110 likes | 199 Views
PREVIOUS GNEWS. Patch Tuesday. July - 6 Patches – 2 Critical - 27 CVEs MS14-037 - Cumulative Security Update for IE, Remote Code MS14-038 – Windows Journal, Remote Code MS14-039 – On-Screen Keyboard, Privilege Escalation
E N D
Patch Tuesday • July - 6 Patches – 2 Critical - 27 CVEs • MS14-037- Cumulative Security Update for IE, Remote Code • MS14-038 –Windows Journal, Remote Code • MS14-039 –On-Screen Keyboard, Privilege Escalation • MS14-040 –Ancillary Function Driver (AFD), Privilege Escalation • MS14-041 –Direct Show, Privilege Escalation • MS14-042 –Microsoft Service Bus, DoS • Other updates, MSRT, Defender Definitions, Junk Mail Filter
Holes / Patches • Rosetta Flash • APSB14-17 • Cisco VOIP hijack with default SSH key • CVE-2014-2198 • Oracle • Due 15th July • Adobe • APSB14-16 Adobe Flash Player • APSB14-17 Adobe Flash Player • Apple, • OS X 10.9.4 • iOS 7.1.2 • Apple TV 6.2 • Safari 6.1.5 / 7.0.5 • Cisco • SPA300 and SPA500 IP Phones • IOS IPSecDoS • Intelligent Automation for Cloud • Unified Communications / Webex
Hacking • MS bugs Security Essentials / Forefront - win32k.sys • CVE-2014-2779 • bitcoin decentralization • Fun with Nest • Android Keystore • MHN – Modern Honey Network • Mini-er, stealthier, skimmier. Even smaller ATM skimmers found in EU • LIFX smart light bulb exposes wifi passwords (pre-shared key) • Lite Zeus (128bit AES) • Malware targeting energy companies
Papers Scada honeypot https://www.sans.org/reading-room/whitepapers/detection/designing-implementing-honeypot-scada-network-35252 WireShark http://news.hitb.org/content/malware-targeting-energy-companies-usa-and-europe IR in MS SQL http://news.hitb.org/content/malware-targeting-energy-companies-usa-and-europe
Govt • TSA non-bootable device rule
Corp • Malwarebyteslaunches Anti-Exploit • cloudflarebuys cryptoseal • MS Interflow (information exchange)
Tools CoreOS
Cons • Hope X - Jul • Defcon – Aug • B-Sides Memphis – Sep 13 Multiple DC214 speakers • ToorCon – Oct • B-Sides Houston - Oct • B-Sides DFW – Nov
Local DHA ( 1st Wednesday / Allen Wicker Pub, plano) TX2600 ( 1st Fri / Wild Turkey 35&WalnutHill, dallas ) (1st Fri / 1418 Coffeehouse, plano) The Lab.MS ( 2nd Monday / Allen Wicker Pub, plano) Crypto Party ( 3rd Thursday / Improving Enterprises, addison) NAISG ( 4th Thursday / CrossPointe Theatre, carrollton ) LockPick DFW ( Last Monday / Trinity Hall, dallas ) Dallas MakerSpace Random / carrollton
All images scavenged without permission All images scavenged without permission