1 / 16

GNEWS PREVIOUS

GNEWS PREVIOUS. Patch Tuesday. Apr - 11 Patches – 4 Critical - 26 CVEs MS15-032 - Cumulative Security Update for IE MS15-033 - Office, Remote Code MS15-034 - HTTP.sys, Remote Code MS15-035 - Graphics Component, Remote Code

eharvey
Download Presentation

GNEWS PREVIOUS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. GNEWS PREVIOUS

  2. Patch Tuesday • Apr - 11 Patches – 4 Critical - 26 CVEs • MS15-032 - Cumulative Security Update for IE • MS15-033 - Office, Remote Code • MS15-034 - HTTP.sys, Remote Code • MS15-035 - Graphics Component, Remote Code • MS15-036 -SharePoint Server, Privilege Esclation • MS15-037 -Windows Task Scheduler, Privilege Escalation • MS15-038 -Windows, Privilege Escaltion • MS15-039 -XML Core Services, Security Bypass • MS15-040 -Active Directory Federation Services, Info Disclosure • MS15-041 -.NET Framework, Info Disclosure • MS15-042 -Hyper-V, DoS • Other updates, MSRT, Defender Definitions, Junk Mail Filter

  3. Patch Tuesday • May - 13 Patches – 3 Critical - 48 CVEs • MS15-043 - • MS15-044 - • MS15-045 - • MS15-046 - • MS15-047 - • MS15-048 - • MS15-049 - • MS15-050 - • MS15-051 - • MS15-052 - • MS15-053 - • MS15-054 - • MS15-055 - • Other updates, MSRT, Defender Definitions, Junk Mail Filter Cumulative Security Update for IE Font Drivers, Remote Code Journal, Remote Code Office, Remote Code SharePoint Server, Remote Code .NET Framework, Privilege Escalation Silverlight, Privilege Escalation Service Control Manager, Privilege Escalation Kernel-Mode Drivers, Privilege Escalation Kernel, Security Bypass JScript and VBScript Scripting Engines, Security Bypass Management Console File Format, DoS Schannel, Info Disclosure

  4. oohh Microsoft ?! • Windows “Re-Direct To SMB” issue affects all versions • Patched Tuesday redux 30+ optionals out-of-band • Windows 10 to kill and bury patch tuesday (for non-pro/business versions) • "will also be regularly delivering ongoing Windows innovation in addition to security updates." • Limited 2 month bounty on spartanbrowser, ends 22 June

  5. Holes / Patches • Cisco • Web Security Appliance, Python Parsing issue, Remote Code • FireSIGHT, XSS • NTP, DOS • VMWare • none • Lenovo • System Update, Remote Code • Patched via System Update :) • Oracle • 14 Apr / 98 fixes • Adobe • APSB15-06 Flash Player (13 CVE) • APSB15-09 Flash Player (18 CVE) • APSB15-10 Adobe Reader (7 CVE) • Apple, • Safari 8.06 / 7.1.6 / 6.2.6 (5 CVE) • OSX Server 4.1 (4 CVE) • Xcode 6.3 (1 CVE) • Apple TV 7.2 (gen3+) (39 CVE) • iOS 8.3 (58 CVE) • Security Update 2015-004 (77 CVE)

  6. More Rotten Apples • Apple API to root • RootPipe not really fixed? • Apple Darwin Nuke • “No iOS Zone” Reboot Loop • browser on apple watch • mac keeper? upgrade to 3.4.1 now • apple beats reportedly seeking exclusive contracts • apple bans time apps on watch • Apple HealthKit follow-up • "Apple has put too much onus on developers to provide the right level of security.“ • 1st 24hrs, 11K signup for 1 Standford study • Mac Tweaks for Speed

  7. Hacking • Hospira LifeCare drug pump flaw • 35 sat antena • GoT episodes leak • Clock speeds are lies • Kiosk Break-outs • https://www.trustedsec.com/april-2015/kioskpos-breakout-keys-in-windows/ • wifi via LED, Wi-FO • HSBC mortgage breach • Match.com non-https logon • Genome editing is here • projector fun (InFocus IN3128HD auth bypass) • ebay xss • MySQL SSL strip • Google pass alert • outta my sandbox kid (single core detection) • don't audit me brah (rombertik malware)

