180 likes | 194 Views
Stay informed about the latest vulnerabilities and patches released in July, including critical updates for Microsoft Windows, Apple iCloud, Mozilla Firefox, and more. Learn how to protect your systems and stay secure.
E N D
Previous Gnews
Do Not Poke It If It Is Not Yours Do Not Brag About Questionable Activity Do Not Hack The Venue Not Legal Advice Everything Is Theoretical Use At Your Own Risk Not Responsible For Damages Mileage May Vary Trust No One Verify Everything Do Your Own Research Create Your Own Opinion Communicate Share Learn Enjoy
Patch Tuesday • July –78 CVE / 67 KB Articles • Reports of 15 Critical, 2 actively exploited (cve-2019-0880, cve-2019-1132) • Microsoft Windows • Internet Explorer • Microsoft Edge • Microsoft Office and Microsoft Office Services and Web Apps • Azure DevOps • Open Source Software • .NET Framework • Azure • SQL Server • ASP.NET • Visual Studio • Microsoft Exchange Server
Holes / Patches • VMWare • VMSA-2019-0010 ( 2CVE ) Lots of VM Tittles, SACK panic • VMSA-2019-0011 ( 1 CVE ) ESXi, dos in hostd • Apple • iCloud (win) 10.4 ( 25 CVE ) • Airport Base Station 7.8.1 ( 8 CVE ) • Mozilla • FireFox 67.0.3, ce ( 1 CVE ) • Microsoft • RDP (bluekeep) • RDP Lock Screen Bypass (feature) • Win 10 0-day (LPE) • Win 10 1903 Managed Update issues (sccm update) • Oracle • Due 16 Jul2019 • Adobe (skips 31-36, next month fun?) • APSB19-37 Bridge CC, id ( 1 CVE ) • APSB19-38 Experience Manager, id ( 3 CVE ) • APSB19-40 Dreamweaver, pe( 1 CVE ) • Cisco • DNA Center, ab ( 1 CVE ) • Data Center Network Manager, ab ( 2 CVE ) • SD WAN, pe ( 1 CVE ) • Linux • SACK panic, dos ( 3 CVE ) • Juniper • Ya’ll are good
Holes / Patches • MS Android Outlook • Oracle WebLogic • Mac Gatekeeper bypass • EA Games Origin Platform account takeover • IBM Spectrum Protect • Medtronic 508 / Paradigm insulin pumps • BD Infusion pumps • evernote chrome extension • intel NUC firmware • WAGO industrial switches
Nefarious?! DICOM preamble to hide malware HackerOne top 10 OpenPGP/GnuPGP key signing attack GPS spoofing Tesla PoC for outlook vuln CVE-2019-1105 Researchers kinda fix HIV in mice
Eldorado buys Caesar's Elliott Advisors Limited Buys Barnes & Noble Dun & Bradstreet buys Lattice Engines (data platform) QuEST Global buys Dakota Moon (supply chain) Exabeam buys SkyFormation (cloud app security) CloudBees buys Rollout (devops) Keyfactor buys Redtrust (identity management) Saudi Aramco revitalizes IPO project Broadcom bids on Symantec Corp I (buy/sell)
Axon pulls facial recognition from it's body cameras Sysmon v10 now with DNS logging PCI new validation program for software vendors Rapid7 InsightIDR and CyberArk integration HEB opens new tech hub in Austin Securitas partners with Purdue University to create 4 security programs Modis partners with WITI and PLTW FB app 'Study' pays you for sharing data Huawei dumps laptops FB puts the brakes on Graph Philips dumps Hue Hub Slack, data history Corp II (the good…)
evite popped Australian National University popped ASCO stops production dues to ransomware Toyota employee benefits popped UT Health Science Center Houston popped Total Diagnostix II popped Canonical GitHub popped Attunity bad S3, (netflix, TD Bank, Ford and more) Orvibo bad elastic Corp III (the bad…)
