Upload
gisela-hinton
View
27
Download
0
Embed Size (px)
DESCRIPTION
PREVIOUS GNEWS. Patch Tuesday. 7 Patches – 6 Critical – 35 CVEs Affected – .NET, GDI+, IE, Defender, DirectShow MS13-052 - .NET Framework and Silverlight, Remote Code MS13-053 - Windows Kernel-Mode Drivers, Remote Code MS13-054 - GDI+, Remote Code - PowerPoint PPT Presentation
Citation preview
• 7 Patches – 6 Critical – 35 CVEs
• Affected – .NET, GDI+, IE, Defender, DirectShow
• MS13-052 - .NET Framework and Silverlight, Remote Code
• MS13-053 - Windows Kernel-Mode Drivers, Remote Code
• MS13-054 - GDI+, Remote Code
• MS13-055 - Cumulative Security Update for Internet Explorer
• MS13-056 - Microsoft DirectShow, Remote Code
• MS13-057 - Windows Media Format Runtime, Remote Code
• MS13-058 - Windows Defender, Privilege Escalation
Other updates, MSRT, Defender Definitions, Junk Mail Filter
Patch Tuesday
• Oracle, due out 16 July 2013– 18 June dropped Java patch for 40 CVEs
• Adobe– APSA13-03 - ColdFusion– APSB13-17 - Flash Player – APSB13-18 – Shockwave Player– APSB13-19 – ColdFusion
• Apple,– Security Updates 2013-03 (3 CVEs)– Java
• Cisco– ASA-CX TCP DoS– TelePresence TC / TE, Multiple vulns– ASA NG Fragmented Trafffic DoS– IronPort DoS
Holes / Patches
• ZRTPCPP
• html5 COR
• Phishing targets govt with PRISM theme and a Java RAT
• OpenJailBreak
Hacking
• Google commits to human traffiking• Google to shut down adult blogs with adult ads
• Medical device security (hard coded pws)
• fb blocks tor– unintentional and fixed
• MS enters the bounty market
• NSA to use two man rule
• Facebook snarfs android phone #
• ICANN calls for whois replacement
Corp
• eff prism optout
• eff sues FBI
• Stopwatching.us
• 26 Senators question Clapper via Letter
• texas no warrentless email
• German says no to software patents
Legal
Papers• NIST Revised Mobile Management• http://www.nist.gov/manuscript-publication-search.cfm?pub_id=913427
• OWASP TOP 10• https://www.owasp.org/index.php/Top_10_2013-T10
FireFox PenTesting Extensionshttp://resources.infosecinstitute.com/use-firefox-browser-as-a-penetration-testing-tool-
with-these-add-ons
ConPot – SCADA / ICS Honeypothttp://www.honeynet.org/node/1047
tools