PREVIOUS GNEWS Patch Tuesday Feb 14 Patches 5
PREVIOUS GNEWS
Patch • Tuesday Feb - 14 Patches – 5 Critical - 45 CVEs • • • • MS 15 -018 - Cumulative Security Update for IE MS 15 -019 - VBScripting, Remote Code MS 15 -020 - Microsoft Windows, Remote Code MS 15 -021 - Adobe Font Driver, Remote Code MS 15 -022 - Microsoft Office, Remote Code MS 15 -023 - Kernel-Mode Driver, Privilege Escalation MS 15 -024 - PNG Processing, Info. Disclosure MS 15 -025 - Windows Kernel, Privilege Escalation MS 15 -026 - Microsoft Exchange Server, Privilege Escalation MS 15 -027 - NETLOGON, Spoofing MS 15 -028 - Windows Task Scheduler, Security Bypass MS 15 -029 - Windows Photo Decoder Component, Info Disclosure MS 15 -030 - Remote Desktop Protocol, Do. S MS 15 -031 - Schannel, Security Bypass (FREAK) Other updates, MSRT, Defender Definitions, Junk Mail Filter
Holes / Patches • Oracle – Due in Apr • Adobe – 0 – All Secure Here • Apple, – i. OS 8. 2 – Apple TV 7. 1 – Security Update 2015 -002 (FREAK) – Xcode 6. 2 • Cisco – – – IOS AAA Auth Bypass IPV 6 Do. S (NCS 600 / CRS-X) ASA challenge/response bypass Tele. Presence Multi-Vuln Web Security Appliance Multi-Vuln • VMWare – 0 – All Secure Here • SAMBA – CVE-2015 -0240, Remote Code • Gnu. PG – Multi-Vuln, Do. S / Remote Code
• True. Crypt Audit • TLS Audit • Netgear router, no auth needed • soho routers share common key • seagate nas • Google Play Store • Mongo DB • Encryption to styme reversing via Translation Lookaside Buffer • RAMNIT takedown • 'The Equation Group' HD firmware hack • partial leak of rig exploit kit • spying via power • All your FB Photo are belong to dev null • samsung voice data still unencrypted Hacking
Hacking • Blu-Ray Power. DVD Java badness • i. Pay, hindered by lax banking authentication • Freak • Row. Hammer
• • Uber lost and found loses data Uber driver data breach • Mozilla to force add-on signing • Apple brings two-step verification to facetime • Lenovo pre-installed MITM adware, Superfish – – Lenovo says NAH, later back peddle like a champ Mozilla pulls Cert • • BUT WAIT THERE IS MORE!!! Priv. Dog / Comodo • FB Threat Exchange • FB Real Name Policy (sister inlaw can't use her name) • MC Security Enhancements – facial and fingerprint (where is this data stored / give what to get what? ) • Google Caves to pressure, relaxing 90 day rule • MS Win 10 and FIDO • Google Wallet looking for revival with Soft. Card • Samsung Acquires Loopay CORP
• Taiga Systems Super – secure phone from russia • Kaymera 360 (blackphone competitor) • Nvidia to remove overclocking block • Fedex and UPS self regulating tool delivery • Twitter reporting update • Paypal acquires Paydiant • HP acquires Aruba • EA ditches SIMS • Google drops the lollipop • Text. Secure is no longer secure text Corp
• GCHQ/NSA Gemalto hack – – Gemalto gives no fuks Gemalto drops findings statement Govt – "Very impressive, Gemalto had no idea of any attacks in 2010, one week ago. Now they know exactly what happened. . . " --Matt Suiche • FAA Drone rules revamp • Net. Neutratily Win • Ecuador Coin • Sting. Rays can disrupt normal services – • http: //www. wired. com/wp-content/uploads/2015/02/Stingray-pen-register-order-and-application. pdf List of National CIRTs – http: //www. secur • DHS 7 day bailout • NZ requesting mandatory passwd disclosure • NSLs cause they are "different" now. (3 yr expire) • we all have jobs, Yay! – • Pentagon hiring hackers Kenya Rocks
win phone forensics https: //www. sans. org/reading-room/whitepapers/forensics/windows-phone-8 -forensic-artifacts-35787 warchalk redux http: //www. wired. com/2015/02/field-guide-internet-infrastructure-hides-plain-sight/ Recon with no permission (not recommended) FB policies Papers http: //resources. infosecinstitute. com/owasp-zap-reconnaissance-without-permission/ https: //www. eff. org/deeplinks/2015/02/new-report-shows-european-data-protection-authorities-aretaking-facebooks http: //www. law. kuleuven. be/icri/en/news/item/icri-cir-advises-belgian-privacy-commission-in-facebook -investigation http: //www. law. kuleuven. be/icri/en/news/item/facebooks-revised-policies-and-terms-v 1 -1. pdf Schneier "Surreptitiously Weakening Cryptographic Systems" https: //www. schneier. com/blog/archives/2015/02/surreptitiously_1. html Air Traffic Control Report http: //www. gao. gov/assets/670/668169. pdf Power. Cat (netcat for Power. Shell) https: //www. sans. org/reading-room/whitepapers/testing/powercat-proof-of-concept-powershell-netcat 35807
WTF!? Burning. Man Tickets Hacked
HTTP/2 approved SET 6. 2 Android Emulation Tools
s n o C t s a P • • Kaspersky Security Analyst Summit Google drops Pwnium contest at con, makes it all year event. • Source Boston CFP
e r u t u n o C F s • • B-Sides Austin 12 – 13 Mar • Can. Sec. West Info. Sec Southwest 10 – 12 Apr • B-Sides Nashville 11 Apr • B-Sides San Antonio ? May • • 18 - 20 Mar Thot. Con 0 x 6 14 – 15 May Pen. Test Austin (SANS) • Def. Con 23 18 – 23 May 6 – 9 Aug
DHA ( 1 st Wednesday / Tavern on Main, richardson ) TX 2600 ( 1 st Fri / Wild Turkey 35&Walnut. Hill, dallas ) (1 st Fri / 1418 Coffeehouse, plano) The Lab. MS ( 2 nd Monday / varies, plano ) Crypto Party ( 3 rd Thursday / Improving Enterprises, addison ) NAISG ( 4 th Thursday / Cross. Pointe Theatre, carrollton ) Lock. Pick DFW ( Last Monday / looking for new spot, dallas ) Local Dallas Maker. Space Random / carrollton
All images scavenged without permission
- Slides: 15