très commentés et republiés.

Matthieu Garin

Matthieu Garin est Senior Manager et responsable du développement commercial de la ligne de services cybersécurité chez Wavestone. Il conseille depuis plus de 10 ans les CISO sur leurs enjeux de cybersécurité principalement dans le secteur financier. Il a construit l’équipe CERT-W (ex CERT-Solucom) en charge de la réponse aux incidents de sécurité. Il se concentre actuellement sur l’impact des récentes innovations sur la sécurité (machine learning, IA, Blockchain, …) dans un objectif de construire de nouveaux modèles de sécurité. Ses publications sont toujours à la pointe de l’actualité et même souvent premier sur l’information. Matthieu va à l’essentiel avec un résumé pertinent et toujours bien mis en valeur visuellement pour être agréable à lire.

Damien Bancal

Damien Bancal est un expert en cybersécurité et journaliste spécialisé. Il travaille sur les sujets high-tech, cybercriminalité, cybersécurité depuis les années 90. Il est le fondateur du blog Zataz.com et du protocole d’alerte Zataz qui œuvre depuis des années dans le domaine de la cybersécurité. Il anime également une chronique « cybersécurité » lancée depuis septembre 2019 sur WEO TV, la télévision des Hauts-de-France. Il partage régulièrement des articles de son blog Zataz.com liés à l’actualité cyber dont les thèmes font souvent référence au RGPD, Data Breach, Ransomware, …

Gérôme Billois

Gérôme Billois est associé cybersécurité chez Wavestone. Il est en charge du business et du développement international de l’offre globale de cybersécurité du cabinet. Il est membre du conseil d’administration du CLUSIF et du comité ISO chargé de la normalisation de la sécurité de l’information. Il est co-fondateur du Club27001 dédiée à la promotion de la norme ISO 27001. Il intervient régulièrement dans les médias pour parler de cybersécurité.

Brian Krebs

Brian Krebs est un professionnel de la sécurité. Il est l’auteur du site KrebsOnSecurity.com sur lequel il écrit quotidiennement des articles sur la sécurité de l’information et la cybercriminalité. Son principale objectif en tant que professionnel est de rendre les questions de sécurité informatique compréhensibles, intéressantes et opportunes auprès de ses lecteurs.

The Cyber Security Hub

The Cyber Security Hub est un compte d’entreprise Linkedin anglais. Leurs publications sont très fréquentes (plusieurs fois par jour) et sont souvent accès sur des infographies, des guides, des ebook, …. D’après leur propos, ils visent à inciter les échanges et les discussions ainsi qu’à multiplier les conversations sur la cybersécurité afin d’améliorer la culture cyber. Ils visent à augmenter les compétences en sécurité et à élargir le bassin de compétences et de talents.

Cyber Security NewsGBHackers On Cyber Security et Ethical Hackers Academy

Les 3 comptes Cyber Security News, GBHackers On Cyber Security et Ethical Hackers Academy semblent être des comptes liés car on y retrouve à très peu de différence près les mêmes informations. GBHackers on Security se définit comme une plateforme en ligne sur la cybersécurité. Elle publie des tuto, des enquêtes, fait des recherches et des tests sur les applications. Cyber Security News se définit comme un canal indépendant de news cyber. Elle publie les dernières nouvelles sur les hackers, la cybercriminalité, les incidents de sécurité, les violations de sécurité, les vulnérabilités, les logiciels malveillants, …

ANSSI (Agence nationale de la sécurité des systèmes d’information)

On ne présente plus l’ANSSI, l’Agence Nationale de la Sécurité des Systèmes d’Information. C’est l’autorité nationale chargée d’assurer la sécurité des systèmes d’information de l’État et de contribuer à celle des opérateurs nationaux d’importance vitale (OIV). L’ANSSI apporte également ses conseils, son expertise et son assistance technique pour prévenir la menace et traiter les incidents portant atteinte à la sécurité du numérique. Son objectif est de promouvoir la confiance numérique ainsi que le développement de la filière de cybersécurité. Elle publie régulièrement des informations sur la prévention de la menace des études sur des modes d’attaques, des informations sur des mesures de protection. Ses guides sont largement diffusés auprès des différents publics sur la nécessaire protection des environnements numériques par la promotion de bonnes pratiques de cybersécurité et la diffusion de recommandations techniques et méthodologiques tout en participant au développement de la formation à la sécurité des systèmes d’information.

The Hacker News

The Hacker News est la page linkedin du site thehackernews.com. Connu aussi sous le trigramme THN, The Hacker News se définit comme une plateforme d’information sur la cybersécurité réputée auprès des professionnels de la sécurité mais aussi des chercheurs, des hackers, des technologues et d’une façon générale des passionnés. Leurs posts présentent les dernières nouvelles en matière de cybersécurité et une couverture approfondie des tendances actuelles et futures en matière d’infosec.

