PREVIOUS GNEWS This is Gary Gnu and the

0 WE DON’T NEED NO STINKING PATCHES! • 4 Patches originally expected – 0

Books • Windows Power. Shell in Action was written – Bruce Payette • The

Holes • Stefan Esser Launches Month Of PHP Bugs – Formerly of Zend now

DATA LOSS • Texas A&M – System hacked, School changes all 96, 000 passwords

Holes II • Cisco Network Analysis Module (patch available) – Spoof SNMP, take over

Games • X-Box Hypervisor Hacked – Allows arbitrary code and alternate OS – Requires

Holes III • Citrix Presentation Server Client (patch available) – Improper handling of ICA

Corp. Hell • Source. Fire IPO hits the markets – Trades start at $15.

Papers • 2 nd (another) Paper on TOR vulnerabilities • OWASP releases testing guide

Film • Die Hard 4: Live Free Or Die – Semi retired alcoholic cop

WTF? ! • Radar. Sync. com – posting Vista drivers not made available by

Updates • • • Nessus Beta 3. 2 Nikto 1. 36 Clam AV 0.

Legal • FBI and MPAA hired to train Swedish Police • Anti-Child Porn Bill

CON • Black. Hat DC – RFID Demo was pulled, – Rehash of Apple

Slides: 16

Download presentation

PREVIOUS GNEWS "This is Gary Gnu. . . and the no gnews is good gnews show. The ONLY tv gnews show guar-an-TEED-- to contain NO gnews what-so-ever. "

0 WE DON’T NEED NO STINKING PATCHES! • 4 Patches originally expected – 0 Security – 4 Non-Security related updates, Malicious Tool Update • 4 Patches, – Reliability update, corrects issue with Stop 0 x 1 a (mem mgt) and Stop 0 x 0 a 5 (IRQL not less or equal) – Patch for Media Format 11 SDK, DRM subscriptions between hardware devices – Junk Mail Filter Update – Malicious Software Removal Tool Update

Books • Windows Power. Shell in Action was written – Bruce Payette • The Oracle Hacker's Handbook: Hacking and Defending Oracle – David Litchfield • Microsoft Vista for IT Security Professionals – Anthony Piltzecker • Kismet Hacking – Brad Haines, Frank Thornton

Holes • Stefan Esser Launches Month Of PHP Bugs – Formerly of Zend now heading the PHP Hardening Project • Day one was a rehash of five (5) known but previously unpatched bugs • Is tossing out the occasional “bonus” bug • 21 total bugs as of March 13 th • 11 released with code, 10 labeled as no code required.

DATA LOSS • Texas A&M – System hacked, School changes all 96, 000 passwords • University of Idaho – Web site post includes 2, 700 employee records • Census Bureau – Web site post 5 x between Oct 2006 and Feb 2007 includes 302 housholds • Speedmark (texas marketing firm) – Stolen laptop with employee and contractor data • Stop and Shop Supermarket (new england) – Card Reader Hack • Kiaser Medical Center (california) – Stolen laptop with 22, 000 patient records

Holes II • Cisco Network Analysis Module (patch available) – Spoof SNMP, take over switch via NAM • Fire. Fox locations. hostname DOM Bypass (patch available) – 10 other fixes, includes password manage, sslv 2 • Apple Patches four (4) more MOAB vulns – Disk image file, user notification center, ichat (x 2) • Apple Security Update release March 13 th – 30 patches, reported to fix 45 holes • Snort Exploit post to milw 0 rm. com (patch available) • Windows Real. Directory. Changes. W information leak – Sub directory access where user has access to parent directory

Games • X-Box Hypervisor Hacked – Allows arbitrary code and alternate OS – Requires Physical Access

Holes III • Citrix Presentation Server Client (patch available) – Improper handling of ICA connection through proxy may allow arbitrary code • Gnu. PG – attacker can add arbitrary content to encrypted and/or signed emails • Ktorrent (patch available) • Google Desktop, allows data theft via javascript • Apache multiple Injection vulnerabilities • Another Office / Word 0 -day

Corp. Hell • Source. Fire IPO hits the markets – Trades start at $15. 45 and spikes to $18. 50 – Originally expected to open between $12 and $14 • Cisco and Apple settle over i. Phone. • Cisco acquires XML vendor Reactivity

Papers • 2 nd (another) Paper on TOR vulnerabilities • OWASP releases testing guide • NIST release new security docs – Email, IDS/IPS, wireless security • Computer Investigation Guide for Windows

Film • Die Hard 4: Live Free Or Die – Semi retired alcoholic cop is throwing it part time for DHS • Star Trek prequeal is set to stun X-mas 2008 – Matt Damon, Adrien Brody and Gary Sinise will play Kirk, Spock, and Scotty, respectively

WTF? ! • Radar. Sync. com – posting Vista drivers not made available by Windows • MS Release list of “official” support Apps for Vista • “Not Sure” added to Windows Genuine Advantage categories • Estonia may be first to allow on-line voting • Konami pulls slots machine after detection of subliminal jackpot image • No MS Security Patches for March.

Updates • • • Nessus Beta 3. 2 Nikto 1. 36 Clam AV 0. 90 WS Fuzzer Ax. Man React. OS 0. 3. 1 Process Monitor v 1. 1 Access. Chk v 3. 0 Fierce Domain Scanner Helios Lite, Rootkit Detection • Future Releases – Longhorn Server might be seen in 2007 – Torment, H. D. Moores’s answer to TOR based (anti-)kiddie porn

Legal • FBI and MPAA hired to train Swedish Police • Anti-Child Porn Bill H. . R 837, Lamar Smith (R-TX) – Calls for requirement of ISPs to be able to track users • Do. D, Drink or Die warez leader charged with copyright infringement • Fair Use Act, Bouche (D-VA) and Doolittle (R-CA) to update the DMCA • DMCA charges against Musilx 64 for the AACS decrypt utility ‘Backup. HDDVD’ • MS vs Iowa Anti-Trust • You. Tube. com identifies users for FOX

CON • Black. Hat DC – RFID Demo was pulled, – Rehash of Apple Wi. Fi Drivers • Future Cons – – – Shmoo. Con, 23 – 25 March 2007 – Washington D. C (sold out) Can. Sec. West, 18 – 20 April 2007 – Vancouver CA Dallas. Con – 11 – 12 May 2007 – Dallas , TX Black. Hat – 28 July thru 2 Aug 2007 – Las Vegas, NV Def. Con – 3 – 5 August 2007 – Las Vegas, NV

All images scavenged without permission