GNEWS PREVIOUSLY Patch Tuesday Feb 13 Patches 6
GNEWS PREVIOUSLY
Patch Tuesday • Feb – 13 Patches – 6 Critical – 36 ish CVEs • • • • MS 16 -009 - Cumulative Security Update for IE, Remote Code MS 16 -011 - Cumulative Security Update for Edge, Remote Code MS 16 -012 - Microsoft Windows PDF Library, Remote Code MS 16 -013 - Windows Journal, Remote Code MS 16 -014 - Microsoft Windows, Remote Code MS 16 -015 - Microsoft Office, Remote Code MS 16 -016 - Web. Dav, Privilege Escalation MS 16 -017 - Remote Desktop Display Driver, Privilege Escalation MS 16 -018 - Windows Kernel-Mode Driver, Privilege Escalation MS 16 -019 -. NET Framework, Do. S MS 16 -020 - Active Directory Federation Services, Do. S MS 16 -021 - NPS Radius Server, Do. S MS 16 -022 - Adobe Flash Player
Holes / Patches • Adobe – 248 fixes • Adobe – APSB 16 -03 Photshop CC and Bridge CC ( 3 CVE) – APSB 16 -04 Flash Player ( 22 CVE) – APSB 16 -05 Experience Manager ( 4 CVE) – APSB 16 -07 Connect ( 3 CVE) • Apple – – i. OS 9. 2. 1 ( 13 CVE) Security Update 2016 -001 ( 9 CVE) Safari 9. 0. 3 ( 6 CVE) tv. OS 9. 1. 1 ( 8 CVE) • VMWare – VMSA-2015 -0009 ( 1 CVE) • deserialization – VMSA-2016 -0001 ( 1 CVE) • guest privilege escalation • Cisco, Aironet hardcoded passwd • Open. SSH, private key leak • Open. SSL, X 9. 42 parameters • linux kernel bug, keyrings reference leak (+Po. C code)
• Last. Pass Phishing Campaign • powershell morse code • AC unit = blackout generator – unencrypted RF cut off “valve” Hacking
• Cryptsy Bitcoin Exchanged robbed 13 K bitcoin (5 mil) • Yahoo pays 10 K for XSS bug • Norse falls off the map • Lenovo really 'shareit' with '12345678' • Java browswe plugin death • Wendys breached • Chase cardless ATMs • HD Moore leaves R 7 • Intel Autheticate in VPro Chips • Fire. Eye buys i. Sight Partners • St. Louis Centene loses unencrypted drives • Xerox to split • Virus. Total adds firmware scanning • IEEE anti-malware support service Corp
• FOIA Reform Bill • FDA Security Guidance • Notice and Stay Down – US copyright safe harbor provision (section 512) • TX License Plate Readers • Canada limits data sharing • DOJ Job applicants posted to twitter • Federal CISO Govt
Dark. Net Intro http: //hubpages. com/technology/A-Beginners-Guide-to-Exploring-the-Darknet Powershell Windump https: //www. sans. org/reading-room/whitepapers/incident/leverage-powershell-create-user-friendlyversion-windump-36642 https: //d 0. awsstatic. com/whitepapers/architecture/AWS_Well-Architected_Framework. pdf Hacking the patent system 2016 https: //www. eff. org/document/hacking-patent-system-2016 Draft Redhat Stig http: //iase. disa. mil/stigs/os/unix-linux/Pages/index. aspx Draft Application Sec STIG http: //iase. disa. mil/stigs/app-security/Pages/app-security. aspx Papers AWS guidance
Imperva says you need state sponsorship to run a tor exit node torflow. uncharted. software rm -rf / all the UEFI WTF !!!
metabrik http: //www. metabrik. org/ automate malware analysis Spider. Mal passive DNS analysis with python passivetotal and maltego zcash untraceable bitcoin alternative SET 7. 0 Tools
Co ns • Can. Sec. West – Vancouver 16 -18 Mar • • B-Sides Austin - 31 -1 Mar-Apr Info. Sec Southwest – Austin 8 -10 Apr • • B-Sides OK – 09 Apr B-Sides Nashville – 16 Apr Thot. Con 0 x 7 – Chicago 5 -6 May B-Sides San Antonio 21 May • Circle City Con – Indianapolis 10 -12 Jun • SANS DFIR Summit – Austin 23 -30 Jun
Def. Con Groups • DC 214 in top 5 for 2015 2016 Contest --> what can you do to make a positive impact on the community With the relaunch of DEF CON Groups we wanted to start a new kind of initiative, but in a recognizable format: we want to bring in the new year with a competition. This is the first competition of its kind. It’s not a black badge competition but it will take a lot of work and determination to succeed - and the rewards are equally sweet. This is a year-long competition for all DEF CON groups, and we expect quality. Here’s the challenge: what can you do to make a positive impact on the community, be it globally, locally, or hacker-globally. What can your DCG do to improve… anything? We’re trying to make something better, not just point out what is broken without providing a solution. To be entered into the competition, submit a link to a 3 - minute (at least!) You. Tube video from your DCG as a whole describing what you’re planning on accomplishing over the year. Don’t just generally describe what you want to do - describe your time schedule, who has
Co ns • Can. Sec. West – Vancouver 16 -18 Mar • • B-Sides Austin - 31 -1 Mar-Apr Info. Sec Southwest – Austin 8 -10 Apr • • B-Sides OK – 09 Apr B-Sides Nashville – 16 Apr Thot. Con 0 x 7 – Chicago 5 -6 May B-Sides San Antonio 21 May • Circle City Con – Indianapolis 10 -12 Jun • SANS DFIR Summit – Austin 23 -30 Jun
DHA ( 1 st Wednesday / Family Karaoke, dallas ) TX 2600 ( 1 st Fri / Wild Turkey 35&Walnut. Hill, dallas ) The Lab. MS ( 2 nd Monday + random events / The. Lab. ms, plano ) OWASP Dallas ( 3 rd Tuesday / location varies ) Crypto Party ( 3 rd Thursday / Improving Enterprises, addison ) NAISG replacement is coming ( 4 th Thursday, Jakes, Frisco ) Dallas Maker. Space ( Random events / carrollton )
All images scavenged without permission
- Slides: 15