140 likes | 248 Views
PREVIOUS GNEWS. 7 Patches – x bugs addressed Affecting Word, Outlook, Publisher, Jet DB Engine, IE, Windows Other updates, MSRT, Defender Definitions, Junk Mail Filter. 8 Security Patches - 5 Critical, 1 Moderate MS08-030 – Bluetooth Stack - Remote Code Execution
E N D
7 Patches – x bugs addressed • Affecting Word, Outlook, Publisher, Jet DB Engine, IE, Windows • Other updates, MSRT, Defender Definitions, Junk Mail Filter • 8 Security Patches - 5 Critical, 1 Moderate • MS08-030 – Bluetooth Stack - Remote Code Execution • MS08-031 – IE Cumulative Security Update • MS08-032 – ActiveX Kill Bits Cumulative Security Update • MS08-033 – DirectX - Remote Code Execution • MS08-034 – WINS - Elevation of Privilege • MS08-035 – Active Directory - Denial of Service • MS08-036 –Pragmatic General Multicast (PGM) - Denial of Service • re-released MS06-078 and MS07-068 with a detection only change
Holes / Patches • Apple 2008-003 • Apple QuickTime 7.5 • Apple Safari on Windows • Apple iCal • Apple iPhone 2 • snort ip fragment reassembly / ttl evasion • openssl tls vulns, server_name set to 0x00 in handshake • Samba, boundary error in "receive_smb_raw()" • Adobe Flash 9 0-day • OpenOffice, integer overflow in "rtl_allocateMemory()" • Sun Java Active Server Pages, Multiple Vulns
Hacking • Sample Code in RFC 3414 (snmp) contains overflow • rustock.c, russian rootkit, undetected record of 1.5 years • Cisco Router Rootkit? Sebastian Muniz - EuSecWest • New JavaScript engine, Squirrelfish • OSWA – Organizational Wireless System Auditor, Live CD
Corp. Hell L-1 Identity Solutions Inc. to produce RFID Passport Card Todd Davis gets sued Comcast invests in GridNetworks (a P2P start-up) Comcast web and email hacked, Defiant and EBK Dave & Busters, Packet sniifers on PoS terminals Barracuda offers buyout of SourceFire, SF rejects Nvidia enters mobile processor market Tumbleweed bought by Sopra Group (french) Canada charges Facebook with privacy infringement Explosion at ‘The Planet’ houston data center
Papers • Apple Security Guide for OS X 1.5 Leopard • NIST IT Security Configuration Scoring (call for input)
Film / Music • NBC turns on “Broadcast Flag” • Staples to sell $5 flexplay divx DVDs
WTF • UK calls for a total phone usage database • Launch of Google Health • California man makes $50k opening accounts, arrested • TSA ID rule change, refuse id check, get banned
MySpace suicide case, poses rocky precedence Anti-Counterfeiting Trade Agreement, ACTA Pirate-bay Killer? GPLv3 gets more legal attention Proprietary software / patents Legal
Updates • Ulteo Virtual Desktop, Linux virtualization on Windows • blender 2.46, 3d animation • rtpBreak 1.3a, rtp sniffer • xprobe 2 • WebKnight, mod_security for IIS • Nessus 3.2.1, does not work with freebsd 6 • technet opened to community contributions • Snort 2.8.2 • maltego videos • openssl 0.9.8h • kismet 2008-05-R1 • opera 9.5 promises built-in malware protection • Axban, ActiveX Killbit tool
CON Events Completed Cons Layerone, 17 – 18 May / Pasadena CA DallasCon 2008, TBD / Dallas , TX AusCERT 2008, 18 - 23 May / Gold Coast AU EuSecWest, 28 May – London UK
CON Results EuSecWest – Hardware Flashing EuSecWest – Cisco RootKit BlackHat Preview and Webcast
CON Events • Future Cons • HOPE 7, 18 - 20 July / New York NY • USENIX 17th Security Symposium, 28 July - 1 Aug / San Jose CA • REcon 2008, 13 – 15 June / Montreal CA • Black Hat USA, 2 - 7 Aug / Las Vegas NV • DefCon, 8 - 10 August / Las Vegas NV • Chaos Communications Camp, TBD / Berlin
All images scavenged without permission All images scavenged without permission