130 likes | 138 Views
Stay updated on the latest security patches and vulnerabilities from Patch Tuesday in September 2017. Includes Windows, Adobe, Android, Apple, and more.
E N D
Patch Tuesday • Sep 2017 – 79 vulnerabilities with 256 unique downloads • Windows 10 and Windows Server 2016 (including Microsoft Edge) / Remote Code • Windows 8.1 and Windows Server 2012 R2 / Remote Code • Windows Server 2012 / Remote Code • Windows RT 8.1 / Remote Code • Windows 7 and Windows Server 2008 R2 / Remote Code • Windows Server 2008 / Remote Code • Microsoft Office-related software / Remote Code • Internet Explorer / Remote Code • Microsoft SharePoint Server, SharePoint Enterprise Server, and SharePoint Foundation / Remote Code • Skype for Business, Microsoft Lync, and Microsoft Live Meeting / Remote Code • Microsoft Exchange Server / Info Disclosure • .NET Framework / Remote Code • Adobe Flash Player / Remote Code • .Net bug • Kernel bug
Holes / Patches • VMWare • VMSA-2017-0014 ( 1 CVE) NSX-V Edge OSPF DoS • Apple • iTunes 12.7 ( ? CVE) • Enclave Firmware Decryption • Juniper • Routers / Switches • Libgd, heap overflow via compressed gd2 data. • AT&T U-verse (Arris Modems) • Multiple Vulns, SSH creds • ARM Chip Sets • Multiple Vulns, BootStomp • Nvidia (Nexus 9), • Oracle • Due 17 Oct 2017 • Adobe • APSB17-25 RoboHelp ( 2 CVE) • APSB17-28 Flash Player ( 2 CVE) • APSB17-30 ColdFusion ( 4 CVE) • Android • 2017-09-01 ( ? CVE) • 2017-09-05 ( ? CVE) • Aerohive • Hive Manager, Privilege Escalation • Siri / Alexa • Dolphin attack
Hacking • Weaponized DNA • 4K apps that record audio and log • row hammer for NAND • Secret chips in repair parts • Ropemaker, Email manipulation vis CSS • 4d quantum encryption tested • S3 buckets host malware • PoC Code for iOS vuln (patched in May) • IME killswitch • wireX takedown • Traffic shaping to "secure" iot data
PayPal acquires Swift • Walmart Scan&Go • Verizon location data • cloudflare daily stormer • Docker for Main Frames • LG, Late WannaCry infection • Philips DoseWise hardcoded Creds • Miami Heat launches mobile only tickets • Uber settles • FB pays out 100K to sec researcher • DJI bug bounty (drones) Corp
PayPal launches CC • bitcoin.com stops european support • Sun is dead • Mil Contractor S3 bucket • TWC S3 • Zombie Cookie, Sue Verizon • equifax breach • Google to distrust "old" Symantec certs Corp
Vancouver dispensary DB leak • TX Drmedicad fraud • Linkedin doesn't like scraping • CIA torture settlement • Delaware Data Breach Law revised • PA bill to invoice activists if arrested • DC judge allows search of activist website • MalwareTechBlog case exempted from "Speedy Trail Act" • Shotspotter goes to the whitehouse/ dumped by SATX • Russia data privacy law revised • First FDA security recall • Govt site hosting malware • SESTA Govt
Nice SOC summary https://www.linkedin.com/pulse/soc-architecture-how-build-run-security-operations-center-harris powershell for vulnerability verification https://www.sans.org/reading-room/whitepapers/leadership/complement-vulnerability-management-program-powershell-37900 NSS Labs Evasion testing https://www.nsslabs.com/index.cfm/blog/analyst-insights/ngfwv7-http-evasion-test-cases-revealed EFF tips for students https://www.eff.org/deeplinks/2017/08/student-privacy-tips-students NIAC Critical Infrastructure Report https://www.dhs.gov/sites/default/files/publications/niac-cyber-study-draft-report-08-15-17-508.pdf https://securityintelligence.com/news/niac-cybersecurity-report-regarding-critical-infrastructure-issued/ FDA Guidance https://www.federalregister.gov/documents/2017/09/06/2017-18815/design-considerations-and-premarket-submission-recommendations-for-interoperable-medical-devices Papers
Thia activist jailed for posting to FB Crotch Charms “SIM swap” -- why is this a thing in the media BK BitCoin FCC redefine broadband Killer sex robots PI Earrings WTF
babadook powershell backdoor UACMe UAC evasion (as root) Apple password cracker SEMU Malware analysis tool FireEye Flare-On Challange reverse engineering competition FIR - IR ticketing GitMiner Tools
Future Cons DerbyCon, Louisville 20-24 Sep Rock Stars of Cybersecurity Technologies, Denver 26 Sep CactusCon, Phoenix 29-30 Sep Root 66, OKC 5 oct Hacker Halted, Atlanta 5-10 Oct Secure World Dallas 18-19 Oct LASCON 2017, Austin 24-27 Oct BSidesDFW, Plano 4 Nov NTXISSACSC5, Plano 10 Nov
DHA @Dallas_Hackers ( 1st Wednesday / Family Karaoke, Dallas ) TX2600 @dallas2600 ( 1st Fri / Wild Turkey 35&WalnutHill, Dallas ) The Lab.MS @TheLab_ms ( 2ndSaturday + random events / TheLab.ms, Plano ) ISSA Fort Worth @ISSAFortWorth ( 2nd Tuesday / location varies ) Hack Ft Worth @Hack_FtW ( 3rd-ish Tuesday / Buffalo West, Fort Worth) OWASP Dallas @OWASPDallas ( 3rdTuesday / location varies ) Crypto Party DFW @CryptoPartyDFW ( 3rd Thursday / TheLab.ms, Plano ) North Texas Cyber Security Group @ntxcsg ( Last Thursday, Jakes, Frisco ) Dallas MakerSpace @dallasmakers ( Random events / Carrollton ) Where
All images scavenged without permission All images scavenged without permission