Plug and Prey? Measuring the Commoditization of Cybercrime via Online Anonymous Markets

"Plug and Prey? Measuring the Commoditization of Cybercrime viaOnline Anonymous Markets", Rolf van Wegberg and alt., Proceedings of the 27th USENIX Security Symposium. August 15–17, 2018 • Baltimore, MD, USA, 19 pages. 

"Researchers have observed the increasing commoditization of cybercrime, that is, the offering of capabilities, services, and resources as commodities by specialized suppliers in the underground economy. Commoditization enables outsourcing, thus lowering entry barriers for aspiring criminals, and potentially driving further growth in cybercrime. While there is evidence in the literature of specific examples of cybercrime commoditization, the overall phenomenon is much less understood. Which parts of cybercrime value chains are successfully commoditized, and which are not? What kind of revenue do criminal business-to-business (B2B) services generate and how fast are they growing?..."

FY2019 - Federal cybersecurity R&D strategic plan implementation roadmap - USA

FY2019 - Federal cybersecurity R&D strategic plan implementation roadmap - Executive Office of the President of the United States. August 2018. 6 pages. 

This document "lists key Federal projects and programs that directly contribute to solving the cybersecurity challenges outlined in the 2016 Federal Cybersecurity R&D Strategic Plan. This document accompanies the NITRD Supplement to the President’s FY2019 Budget Request, available at https://www.nitrd.gov/pubs/FY2019-NITRD-Supplement.pdf."

Four defensive areas have been defined: Deter, Protect, Detect, Adapt. R&D programs are listed in alphabetical order by agency (page 2-4)

Kensho Cyber Security Index GTR

Kensho Cyber Security Index GTR - 23.08.2018. (index published by Solactive)

"Surface d'attaque" - article revue MISC août 2018

Article: "La surface d'attaque", Daniel Ventre, revue MISC n°98, juillet-août 2018, pp.78-82. 

DoD Annual Report - Military Power of China - 201

Publication of the new Annual Report to Congress - Department of Defense (USA) - "Military and Security Developmens Involving the People's Republic of China 2018". 145 pages. 

Où on apprend finalement peu de choses à propos de la cybersécurité/défense chinoise et du regard que portent sur elle l'armée américaine. Ce qui est dit là, l'a déjà été à maintes reprises par le passé: capacités défensives et offensives, organisation militaire, etc. 

Defense Information Systems Network (DISN)

Defense Information Systems Network (DISN), An Essential Weapon for the Nation’s Defense, Charles Osborn, 16 May 2018. 18 pages. 

De par sa forme, ce document nous rappelle que la génération Power Point n'a pas fini de sévir. Ni celle des adeptes de l'abréviation: DISN, FY, A-ISR, JFHQ, SIPR, JWICS, MiFi, SDN, JRSS, VNF, NFV, LSTDM...

Critique de la cybersécurité des sites publics du DoD

Courrier adressé par le sénateur américain Ron Wyden à Dana Deasy (Chief Information Officer. US DoD). 22 Mai 2018.  Critique le niveau de cybersécurité du DoD concernant ses sites publics, et demande la mise en oeuvre de meilleures pratiques en la matière.