PREVIOUS GNEWS Patch Tuesday 3 Patches 4 Critical

PREVIOUS GNEWS

Patch Tuesday • • 3 Patches – 4 Critical – 53+ CVEs Affected – Kernel, AD, Share. Point, Office, and more • • • • MS 13 -067 - Microsoft Share. Point Server, Remote Code MS 13 -068 - Microsoft Outlook, Remote Code MS 13 -069 - Cumulative Security Update for IE, Remote Code MS 13 -070 - OLE, Remote Code MS 13 -071 - Windows Theme File, Remote Code MS 13 -072 - Microsoft Office, Remote Code MS 13 -073 - Microsoft Excel, Remote Code MS 13 -074 - Microsoft Access, Remote Code MS 13 -075 - Microsoft Office IME (Chinese), Privilege Escalation MS 13 -076 – Kernel Mode Driver, Privilege Escalation MS 13 -077 - Windows Service Control Manager, Privilege Escalation MS 13 -078 - Front. Page, Information Disclosure MS 13 -079 - Active Directory, Do. S

Holes / Patches • Oracle, due out Oct 15 th • Adobe – APSB 13 -21 – Adobe Flash Player – APSB 13 -22 – Adobe Reader and Acrobat – APSB 13 -23 – Adobe Shockwave Player • Apple, – Air. Port Base Station Firmeware 7. 6. 4 • Cisco – – – Web. Ex, ASA, Multiple Unified Communications, Multiple Prime Central, Multiple Social. Miner, Multiple Jabber for Windows Cert Validation

Hacking • Crypto / NSA backdoor? • Johns Hopkins prof forced to remove NSA related Blog • Hoot. Suite accounts hacked

Tools • Tahoe File System • Pulled Pork 0. 7. 0 – Includes ip reputation • Microdunio •

Papers • XKeyscore • http: //resources. infosecinstitute. com/xkeyscore-nsas-surveillance-program/ • Malware Packers and Comms • http: //resources. infosecinstitute. com/from-unpacking-to-communication-analysis • HELIX • http: //resources. infosecinstitute. com/incident-response-and-forensic-martial-arts-with-helix • Windows Communications Foundation • http: //resources. infosecinstitute. com/windows-communication-foundation • email • http: //www. trendmicro. com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-emailcorrelation-and-phishing. pdf

CON Events • DFW BSides

All images scavenged without permission