  8. Trustwave to be bought by Singtel • Raytheon buys Websense • Ebay / PayPal split • TOR Cloud calls it quits • Intercept Secure Drop Hidden Service • AlienVault Open Threat Exchange 2.0 • product liability protection • DropBox Bounty Program • Return of WikiLeaks submission site - wlupld3ptjvsgwqw.onion • grooveshark.io • better bitcoin? (federated Byzantine agreement) • Surveillance state repeal act • sendgrid breach • HardRock payment breach • Sally popped again • FB video redirect vuln Corp

  9. Govt • McConnell and Burr hope to reauthorize sec.215 • Medicare to remove SSN from card • no-fly reasons now available • congressional hearing on crypto • you gps'ed my skimmer • FBI 3mil "bug" bounty for russian • Innovation Act back on the table, Introduction of PATENT Act • 11th circuit overturns privacy ruling • VA man sues for reader data / LA says we don't have to tell you nee-ner-nee-ner • NSA phone data illegal

  10. PCI Card Production Standard update 1.1 PCI 3.1 update Verizon DBIR Symantec ISTR Payment Jury http://www.slideshare.net/PaymentsInnovationJuryReport/payments-innovation-reportwebfinal-updated200415#14302263978911&fbinitialized Attaking Smart Homes with Software Defined Radio https://www.sans.org/reading-room/whitepapers/threats/software-defined-radio-attack-smart-home-systems-35922 nmap "cheat sheet" http://resources.infosecinstitute.com/nmap-cheat-sheet-5-the-final-view-of-a-ninja-pentester/ Open Smart Grid - Weak Crypto https://eprint.iacr.org/2015/428 https://threatpost.com/weak-homegrown-crypto-dooms-open-smart-grid-protocol/112680 NFTables https://www.sans.org/reading-room/whitepapers/firewalls/nftables-second-language-35937 Papers

  11. hack all the planes Dear Boeing "have you tried turning it off and on again?" https://s3.amazonaws.com/public-inspection.federalregister.gov/2015-10066.pdf RAGE QUIT 3d snowden dirty apple / Bad robot WTF!?

  12. http://explainshell.com/ Interactive shellcode parser Great Cannon Traffic Injection used against github Project Maelstrom public beta bit torrent p2p browser tor browser update, 4.5 TeslaCrypt cracker Emet Wdigest dumping meterpreter / mimikatzk in win 8.1 the dude network mgt USBKill rapid shutdown netflix fido IR Toolkit Splunk app for MHN MS LAPS Local Admin Vault ISWatch Intel resumes chip $9 PC Tools

  13. Cons Past RSA InfoSec Southwest 10 – 12 Apr B-Sides Nashville 11 Apr InnoTech Dallas 16 Apr B-Sides OK 18 Apr B-Sides San Antonio 2 May

  14. Cons Future Google Grants for women at HITB Amsterdam (May) BH/DC teaser, Miller / Valasek to hack car wireless • ThotCon 0x6 14 – 15 May • PenTest Austin (SANS) 18 – 23 May • DefCon 23 6 – 9 Aug • B-Sides DFW TBD

  15. DHA ( 1st Wednesday / Tavern on Main, richardson) TX2600 ( 1st Fri / Wild Turkey 35&WalnutHill, dallas ) (1st Fri / 1418 Coffeehouse, plano) The Lab.MS ( 2nd Monday / varies, plano) Crypto Party ( 3rd Thursday / Improving Enterprises, addison) NAISG ( 4th Thursday / CrossPointe Theatre, carrollton ) LockPick DFW ( Last Monday / looking for new spot, dallas ) Dallas MakerSpace Random / carrollton Local

  16. All images scavenged without permission All images scavenged without permission

More Related