Mais aussi

Philippe VynckierHervé SchauerLionel GUILLETDominique BourraBenjamin DelpyGérard PELIKSFrederic GOUTHVincent CHAPELET, …

Et les autres

J’aurais aimé suivre sur Linkedin les comptes ci-dessous mais ceux-ci n’y sont pas activement présents. Il reste Twitter pour les suivre : Korbenx0rzSwitHackBruce Schneier, …

De qui se MOOC-t-on ? Liste des meilleurs MOOCs sur la Cybersécurité

0

J’ai découvert, il y a un certain temps, le monde merveilleux des MOOCs. J’ai voulu découvrir de quoi il s’agissait en participant à des MOOC liés à la cybersécurité, mon domaine d’activité professionnelle et j’ai été agréablement surpris. J’ai découvert que ce support était très pédagogique et permettait de faire passer des messages clairs et synthétiques auprès du grand publique. Je recommande vivement ce support pour ceux qui veulent s’initier à un domaine, se former ou se tenir informer.

C’est pourquoi, j’ai décidé, à la demande générale (d’un certain Christophe), de créer cet article dans le but de rassembler l’ensemble des MOOCs, des cours et des formations disponibles en ligne dans le domaine de la cybersécurité et de la sécurité de l’information.

Si vous en connaissez d’autres, n’hésitez pas à commenter cet article pour que je puisse les rajouter. Et surtout, n’hésitez pas à partager cet article au plus grand nombre car il est important de rappeler que la sécurité est l’affaire de tous.

PS : tout jeu de mot est indépendant de ma propre volonté (se rapprocher du même Christophe pour en savoir plus)

Les MOOCs en ligne

  • MOOC de l’ANSSI (FR): Il s’agit d’un MOOC pour se former à la sécurité du numérique. Il rassemble l’ensemble des informations pour s’initier à la cybersécurité ou approfondir ses connaissances. Le MOOC est accessible gratuitement jusqu’au mois d’avril 2021. Le suivi intégral du MOOC vous fera bénéficier d’une attestation de réussite. https://secnumacademie.gouv.fr/
  • MOOC de la CNIL sur le RGPD (FR): Ce MOOC rassemble l’ensemble des informations pour s’initier au RGPD et comprendre les enjeux de la mise en conformité de son organisme. Le MOOC est gratuit et accessible jusqu’au mois de septembre 2021. En suivant le MOOC, vous pourrez obtenir une attestation. https://atelier-rgpd.cnil.fr/
  • MOOC de l’INRIA sur Protection de la vie privée dans le monde numérique (FR) : Ce MOOC élaboré par des chercheurs d’Inria, aborde la notion d’identité numérique et les problèmes de vie privée associés à l’usage des outils numériques. Apparemment, ce MOOC est clos depuis le 17 juin 2019. Il faut attendre qu’il soit de nouveau ouvert. https://www.fun-mooc.fr/courses/course-v1:inria+41015+session03/about
  • MOOC de l’INRIA – Code-Based Cryptography (US) : Il s’agit d’un MOOC élaboré par l’INRIA sur la cryptographie. Il présente l’état de l’art de la cryptographie. Il aborde les différents cryptosystèmes existants (symétrique, asymétrique), la théorie des codes, etc .. Ce MOOC date de 2016 mais il reste ouvert exceptionnellement. https://www.fun-mooc.fr/courses/course-v1:inria+41006+archiveouvert/about
  • MOOC de l’université de Bretagne – Défis et enjeux de la cybersécurité (FR) : Ce MOOC a pour but d’aborder les principaux aspects, tant sociétaux que techniques, de la cybersécurité. Apparemment, ce MOOC est clos depuis le 17 juin 2019. Il faut attendre qu’il soit de nouveau ouvert. https://www.fun-mooc.fr/courses/course-v1:ubs+160001+session01/about
  • MOOC du CNAM – Protection des données personnelles – le nouveau droit (FR) : Ce MOOC présente les règles applicables en matière de protection des données et de la vie privée en France et en Europe. Il permet de bénéficier d’une présentation actualisée de la nouvelle réglementation applicable. https://www.fun-mooc.fr/courses/course-v1:CNAM+01032+session02/about

Les cours et formations en ligne

Udemy

  • Udemy est une plate-forme d’apprentissage et d’enseignement en ligne qui propose des milliers de cours sur des centaines de thèmes. Udemy propose régulièrement toute l’année des promos sur les cours Cyber (à surveiller). En ce moment, la plupart sur à 10€. Voici le lien vers les cours de cybersécurité https://www.udemy.com/courses/search/?src=ukw&q=cyber%20s%C3%A9curit%C3%A9

