70 likes | 193 Views
PREVIOUS GNEWS. Patch Tuesday. 11 Patches – 5 Critical – 24+ CVEs Affected – Exchange, SharePoint, IE, and more MS13-096 - Microsoft Graphics Component, Remote Code MS13-097- Cumulative Security Update for IE MS13-098 – Windows, Remote Code
E N D
Patch Tuesday • 11 Patches – 5 Critical – 24+ CVEs • Affected – Exchange, SharePoint, IE, and more • MS13-096 - Microsoft Graphics Component, Remote Code • MS13-097- Cumulative Security Update for IE • MS13-098 – Windows, Remote Code • MS13-099 - Microsoft Scripting Runtime Object Library, Remote Code • MS13-100 – SharePoint, Remote Code, Remote Code • MS13-101- Windows Kernel-Mode Drivers. Priv escalation • MS13-102- LRPC Client , priv escalation • MS13-103- ASP.NET SignalR , priv escalation • MS13-104 - Microsoft Office, info disclosure • MS13-105- Exchange Server, Remote Code • MS13-106 - Microsoft Office Shared Component • Other updates, MSRT, Defender Definitions, Junk Mail Filter
Holes / Patches • Oracle, • Due in Jan 2014 • Adobe • APSB13-28 – Flash Player • APSB13-29 – Shockwave • Apple, • iOS v 7.0.4 • Cisco • ASA, Multiple Vulns • Cloud Portal, file download vuln • Wireless Lan, Multiple Vulns • IOS, Multiple Vulns
Random • MS releases password tool • Blackhole Exploit Kit author in custody • Darpa Code Review as Games • Internet Blackhole • MS / Europol Trojan.ZeroAccess takedown • Verizon to buy Vodafone
Papers http://resrc.io/list/10/list-of-free-programming-books/
Tools • Bothunter 1.7 http://www.bothunter.net/ • CTF http://blog.ctf365.com/ • OSWASP Mantra https://www.owasp.org/index.php/OWASP_Mantra_-_Security_Framework • Visualiztion http://binwalk.org/3d-data-visualizations/ • Pen Test Tools http://resources.infosecinstitute.com/top-links-tools-compilation-pentesting-forensics-security-hacking • Vuln VPN http://resources.infosecinstitute.com/vulnvpn\
All images scavenged without permission All images scavenged without permission