Govt EEF ACLU push for unsealing of FB Messenger/DOJ decryption files Protecting Data at the border Act CA to audit use of LP Reader data Somerville Ma bans govt face survillence FDA EPA 3M PFAS exposure Hackback redux Rep. Graves (r-ga), Active Cyber Defense Bill FAA grants waiver for drone use over people Maryland updates breach law Texas updates breach law (now 60 days) New Hampshire installs historical marker at Dartmouth for BASIC US cyber attacks on Iran Illinois to limit use of AI in interviews Oregon passes IoT law
Otherside MI5 data storage in "ungoverned space" Metropolitan police to use azure CERN to drop MS where possible Japan bans drunk droning Potential buyers of the F35 don't like the data being phoned home Canada new drone regs Singapore launches 3rd bug bounty
Running CAs in AWS https://aws.amazon.com/blogs/security/how-to-host-and-manage-an-entire-private-certificate-infrastructure-in-aws/ OPSEC https://publicintelligence.net/jcs-operations-security/ NIST Managing IOT Risk https://www.us-cert.gov/ncas/current-activity/2019/06/26/nist-releases-report-managing-iot-risks Exabeam 2019 State of the SOC Report https://www.exabeam.com/security-operations-center/key-findings-of-the-exabeam-2019-state-of-the-soc-report/ EFF “Gotta Catch 'Em All: Understanding How IMSI-Catchers Exploit Cell Networks” https://www.eff.org/wp/gotta-catch-em-all-understanding-how-imsi-catchers-exploit-cell-networks Papers
WTF hydrogen, what could possibly go wrong Turbo Grafix 16 mini Indian moon mission oldest stoners found in China surgically implanted ram Throw Molotov cocktail, drop usb, go to jail The Curious Case of the Missing Youtube Hacking Videos
indurative (crypto library) https://blog.trailofbits.com/2019/06/17/leaves-of-hash/ pi 4 https://www.raspberrypi.org/blog/raspberry-pi-4-on-sale-now-from-35/ Rasbian 2019-6-24 https://www.raspbian.org/ g dorks for 2019 https://gbhackers.com/latest-google-dorks-list/ Thinkspot https://www.ts.today/ pyLockydecryptor https://www.cybermalveillance.gouv.fr/wp-content/uploads/2019/02/PyLocky_Decryptor_V1_V2.zip GrandCrabdecyrptor https://labs.bitdefender.com/wp-content/uploads/downloads/gandcrab-removal-tool-v1-v4-v5/ Breach Clarity https://www.breachclarity.com/ Tools
Future Cons BSidesLV 6-7 Aug – Las Vegas DefCon 8-11 Aug – Las Vegas DerbyCon 6-8 Sep – Louisville Bsides Houston 7 Sep - Houston RH-ISAC 24-25 Sep – Denver ISSA in Dallas 1-2 Oct CFP - https://app.jiffyevents.com/s/f1kd1d161b8 GrrCon 24-25 Oct – Grand Rapids BSidesDFW Nov CISO recommendations https://www.csoonline.com/article/3155500/the-cso-guide-to-top-security-conferences.html#tk.rss_all
ISSA Fort Worth @ISSAFortWorth ( 2nd Tuesday / location varies ) Hack Ft Worth @Hack_FtW ( 3rd Tuesday / Barrel & Bones, Fort Worth) WOSEC Dallas @WoSECtweets (Varies / Saturday 10ish) DHA @Dallas_Hackers ( 1st Wednesday / Family Karaoke, Dallas ) TX2600 @dallas2600 ( 1st Fri / Wild Turkey 35&WalnutHill, Dallas ) The Lab.MS @TheLab_ms ( 2nd Saturday + random events / TheLab.ms, Plano ) OWASP Dallas @OWASPDallas ( 3rd Tuesday / location varies ) Pwn School Project ( 3rd Wed / Dallas | 4th Mon Denton ) Crypto Party DFW @CryptoPartyDFW ( 3rd Thursday / TheLab.ms, Plano ) North Texas ISSA @ntxissa ( 3rd Thursday / Maggiano’s, Plano ) North Texas Cyber Security Group @ntxcsg ( Last Thursday, Jakes, Frisco ) Dallas MakerSpace @dallasmakers ( Random events / Carrollton ) 0-day All Day @0Dayallday ( Quarterly / GeniusDen, Dallas ) Where
All images scavenged without permission All images scavenged without permission