Security Symposium

  • Security Symposium est un ensemble de vidéos sponsorisés par Intel et Red Hat qui couvrent principalmeent les aspects liés à la sécurisation des nouvelles technologies comme le conteneurs, l’automatisation de la sécurisation des plateformes et des tests de conformité, la gestion opérationnelle de la sécurité (patching,…), etc … A découvrir ici : https://www.brighttalk.com/summit/4551-security-symposium/

[Book] The Battle Beyond: Fighting and Winning the Coming War in Space

0

Fundamentally, Paul Szymanski and Jerry Drew remind us that–more than just simply a clash of weapons–all warfare manifests as a competition between human minds. The same holds true in the battle beyond in outer space.

The contests of space warfare will test the knowledge, experience, fears, beliefs, stamina, and will of the people, their military commanders, and their political leadership like never before.

It is thus essential to prepare for the military implications of wars that extend into space, to root space warfare in the military thought of the past, to adapt it to the needs of the future, and to complete its integration as an essential part of the Western way of war.

Beginning with the word “war” itself, Szymanski and Drew guide the reader through a comprehensive consideration of the levels of warfare as viewed through the eyes of experienced space warfare practitioners. They make relevant centuries-old terms of art, linking the Napoleonic thought of the past to the network-dependent wars of the future and explaining esoteric disciplines like orbital warfare and electromagnetic operations in a way that will appeal to both novices and veterans of the discipline.

In so doing, they expand upon the existing lexicon of war, instructing the reader on how to fight and win the coming war in space. Rich in symbology, illustrations, and historical examples, this book could not come at a more critical time for the security of the United States and its Allies.

Biographie des auteurs

Paul Szymanski and Jerry Drew – Source : Paul Szymanski’s Linkledin page

Paul Szymanski has 49 years of experience in all fields related to space control: policy, strategy, simulations, surveillance, survivability, threat assessment, long-range strategic planning, and command and control. In addition, he has a comprehensive experience base, having worked directly with multiple services (Air Force, Army, Navy, Marines), civilian agencies (NASA, DARPA, FEMA), and from the Pentagon (Secretary of the Air Force) to systems development (Space and Missile Systems Center – SMC/ASP/XRJ), technology development (Air Force Research Lab) to operational field test (China Lake Naval Test Center).

Jerry Drew is currently the chief of joint space training in the Department of Joint, Interagency, and Multinational Operations at the U.S. Army Command and General Staff College. He holds a Bachelor of Science in art, philosophy, and literature from the U.S. Military Academy and a Master of Science in astronautical engineering from the Naval Postgraduate School where his thesis work focused on applied robotic manipulation using small spacecraft.

How to buy it

This book is avalaible on Amazon here for 33,90€

Reaching for the Stars with Zero Trust: Space Domain Applications

0

In this article, we will explore if we can apply Zero Trust in space domain, for example in satellites or space missions, how and why ?

What is Zero Trust Architecture (ZTA)

The Zero Trust security model, coined by analyst firm Forrester Research, is a holistic approach to network security that mandates no user or machine should be implicitly trusted, either outside or inside of the network. The concept has evolved as a way to minimize cyber threats and data breaches by not granting automatic trust based on network location.

Understanding Zero Trust Principle and Architecture:

Zero Trust operates on the concept “Never Trust, Always Verify”. At its core, it’s designed to protect modern digital environments by leveraging network segmentation, preventing lateral movement, providing Layer 7 threat prevention, and including simplified granular user-access control.

In a Zero Trust architecture, security isn’t treated as a one-size-fits-all model. It aims to eliminate uncontrolled access to resources by assuming that a user, system, or device is potentially compromised, regardless of if they are inside or outside of the security perimeter.

Implementing Zero Trust includes but not limited to: Identify Sensitive Data, Micro-segmentation, Multi-factor Authentication (MFA), Real-time Monitoring and Analytics, User Access Control

Application & Scope:

Zero Trust can be applied to any IT environment, from on-premises data centers to public clouds, and from network to endpoints. This approach is highly effective in protecting users and data in today’s perimeter-less workplaces, where employees, contractors, and partners need to access applications from various locations, networks, and devices.

Importance & Future of Zero Trust:

The increasing complexity and fluidity of modern IT environments make traditional perimeter-based security models obsolete. Evolving security threats, remote workforce, digital transformations, cloud adoptions, and complex supply chains led to an increase in the number of digital touch-points that can serve as entry points for sophisticated cyberattacks.

