1 / 16

Cybersecurity Bulletin: Patch Tuesday Updates & Security Events

Stay informed with the latest cybersecurity updates including Patch Tuesday releases and upcoming security conferences and events. Discover important security patches, bug fixes, and vulnerabilities addressed by leading tech companies. Keep your systems secure and attend top industry events.

carriemiddleton
Download Presentation

Cybersecurity Bulletin: Patch Tuesday Updates & Security Events

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Patch Tuesday • 3 Patches – x bugs addressed • Affecting Kernel, SChannel, DNS/WINS • Other updates, MSRT, Defender Definitions, Junk Mail Filter • 3 Security Patches - 1 Critical, 2 Important • MS09-006 – Kernel (GDI via EMF or WMF image) , Remote Execution • MS09-007 – SChannel, Allows Spoofing • “Customers are only affected when the public key component of the certificate used for authentication has been obtained by the attacker through other means.” • MS09-008 – DNS/WINS (WPAD and ISATAP registration), Allows Spoofing

  2. Holes / Patches • Apple 2009-001 • 55 fixes • Some reports of broken Perl • Mac OS X xnu nel memory disclosure • Telent FreeBSD 7.0 • Exploit on milw0rm • Yet another Adobe Reader bug • PoC on milw0rm • …and Flash Player • Gmail CSRF • BlackBerry Activex component • Opera / Winamp / Excel

  3. Hacking • MS ponies up 250K confiker bounty • Air Force claims tool can id “bad” torrents …mean while back at the ranch • Maxwell AFB cuts external connection • MS09-002 exploits seen in the wild • Sourcefire release home brew patched .dll • MS release autorun patch • Rumors of Windows 7 DRM badness • TrapCall service bypasses CallerID blocking • VMWare demos dual OS phone (simultaneous ops)

  4. Games Sega cuts jobs Quake Live Open beta feb 24

  5. Corp. Hell Metasploit to offer services Novell Launches Moonlight (silverlight for linux) Leak of Windows 7 Beta Palm drops PalmOS for WebOS FaceBook changes TOS and changes back Twitter is master of downtime Symantec takes down server after the SQL Injection that did not happen X-Box cuts gay subscriptions Linux Foundation buys linux.com Gmail Outage

  6. Papers "Security Assessment of the Transmission Control Protocol (TCP)“ UK - Centre for the Protection of National Infrastructure Fortify code review of NIST SHA-3 contestants MS Gazelle – secure web browser Summary of Metasploit DDoS

  7. Film / Music 6th season of Futurama Netflix to launch streaming only plan

  8. WTF • Wisconsin download tax • Solar power hits $1 a watt • Diebold logs are crap

  9. Legal • PirateBay in Court • All your RFID are belong to felons • Senate Bill 125 - felony for anyone to possess, read or capture the personally identifying RFID information of others without their consent • Internet Saftey Act of 2009

  10. Updates • Debian 5.0 • PcapParser • Ratproxy 1.5.4 • dragonflybsd 2.2 • D ported to Mac • Safari 4 • OSSEC 2.0 • Qt 4.5

  11. CON Events • BlackHat DC • Kaminsky / DNSSEC • Militarized cyberspace • New XSS • Fun with Facial Biometrics • SSL Strip • CanSecWest (5 days) • Pwn2Own – Laptop and Mobile devices • DefCon CFP

  12. SOURCE Boston, 11 - 13 Mar / Boston MA • http://www.sourceboston.com/ • CarolinaCon 4, 28 - 29 Mar / Chapel Hill NC • http://www.carolinacon.org/ • Notacon 5, 4 - 6 Apr / Cleveland OH • http://www.notacon.org/ • Hack In The Box, 20-23 Apr / Dubai • http://conference.hitb.org/hitbsecconf2009dubai/ • ToorCon Seattle, 18 – 20 Apr / Seattle • http://seattle.toorcon.org/2008/about.php • Trooper 08, 23 – 24 Apr / Munich • http://www.troopers08.org/content/ • Interop, 27 Apr - 2 May / Las Vegas NV • http://www.interop.com/lasvegas/ • Layerone, 17 – 18 May / Pasadena CA • http://layerone.info • DallasCon 2008, TBD / Dallas , TX • http://www.dallascon.com • MS BlueHat Spring 2008, May 2 2008 / Redmond WA • http://www.microsoft.com/technet/security/bluehat/

  13. All images scavenged without permission All images scavenged without permission

More Related