PREVIOUS GNEWS Patch Tuesday Sep 2017 79 vulnerabilities
PREVIOUS GNEWS
Patch Tuesday Sep 2017 – 79 vulnerabilities with 256 unique downloads • • • • Windows 10 and Windows Server 2016 (including Microsoft Edge) / Remote Code Windows 8. 1 and Windows Server 2012 R 2 / Remote Code Windows Server 2012 / Remote Code Windows RT 8. 1 / Remote Code Windows 7 and Windows Server 2008 R 2 / Remote Code Windows Server 2008 / Remote Code Microsoft Office-related software / Remote Code Internet Explorer / Remote Code Microsoft Share. Point Server, Share. Point Enterprise Server, and Share. Point Foundation / Remote Code Skype for Business, Microsoft Lync, and Microsoft Live Meeting / Remote Code Microsoft Exchange Server / Info Disclosure. NET Framework / Remote Code Adobe Flash Player / Remote Code . Net bug Kernel bug
Holes / Patches • Oracle • – Due 17 Oct 2017 VMWare – VMSA-2017 -0014 ( 1 CVE) NSX-V Edge OSPF Do. S • Adobe – APSB 17 -25 Robo. Help ( 2 CVE) – APSB 17 -28 Flash Player ( 2 CVE) – APSB 17 -30 Cold. Fusion ( 4 CVE) • Android • – i. Tunes 12. 7 ( ? CVE) – Enclave Firmware Decryption • – 2017 -09 -01 ( ? CVE) – 2017 -09 -05 ( ? CVE) • Aerohive – Hive Manager, Privilege Escalation Apple Juniper – Routers / Switches – Libgd, heap overflow via compressed gd 2 data. • AT&T U-verse (Arris Modems) – Multiple Vulns, SSH creds • Siri / Alexa – Dolphin attack • ARM Chip Sets – Multiple Vulns, Boot. Stomp – Nvidia (Nexus 9),
• Weaponized DNA • 4 K apps that record audio and log • row hammer for NAND • Secret chips in repair parts • Ropemaker, Email manipulation vis CSS • 4 d quantum encryption tested • S 3 buckets host malware • Po. C Code for i. OS vuln (patched in May) • IME killswitch • wire. X takedown • Traffic shaping to "secure" iot data Hacking
• Pay. Pal acquires Swift • Walmart Scan&Go • Verizon location data • cloudflare daily stormer • Docker for Main Frames • LG, Late Wanna. Cry infection • Philips Dose. Wise hardcoded Creds • Miami Heat launches mobile only tickets • Uber settles • FB pays out 100 K to sec researcher • DJI bug bounty (drones) Corp
• Pay. Pal launches CC • bitcoin. com stops european support • Sun is dead • Mil Contractor S 3 bucket • TWC S 3 • Zombie Cookie, Sue Verizon • equifax breach • Google to distrust "old" Symantec certs Corp
• Vancouver dispensary DB leak • TX Dr medicad fraud • Linkedin doesn't like scraping • CIA torture settlement • Delaware Data Breach Law revised • PA bill to invoice activists if arrested • DC judge allows search of activist website • Malware. Tech. Blog case exempted from "Speedy Trail Act" • Shotspotter goes to the whitehouse / dumped by SATX • • Russia data privacy law revised • First FDA security recall • Govt site hosting malware • SESTA Govt
Nice SOC summary https: //www. linkedin. com/pulse/soc-architecture-how-build-run-security-operations-center-harris powershell for vulnerability verification https: //www. sans. org/reading-room/whitepapers/leadership/complement-vulnerability-management-program-powershell -37900 https: //www. nsslabs. com/index. cfm/blog/analyst-insights/ngfwv 7 -http-evasion-test-cases-revealed EFF tips for students https: //www. eff. org/deeplinks/2017/08/student-privacy-tips-students NIAC Critical Infrastructure Report Papers NSS Labs Evasion testing https: //www. dhs. gov/sites/default/files/publications/niac-cyber-study-draft-report-08 -15 -17 -508. pdf https: //securityintelligence. com/news/niac-cybersecurity-report-regarding-critical-infrastructure-issued/ FDA Guidance https: //www. federalregister. gov/documents/2017/09/06/2017 -18815/design-considerations-and-premarket-submissionrecommendations-for-interoperable-medical-devices
Thia activist jailed for posting to FB Crotch Charms “SIM swap” -- why is this a thing in the media BK Bit. Coin FCC redefine broadband Killer sex robots PI Earrings WTF
babadook powershell backdoor UACMe UAC evasion (as root) Apple password cracker SEMU Malware analysis tool Fire. Eye Flare-On Challange reverse engineering competition FIR - IR ticketing Git. Miner Tools
Fu tur Co e ns Derby. Con, Louisville 20 -24 Sep Rock Stars of Cybersecurity Technologies, Denver 26 Sep Cactus. Con, Phoenix 29 -30 Sep Root 66, OKC 5 oct Hacker Halted, Atlanta 5 -10 Oct Secure World Dallas 18 -19 Oct LASCON 2017, Austin 24 -27 Oct BSides. DFW, Plano 4 Nov NTXISSACSC 5, Plano 10 Nov
DHA @Dallas_Hackers ( 1 st Wednesday / Family Karaoke, Dallas ) TX 2600 @dallas 2600 ( 1 st Fri / Wild Turkey 35&Walnut. Hill, Dallas ) The Lab. MS @The. Lab_ms ( 2 nd Saturday + random events / The. Lab. ms, Plano ) ISSA Fort Worth @ISSAFort. Worth ( 2 nd Tuesday / location varies ) Hack Ft Worth @Hack_Ft. W ( 3 rd-ish Tuesday / Buffalo West, Fort Worth) OWASP Dallas @OWASPDallas ( 3 rd Tuesday / location varies ) Crypto Party DFW @Crypto. Party. DFW ( 3 rd Thursday / The. Lab. ms, Plano ) North Texas Cyber Security Group @ntxcsg ( Last Thursday, Jakes, Frisco ) Where Dallas Maker. Space @dallasmakers ( Random events / Carrollton )
All images scavenged without permission
- Slides: 13