Zero Trust’s focus on securing every access point draws a promising future for IT security. It emphasizes understanding the behavior of network users and devices, thereby enabling early detection and mitigation of potential threats. It offers greater visibility into network activities, lowers the risks of security breaches, and improves compliance by implementing granular data control.

From organizations looking to secure their remote workforces to businesses wanting to lock down their supply chains, Zero Trust is poised to become the new normal for cybersecurity. As entities come to grips with a ‘trust no one’ model, they will be better positioned to tackle the cybersecurity threats of the future.

Does Zero Trust apply to the space domain?

In theory, the Zero Trust model could feasibly be applied to the space domain. The fundamental principles of identity verification, least privilege access and real-time monitoring that define Zero Trust are universally important for any operational technology, including space missions or satellites.

Security in the space domain is critically important. Satellites and other space technology manage a wide range of sensitive data and information, from global positioning data to confidential national security information.

Why Apply Zero Trust in the Space Domain?

Protecting Sensitive Information: Considering the increasing cost and strategic importance of space systems, as well as the sensitivity of the data they handle, implementing a robust security posture like the Zero Trust model is crucial.

Remote Accessibility: Like many other systems in the digital age, space platforms are remotely accessed. Zero Trust principles don’t inherently trust any request for access, making it harder for an unauthorized user or a potential hostile actor to gain control.

Increased Cyber Threats: As technology advances, so does the sophistication of cyber threats. Applying Zero Trust principles can help protect against potential cyberattacks targeting space assets.

Implementing Zero Trust in Space Domain

For implementing Zero Trust in the space domain, we need to consider several elements:

Authentication: Implement stringent verification measures to corroborate the identities of all users and devices that interact with the system.

Encryption: As data travels from Earth to space and back again, it needs to be encrypted to protect against interception.

Monitoring & Analytics: It’s crucial to monitor network behavior and traffic patterns continuously. Anomalies or irregularities can indicate potential threats that require immediate attention.

Limited trust: Only provide access to systems and data that are absolutely necessary for each user or device.

What are the challenges applying Zero Trust in the Space Domain?

An interesting challenge here is the vast distance of space and the latency it imposes on operations. The implementation of Zero Trust will have to consider the time delay for authentications as well as a secure and efficient key exchange mechanism for encryption.

Thus, applying the principles of Zero Trust in the space domain offers an exciting opportunity in providing secure and reliable communications. While it presents its unique challenges, given the importance of assets in the space domain, the need for enhanced security measures is undeniable, and a Zero Trust model may be the best way forward.

Last Posts

My experience and tips after successfully passed the CISM (Certified Information Security Manager) from...

0
🌟 I'm thrilled to share that I've earned the CISM (Certified Information Security Manager) from ISACA. You can view my achievement on Credly. 🌍 This...

How to model an attack on an Industrial Control Systems (ICS)

0
Attacks on OT (Operational Technology) systems are made easier due to the OT/IT convergence. The figure below is showing an example of OT/IT convergence. Attacks on OT...

Space and Satellites Security Conferences at DEF CON 32 (and a little bit Aviation...

0
The videos from the Def Con 32 conference held in Las Vegas from August 8th to 11th are now online. Perfect for keeping busy...

My cybersecurity review from the beginning of 2024

0
What an incredible start to 2024. I've had some incredible opportunities and I've been able to do some really interesting things. I continue my role as...

Very proud to receive the certificate of completion : « Introduction to Cybersecurity in...

0
I’m very proud to receive the following certificate of completion for having successfully completed the training course : « Introduction to Cybersecurity in Space...

Popular posts

Description of the Elements of a Satellite Command and Control System

1
In order to be able to analyse the various threats and identify the risks facing a space system, it is necessary to describe precisely...

Install KYPO Cyber Range Platform on Openstack and Ubuntu in AWS cloud

4
KYPO is a Cyber Range Platform (KYPO CRP) developed by Masaryk University since 2013. KYPO CRP is entirely based on state-of-the-art approaches such as...

Cartographie des acteurs étatiques du cyber en France

0
Avec l'aimable autorisation de Martial Le Guédard, nous reproduisons ci-dessous sa cartographie au sujet des différents acteurs étatiques évoluant dans le domaine du Cyber...

What are the threats to space systems?

0
In this article, we will try to identify the various threats to space systems. This article is a synthesis of the CSIS (Center for Strategic...

Qu’est-ce que le grand Commandement De l’Espace (CDE) créé par la France pour la...

0
Le Commandement De l’Espace (CDE) a été créé par arrêté le 3 septembre 2019. Il succède au Commandement interarmées de l’espace (CIE). Il rassemble...