Upload
revelin-nunan
View
16
Download
1
Tags:
Embed Size (px)
DESCRIPTION
PREVIOUS GNEWS. Patch Tuesday. July - 6 Patches – 2 Critical - 27 CVEs MS14-037 - Cumulative Security Update for IE, Remote Code MS14-038 – Windows Journal, Remote Code MS14-039 – On-Screen Keyboard, Privilege Escalation - PowerPoint PPT Presentation
Citation preview
PREVIOUS GNEWS
• July - 6 Patches – 2 Critical - 27 CVEs
•
• MS14-037 - Cumulative Security Update for IE, Remote Code
• MS14-038 – Windows Journal, Remote Code
• MS14-039 – On-Screen Keyboard, Privilege Escalation
• MS14-040 – Ancillary Function Driver (AFD), Privilege Escalation
• MS14-041 – Direct Show, Privilege Escalation
• MS14-042 – Microsoft Service Bus, DoS
Other updates, MSRT, Defender Definitions, Junk Mail Filter
Patch Tuesday
• Oracle– Due 15th July
• Adobe– APSB14-16 Adobe Flash Player– APSB14-17 Adobe Flash Player
• Apple, – OS X 10.9.4– iOS 7.1.2– Apple TV 6.2– Safari 6.1.5 / 7.0.5
• Cisco– SPA300 and SPA500 IP Phones– IOS IPSec DoS– Intelligent Automation for Cloud– Unified Communications / Webex
Holes / Patches• Rosetta Flash
– APSB14-17
• Cisco VOIP hijack with default SSH key
– CVE-2014-2198
• MS bugs Security Essentials / Forefront - win32k.sys
• CVE-2014-2779
• bitcoin decentralization
• Fun with Nest
• Android Keystore
• MHN – Modern Honey Network
• Mini-er, stealthier, skimmier. Even smaller ATM skimmers found in EU
• LIFX smart light bulb exposes wifi passwords (pre-shared key)
• Lite Zeus (128bit AES)
• Malware targeting energy companies
Hacking
Scada honeypothttps://www.sans.org/reading-room/whitepapers/detection/designing-implementing-honeypot-
scada-network-35252
WireShark http://news.hitb.org/content/malware-targeting-energy-companies-usa-and-europe
IR in MS SQLhttp://news.hitb.org/content/malware-targeting-energy-companies-usa-and-europe
Papers
• TSA non-bootable device rule Govt
• Malwarebytes launches Anti-Exploit
• cloudflare buys cryptoseal
• MS Interflow (information exchange)
Corp
CoreOS
Tools
• Hope X - Jul
• Defcon – Aug
• B-Sides Memphis – Sep 13
Multiple DC214 speakers
• ToorCon – Oct
• B-Sides Houston - Oct
• B-Sides DFW – Nov
Cons
DHA( 1st Wednesday / Allen Wicker Pub, plano )
TX2600( 1st Fri / Wild Turkey 35&WalnutHill, dallas )
(1st Fri / 1418 Coffeehouse, plano)
The Lab.MS( 2nd Monday / Allen Wicker Pub, plano )
Crypto Party( 3rd Thursday / Improving Enterprises, addison )
NAISG( 4th Thursday / CrossPointe Theatre, carrollton )
LockPick DFW( Last Monday / Trinity Hall, dallas )
Dallas MakerSpaceRandom / carrollton
Local
All images scavenged without permission
All images scavenged without permission